Skip to main content

Security relevance of Azure Network Engineer (AZ-700) certification

· 2 min read

I'd recently renewed my Azure Network Engineer certification, and it's good to see how much of the syllabus is still highly relevant from a cloud security angle. From a certain perspective, it's a stepping stone to the Azure Security Engineer certification (AZ-500), and a good check for useful knowledge.

Network Engineer, Security Engineer

While I cannot go into the actual exam or renewal assessment content, the Microsoft Learn resources (AZ-700, AZ-500) and exam study guides (AZ-700, AZ-500) are freely available.

Before even reading them, it's baseline skill that a cloud security practitioner needs to understand networking. In a smaller company there is a good chance that you may need to understand networking better than anyone else as the security function will also manage VPNs and firewalls.

Returning to the certifications' study guides, you'll notice the Security Engineer exam has "Secure networking" weighted at around 25% of the exam.

Network Engineer has "Secure network connectivity to Azure resources" at 15-20%, however, there is a separate "Design and implement private access to Azure services" at 5-10% which also maps to the "Secure networking" item above.

As such, there is substantial overlap, potentially up to 30%.

Additionally, the "Core services" portion of the AZ-700 exam is key Azure networking services that you absolutely need to know, such as VNets and addressing. Similarly, "connectivity services" covers VPNs and related items in great detail, and this is another essential skillset - both section are worth 20-25% each, making up 40-50% in total.

The remaining syllabus (20-25%) is application delivery services, which is all about load balancers of various types - while less directly relevant to security it's still useful.

Counterpoints

As noted, this is a networking certification, and is all about TCP/IP in Azure. If your technical security interest is more with application security or the identity/authorisation plane, the relevance diminishes.

Summary

The Azure Network Security Engineer certification covers a good section of networking and security concepts of relevance to a cloud security engineer, and has a fair overlap with the Security Engineer syllabus. If you have the time and can get the exam discounted, it's probably worth your time.