Top 10 AZ-500 interview questions and how to answer them in 2026

The 10 questions

1. What’s the difference between Microsoft Entra ID and Active Directory Domain Services?

Entra ID (the rebrand of Azure AD) is a cloud identity provider that speaks OAuth 2.0, OIDC, and SAML. It authenticates users to SaaS and Azure resources. Active Directory Domain Services (AD DS) is the on-prem directory that speaks Kerberos, NTLM, and LDAP and manages domain-joined Windows machines. Different protocols, different trust models. Most enterprises run both and synchronize via Entra Connect. The candidate who treats Entra ID as “just AD in the cloud” loses the round — Entra ID does not replace AD DS for traditional domain-join workloads, and Entra Domain Services is the separate managed-AD product when you need that.

2. Design a Conditional Access baseline for a 500-person tenant. What do you ship first?

Three policies, in this order: (1) Block legacy authentication across all users — legacy auth (POP, IMAP, basic SMTP) bypasses MFA and is responsible for the majority of credential-spray compromise. (2) Require MFA for all users, with break-glass accounts excluded and stored offline. (3) Require compliant or hybrid Azure AD joined device for admin portal access. Layer Identity Protection risk-based policies on top once you have telemetry. The interviewer wants to hear “legacy auth block first” — candidates who lead with MFA-everywhere skip the cheapest, highest-impact lever.

3. What is Privileged Identity Management (PIM), and how do you scope it?

PIM provides just-in-time, time-bound, approval-gated activation of Entra ID and Azure RBAC roles. Instead of being a permanent Global Administrator, an engineer is eligible for the role and must activate it for a bounded window (often 1–8 hours) with MFA and optionally an approval workflow. Scope: Global Admin always under PIM, plus subscription Owner, User Access Administrator, and Security Administrator. Application-level roles inside individual subscriptions should be PIM-eligible when the blast radius is production data. PIM addresses the standing-privilege risk that drives most high-impact Azure breaches and is the single most-tested governance concept on the exam.

4. A Storage Account holds regulated data. Walk me through customer-managed keys (CMK) versus Microsoft-managed keys (MMK).

MMK is encryption at rest with platform-controlled keys — zero operational overhead, no key custody. CMK uses keys you generate in Azure Key Vault (or Key Vault Managed HSM for FIPS 140-2 Level 3); you can rotate, audit, and revoke the key, which gives you a kill switch that satisfies most regulator audits. Use CMK when contractual or regulatory language requires customer key control (PCI DSS, certain HIPAA BAAs, sovereign workloads). Use MMK when the compliance regime doesn’t demand custody — CMK adds Key Vault availability as a dependency for data-plane operations and an outage there means an outage on your storage.

5. NSG, Azure Firewall, and Application Gateway WAF — which goes where?

NSG (Network Security Group) is a stateful 5-tuple ACL on subnets and NICs — cheap, ubiquitous, layer-3/4. Azure Firewall is a managed stateful L3–L7 firewall with FQDN filtering, TLS inspection, and threat intelligence — sits in a hub VNet and is the egress chokepoint for spoke workloads. Application Gateway WAF is a layer-7 reverse proxy with OWASP rule sets — sits in front of HTTP(S) apps for SQLi/XSS protection. The clean answer hiring managers reward: NSG at the subnet level for baseline, Azure Firewall in the hub for hub-and-spoke east-west and egress, Application Gateway WAF in front of every public web app. They’re complementary, not interchangeable.

6. How do you stop secrets from leaking into pipelines and source code?

Three controls, in priority order. First, managed identities for any Azure resource that needs to authenticate to another Azure resource — no secret material on disk at all. Second, Key Vault references from App Service and Functions configuration, and the AzureKeyVault task from Azure DevOps / GitHub Actions for build-time secrets — never check secrets into pipeline YAML. Third, secret scanning on push and in Defender for DevOps to catch the ones that slip through. Candidates who lead with “rotate secrets quarterly” have already lost — the answer is to remove human-handled secret material, not to rotate it faster.

7. Defender for Cloud secure score just dropped 12 points. What’s your triage?

Open Defender for Cloud → Recommendations, sort by potential score increase, and filter by severity High. Most score drops in 2026 trace to one of three causes: a new subscription was onboarded without baseline policies, a recently created storage account or SQL server disabled encryption or public-access controls, or a managed identity got over-broad RBAC at the subscription scope. Fix the recommendations with the highest resource count first — that’s where the score moves. Open a workbook to bucket the unhealthy resources by owning team so you can route the remediation, then enable the matching Azure Policy initiative so the regression can’t happen the same way twice.

8. Defender for Cloud and Microsoft Sentinel — when do you use which?

Defender for Cloud is a CSPM + CWP product: it scores your posture, generates security recommendations, and runs workload protection (Defender for Servers, SQL, Storage, Containers, Key Vault). Sentinel is a SIEM/SOAR: it ingests logs from anywhere and runs KQL analytics, hunting, and playbooks. They’re complementary. The pattern hiring managers reward: Defender for Cloud streams its alerts into Sentinel via the connector, Sentinel correlates them with non-Microsoft signals (firewall logs, third-party SaaS, on-prem AD) and triggers playbooks. “We just use Defender for Cloud” loses interviews; “Defender for Cloud for posture + workload alerts, Sentinel for correlation and response” wins them.

9. Azure Policy versus Azure Blueprints versus Defender for Cloud recommendations — when does each apply?

Azure Policy enforces or audits resource properties at scale (block public IPs on VMs, require tags, deny unapproved regions). Defender for Cloud recommendations consume policy initiatives and surface non-compliance with a remediation workflow. Azure Blueprints bundled policy + ARM + RBAC into a versioned package — but Microsoft deprecated Blueprints in 2026 and the replacement is Azure Deployment Stacks + policy assignments. Saying “Blueprints for new subscriptions” in 2026 is a tell that you haven’t followed the platform; the right answer is policy initiatives at management-group scope, Deployment Stacks for landing zones, and Defender for Cloud as the dashboard.

10. How much do AZ-500–anchored Azure security roles pay in 2026?

$115,000–$145,000 in US metros for cloud security engineer and Azure security engineer roles requiring AZ-500 plus 2+ years of Azure operations. Senior cloud security architect roles reach $150,000–$185,000. The official Microsoft Learn AZ-500 page lists the current skills measured. BLS reports a 2024 median of $124,910 for information security analysts; AZ-500–anchored postings cluster at and above that median, with a clear premium when paired with AZ-104 or AZ-305.

What these questions test

Every question has a “book answer” and an “operational answer.” Interviewers want the operational one — the version that includes the gotcha (block legacy auth before MFA-everywhere, PIM scoping for Global Admin, managed identities over rotated secrets, Defender for Cloud + Sentinel as a pair, Blueprints deprecated in favor of Deployment Stacks). Passing the AZ-500 proves you can recognize the right blade. Answering these correctly proves you’ve actually run an Azure tenant with regulators, auditors, and a budget watching.

Frequently asked questions