I am working on two new security certifications for my new year’s resolution. My specialties include security, identity, access management, and networking with a focus on hybrid and multi-cloud. For the first quarter, I plan to prepare for and take the MS-500 (Microsoft 365 Security Administration) and the AZ-500 (Microsoft Azure Security Technologies) certifications. I am also considering the MS-100 (Microsoft 365 Identity and Services) and MS-101 (Microsoft 365 Mobility and Security) certifications. I already have several security certifications listed on my website.
I began this journey on December 1, 2019, and I have already passed three Pluralsight Skill IQ assessment exams at the expert level. I am not happy with my scores, which are in the low 200s, so I am digging much deeper into both Microsoft and Azure products and security. I do not believe in just certifying. I want to know the material well and then certify.
Today, knowing just one cloud well is not enough. Knowing security for only one set of products or services is not enough either. You really need solid knowledge and experience across product and vendor boundaries. The top three cloud vendors are AWS, Azure and Google Cloud. I work with all three every day and occasionally with Alibaba Cloud and IBM Cloud.
If you are also interested in certifying, follow along as I write articles on Office 365 and Azure security.
Why certify with Office 365 and Azure at the same time?
I have a large amount of experience with both Office 365 and Azure – more than 10 years. Before Office 365, I worked extensively with Microsoft Exchange Server.
I feel that Office 365 is an entire cloud to itself. Office 365 is popular for email and office applications. A fair percentage of security problems and breaches occur by end-users. You cannot be a security expert unless you can manage security in the cloud, in the enterprise and with desktops and mobile devices.
There is a fair amount of security overlap between Office 365 and Azure. For example, Azure Active Directory is used for user management in Office 365. When you study advanced security services such as Identity Protection and Advanced Threat Protection, there is even more overlap. I feel that I need a solid level of security knowledge of both Office 365 and Azure.
What is the biggest challenge to certifying?
Not enough practice with some features. Although I have been working with Office 365 and Azure for more than 10 years, I have not used some of the more important and advanced features. This is a budget issue with my customers. An Enterprise E5 license is around $35.00 per user, which is three times higher than most customers want to pay. The Office 365 Developer Program solves that problem with a 90-day evaluation license. Now I can study and practice with each advanced feature. This includes practicing as an administrator and as a developer. I will tear apart each feature which will take some time – maybe two more months.
- Setup a Microsoft Learn account. This resource provides excellent training and practice labs for Office 365 and Azure.
- Register a new domain name. Freenom offers free domain names. Pick something that is available. The actual domain name is not important as you will only be using the domain name to practice with.
- Join the Office 365 Developer Program. This provides an Office 365 Enterprise E5 license for 25 users. This is the most feature-complete of the Office 365 licenses. Create a global administrator with email at your new domain name. Then use that email address for the next step.
- Set up a new Microsoft Azure account using the Office 365 Developer Program email address. The E5 license enables Active Directory Premium P2 which you will need for the advanced Azure security services. This links Azure and Office 365 together.
- Sign up at Pluralsight and select courses on Microsoft Azure and Office 365. The selection is very large. Watch a course section, practice with those features, review your knowledge and repeat.
If you would like an assessment of your Azure security skills and weaknesses, take the Pluralsight Microsoft Azure Security Engineer roleIQ tests. Microsoft and Pluralsight created this Role IQ and it examines four big areas of Azure security. Pluralsight Role IQ exams are free.
- Configuring Identity and Access in Microsoft Azure
- Enabling Platform Protection in Microsoft Azure
- Managing Security Operations in Microsoft Azure
- Securing Data and Applications in Microsoft Azure
Microsoft Azure Security Engineer Role IQ
What is Role IQ and how does it work?
Role IQ quantifies your technical proficiency in a specific role. By measuring your knowledge in relevant skills, Role IQ tells you what level you’re at and shows you what skills you need to work on to build your expertise.
- Microsoft Learn
- Office 365 Developer Program
- Microsoft Azure
- Azure Active Directory Pricing
- Office 365 Plans and Pricing
I design software for enterprise-class systems and data centers. My background is 30+ years in storage (SCSI, FC, iSCSI, disk arrays, imaging) virtualization. 20+ years in identity, security, and forensics.
For the past 14+ years, I have been working in the cloud (AWS, Azure, Google, Alibaba, IBM, Oracle) designing hybrid and multi-cloud software solutions. I am an MVP/GDE with several.