Monthly Archives: October 2019


How I Passed the AZ-500 Exam

I’ve recently done and passed the Azure Security Engineer Associate AZ-500 Exam. This exam covers a wide range of topics and technologie. Before considering this exam, you should have good knowledge about Azure technology.

I advice you to use the following certification path  :

Azure Certifcations

My advice is first take the AZ-900 and AZ-103 exams before going for the AZ-500 exam. The Azure Security Engineer role was recently added to the list and is the newest exam so far.

Azure Security Engineer Associate

The following pre-requisites are in place :

  • Familiarity with the implementation of security controls on the Microsoft Azure platform
  • In-depth knowledge of virtualization, cloud N-tier architecture, Amazon Kubernetes Service, and networking
  • Ability to recognize and address vulnerabilities using several security tools; implementing security solutions for the protection of networks, applications, and data
  • Expertise in scripting and automation, identity and access management, and maintaining security status

A general understanding of the following areas is highly recommended :

  • Azure Portal
  • AzureCLI
  • Powershell
  • ARM Templates
  • Networking
  • Security Concepts

The following topics and their weight :

Domain % Weight
Manage Identity and Access 20-25%
Implement Platform Protection 35-40%
Manage Security Operations 15-20%
Secure Data and Applications 30-35%

The exam is both in Japanese and English language and costs 164 EUR/USD.

I found the exam relatively easy (for example, I found the AZ-400 exam much harder). I had a couple of cases and one lab containing 11 tasks. Because my mouse didn’t work in the lab environment I was unable to complete all the tasks. (I did score enough to pass although)

I used the following materials :

  • Official MCT material for AZ-500 exam
  • Pluralsight
  • edX
  • Youtube (there’s lot of interesting Azure stuff to be found there)
  • Study Notes found on the internet and combined on vWorld.nl 🙂

This as an addition to real life experience.

 


How to quickly encrypt/decrypt Azure VM disks using the portal

Some time ago Microsoft added the encryption option on the disk pane (Azure IaaS properties). Now you don’t need to use the CLI or Powershell commando’s to decrypt/encrypt your VM disks.

Encryption15102019-001

Just go to the encryption button and the options already speak for themselves. When you already have one disk encrypted and just added an extra disk you can easily use the (keyvault) settings  that are already in place. You can also choose to add an additional keyvault/Key/Version.

Encryption15102019-002

Using this command it’s also very easy to disable disk encryption. Just go to Disks to encrypt and choose None. The encryption will be removed.

Encryption15102019-003

Make sure that your VM must be up and running (and when you encrypt your OS disk your VM might reboot)