diff --git a/AZ-500-Teaching-Punchlist.md b/AZ-500-Teaching-Punchlist.md
new file mode 100644
index 0000000..cfa531a
--- /dev/null
+++ b/AZ-500-Teaching-Punchlist.md
@@ -0,0 +1,34 @@
+# AZ-500 Teaching Punchlist
+
+## Segment 1: Identity and Access (10 AM - 11 AM)
+- **Manage Entra Identities**
+  - Users, groups, external identities
+  - Entra ID Protection: MFA, passwordless, Conditional Access
+  - Single sign-on (SSO), OAuth, and app registrations
+  - Privileged Identity Management (PIM), custom roles, and permissions
+
+## Segment 2: Secure Storage (11 AM - 12 PM)
+- **Plan and Implement Storage Security**
+  - Access control: Azure Blob, File, Table, Queue
+  - Protect data: soft delete, versioning, immutable storage
+  - Encryption: BYOK, double encryption, TDE (databases)
+  - Auditing and compliance: Purview and dynamic masking
+
+## Segment 3: Secure Compute (12 PM - 1 PM)
+- **Plan and Implement Compute Security**
+  - Azure Bastion, Just-in-Time (JIT) VM access
+  - AKS security: network isolation, monitoring, and authentication
+  - Disk encryption: ADE, encryption at host, confidential disk encryption
+
+## Segment 4: Monitoring and Security Operations (1 PM - 2 PM)
+- **Monitor and Secure Operations**
+  - Microsoft Defender: Secure Score, compliance, and threat protection
+  - Azure Key Vault: manage secrets, certificates, and keys
+  - Azure Monitor: configure and evaluate alerts
+  - Microsoft Sentinel: analytics, incidents, and automation
+
+## Segment 5: Wrap-up and Q&A (2 PM - 3 PM)
+- **Q&A and Additional Topics**
+  - Recap of key topics: identity, storage, compute, and monitoring
+  - Answer audience questions
+  - Explore real-world use cases and advanced scenarios