Beta exam: SC-500 is in beta as of May 2026. The first 300 candidates get 80% off with promo code VistaSC500 (valid until June 8, 2026). The exam goes live in July 2026.
Overview
SC-500 — Implementing End-to-End Security Controls for Cloud and AI Workloads — is a new Associate-level Microsoft certification for security engineers who protect cloud and hybrid environments. It spans identity, network, storage, compute, and AI security, making it the broadest security Associate certification Microsoft has released to date.
Unlike SC-200 (Sentinel/Defender operations) or SC-300 (identity administration), SC-500 targets engineers who implement security controls — writing policy, configuring firewalls, securing APIs, and protecting AI workloads in production. If you work on a platform or security team and your job is to make things secure rather than just monitor them, this is your exam.
Exam Details
| Detail | Information |
|---|---|
| Exam code | SC-500 |
| Certification | Microsoft Certified: Cloud and AI Security Engineer Associate |
| Level | Associate |
| Passing score | 700 / 1000 |
| Duration | ~100 minutes |
| Cost | $165 USD |
| Beta status | Beta now; GA July 2026 |
| Languages | English (beta); more at GA |
| Study guide | Microsoft Learn |
Target Role
The exam targets engineers who implement security controls across an organization's cloud and hybrid environment. You should be comfortable with:
- Microsoft Entra ID — PIM, Conditional Access, managed identities
- Azure networking — NSGs, Azure Firewall, Private Endpoints
- Azure storage, SQL, and Key Vault security configurations
- Compute security — VMs, containers, AKS, serverless platforms
- AI workload security — Foundry agents, Copilot Studio, Defender for AI
- Security monitoring — Defender for Cloud, Sentinel, Security Copilot
Skill Domains
Domain 1: Identity, Access, and Governance (20–25%)
Securing access starts with Microsoft Entra ID. This domain covers implementing PIM for just-in-time privileged access, designing Conditional Access policies, configuring managed identities for Azure resources, and protecting secrets in Key Vault. Governance layers in through Azure Policy and RBAC — including evaluating and fixing over-privileged access.
Key topics: PIM activation workflows, Conditional Access named locations and sign-in risk, app registrations vs. enterprise apps, OAuth 2.0 consent settings, Key Vault access policies vs. RBAC, Defender for Key Vault, Azure Policy built-in vs. custom definitions, resource locks.
Domain 2: Storage, Databases, and Networking (25–30%)
The highest-weighted domain. Storage security covers firewall rules, Defender for Storage threat protection, and SAS token hygiene. Database security focuses on Azure SQL platform configs, auditing, and Defender for Databases. Network security is comprehensive: NSGs, ASGs, Azure Firewall, Private Endpoints, Private Link, Virtual WAN, VPN security, and Microsoft Entra Private Access.
Key topics: Azure Storage firewall vs. private endpoints, shared access signatures, always-encrypted in SQL, SQL Managed Instance networking, NSG effective rules vs. planned rules, Azure Firewall policies, private DNS zones for private endpoints.
Domain 3: Secure Compute (20–25%)
The most forward-looking domain — it includes a full sub-section on AI security, covering Foundry agents, Copilot Studio, Entra Agent ID, and the Defender for AI workload protection feature. Beyond AI, this domain covers VM security (JIT, Bastion, disk encryption, secure boot), hybrid server onboarding with Azure Arc, and container/app platform security (AKS, ACR, Container Apps, App Service, WAF, API Management).
Key topics: Defender for Servers plans, agentless scanning, JIT access policy, Azure Bastion SKUs, AKS security best practices, Defender for Containers, AI Gateway in APIM, real-time protection for Copilot Studio agents.
Domain 4: Security Posture and Monitoring (20–25%)
Defender for Cloud is the primary tool here — CSPM risk prioritization, regulatory compliance dashboards, workload protection plans, and connecting AWS and GCP environments. Microsoft Sentinel covers workspace setup, RBAC, Content Hub, data connectors, custom log tables, automation rules, and playbooks. Security Copilot rounds out the domain with workspace configuration and plugin management.
Key topics: Defender CSPM vs. Foundational CSPM, Defender for Cloud plans, Sentinel workspace design, DCR-based log collection, Logic Apps playbooks triggered by analytics rules, Security Copilot compute units and SCU capacity.
Part 7: Defender XDR, Microsoft Purview, and Zero Trust
Expands beyond the four exam domains into the detection and protection ecosystem that ties them together. Defender XDR provides unified incident investigation across the Microsoft security stack — correlating alerts from Microsoft Defender for Endpoint (MDE), Defender for Identity (MDI), Defender for Office 365 (MDO), and Defender for Cloud Apps (MDCA) into a single incident queue. Microsoft Purview covers Data Loss Prevention policy design, sensitivity labels, and information protection across Microsoft 365 and Azure. The Zero Trust architecture framework and maturity model give the conceptual scaffolding that underpins every SC-500 control. Microsoft Defender Threat Intelligence (MDTI) closes the loop with adversary-level context for investigations.
Key topics: Defender XDR unified incident investigation, workload-specific Defender products (MDE, MDI, MDO, MDCA), Purview DLP policy modes (simulate, block, override), sensitivity label auto-classification, Zero Trust principles and maturity model levels, MDTI threat actor profiles and indicator pivoting.
Part 8: Advanced Threat Hunting and Forensics
Covers the proactive and reactive ends of the security engineering lifecycle. Advanced KQL hunting techniques go beyond basic queries — joins across multiple tables, time-series analysis, and user and entity behavior analytics (UEBA) patterns. Watchlists and Jupyter notebooks extend hunting workflows in Microsoft Sentinel. Ransomware-specific incident response walks through containment, eradication, and recovery playbooks. Digital forensics on Azure covers disk snapshot acquisition, chain-of-custody procedures, and live response with Microsoft Defender for Endpoint. The part closes with breach notification obligations under GDPR and NIS2, including timeline requirements and supervisory authority reporting.
Key topics: KQL joins (inner, left outer, union), time-series anomaly detection, Sentinel watchlists for threat intelligence enrichment, Jupyter notebooks with MSTICPy, ransomware containment and recovery sequencing, Azure disk snapshot forensics, live response file collection, GDPR 72-hour breach notification, NIS2 incident reporting thresholds.
How to Study
SC-500 is heavily practical. The exam will ask you to choose the right service, configuration, or policy for a given scenario. Reading documentation alone isn't enough — you need hands-on time in the Azure portal and CLI.
- Start with the official study guide on Microsoft Learn — every bullet is an exam objective.
- Use a test subscription to configure each feature at least once. The exam tests whether you've actually done things, not just read about them.
- Focus on "which service does X?" questions. You need to know Azure Firewall vs. NSG vs. WAF, Defender for Servers Plan 1 vs. Plan 2, PIM vs. Conditional Access, etc.
- Microsoft Learn training paths for SC-200, SC-300, and AZ-500 all overlap with SC-500 content. If you have those certs, review the deltas.
- AI security is new territory — prioritize the Foundry, Copilot Studio, and Defender for AI sections since there are fewer existing study resources for those topics.
Related Certifications
| Cert | Focus | Relationship |
|---|---|---|
| SC-200 | Security Operations / Sentinel | Overlaps on Sentinel and Defender for Cloud |
| SC-300 | Identity administration | Overlaps on Entra ID, PIM, Conditional Access |
| AZ-500 | Azure security technologies | Heavy overlap — Key Vault, NSGs, Defender for Cloud |
| SC-100 | Security architecture (Expert) | SC-500 as a stepping stone toward SC-100 |