Summer Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: wrap60

Microsoft AZ-500 Dumps

Page: 1 / 49
Total 492 questions

Microsoft Azure Security Technologies Questions and Answers

Question 1

You need to perform the planned changes for OU2 and User1.

Which tools should you use? To answer, drag the appropriate tools to the correct resources. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

as

Options:

Question 2

You need to configure support for Azure Sentinel notebooks to meet the technical requirements.

What is the minimum number of Azure container registries and Azure Machine Learning workspaces required?

as

Options:

Question 3

You plan to configure Azure Disk Encryption for VM4. Which key vault can you use to store the encryption key?

Options:

A.

KeyVault1

B.

KeyVault3

C.

KeyVault2

Question 4

From Azure Security Center, you need to deploy SecPol1.

What should you do first?

Options:

A.

Enable Azure Defender.

B.

Create an Azure Management group.

C.

Create an initiative.

D.

Configure continuous export.

Question 5

You plan to implement JIT VM access. Which virtual machines will be supported?

Options:

A.

VM1 and VM3 only

B.

VM1. VM2. VM3, and VM4

C.

VM2, VM3, and VM4 only

D.

VM1 only

Question 6

You need to meet the technical requirements for the finance department users.

Which CAPolicy1 settings should you modify?

Options:

A.

Cloud apps or actions

B.

Conditions

C.

Grant

D.

Session

Question 7

You need to delegate the creation of RG2 and the management of permissions for RG1. Which users can perform each task? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point

as

Options:

Question 8

You implement the planned changes for ASG1 and ASG2.

In which NSGs can you use ASG1. and the network interfaces of which virtual machines can you assign to ASG2?

as

Options:

Question 9

You need to encrypt storage1 to meet the technical requirements. Which key vaults can you use?

Options:

A.

KeyVault1 only

B.

KeyVault2 and KeyVault3 only

C.

KeyVault1 and KeyVault3 only

D.

KeyVault1 KeyVault2 and KeyVault3

Question 10

You need to deploy Microsoft Antimalware to meet the platform protection requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 11

You need to create Role1 to meet the platform protection requirements.

How should you complete the role definition of Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 12

You need to configure WebApp1 to meet the data and application requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Upload a public certificate.

B.

Turn on the HTTPS Only protocol setting.

C.

Set the Minimum TLS Version protocol setting to 1.2.

D.

Change the pricing tier of the App Service plan.

E.

Turn on the Incoming client certificates protocol setting.

Question 13

You need to ensure that you can meet the security operations requirements.

What should you do first?

Options:

A.

Turn on Auto Provisioning in Security Center.

B.

Integrate Security Center and Microsoft Cloud App Security.

C.

Upgrade the pricing tier of Security Center to Standard.

D.

Modify the Security Center workspace configuration.

Question 14

You need to meet the identity and access requirements for Group1.

What should you do?

Options:

A.

Add a membership rule to Group1.

B.

Delete Group1. Create a new group named Group1 that has a membership type of Office 365. Add users and devices to the group.

C.

Modify the membership rule of Group1.

D.

Change the membership type of Group1 to Assigned. Create two groups that have dynamic memberships. Add the new groups to Group1.

Question 15

You need to deploy AKS1 to meet the platform protection requirements.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.

as

Options:

Question 16

You need to ensure that users can access VM0. The solution must meet the platform protection requirements.

What should you do?

Options:

A.

Move VM0 to Subnet1.

B.

On Firewall, configure a network traffic filtering rule.

C.

Assign RT1 to AzureFirewallSubnet.

D.

On Firewall, configure a DNAT rule.

Question 17

You need to configure SQLDB1 to meet the data and application requirements.

Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

as

Options:

Question 18

You need to ensure that the Azure AD application registration and consent configurations meet the identity and access requirements.

What should you use in the Azure portal? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 19

You need to delegate a user to implement the planned change for Defender for Cloud.

The solution must follow the principle of least privilege.

Which user should you choose?

Options:

A.

Admin1

B.

Admin2

C.

Admin3

D.

Admin4

Question 20

You need to implement the planned change for WAF1.

The solution must minimize administrative effort

What should you do?

Options:

A.

Create an Azure policy.

B.

Modify the Azure-managed DRS.

C.

Add a custom rule.

D.

Modify the Bot Manager 1.1 rule set.

Question 21

You need to implement the planned change for SQLdb1.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Create a compliance policy.

B.

Configure Microsoft Entra authentication for SQLServer1.

C.

Create a Conditional Access policy.

D.

Configure a user-assigned managed identity for SQLdb1.

E.

Configure Federated client identity for SQLdb1.

Question 22

You implement the planned changes for the key vaults.

To which key vaults can you restore AKV1 backups?

Options:

A.

AKV4only

B.

AKV3 and AKV4 only

C.

AKV4 and AKV5 only

D.

AKV2, AKV3, and AKV4 only

E.

AKV2, AKV3, AKV4, and AKV5

Question 23

You need to configure the AKS1 and ID1 managed identities to meet the technical requirements. The solution must follow the principle of least privilege.

Which role should you assign to each identity? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 24

You need to recommend an encryption solution for the planned ExpressRoute implementation. The solution must meet the technical requirements.

Which ExpressRoute circuit should you recommend for each type of encryption? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 25

You need to implement the planned change for VM1 to access storage1.

The solution must meet the technical requirements.

What should you do first?

Options:

A.

Configure a system-assigned managed identity on VM1.

B.

Configure federated identity credentials for ID1.

C.

Assign the Storage Blob Data Reader role to storage 1.

D.

Assign ID1 to VM1.

E.

Add a role assignment condition to storage1.

Question 26

You have an Azure subscription and the computers shown in the following table.

as

You need to perform a vulnerability scan of the computers by using Microsoft Defender for Cloud. Which computers can you scan?

Options:

A.

VM1 only

B.

VM1 and VM2 only

C.

Server1 and VMSS1.0 only

D.

VM1, VM2, and Server1 only

E.

VM1, VM2, Server1, and VMSS1.0

Question 27

Your company uses cloud-based resources from the following platforms:

• Azure

• Amazon Web Services (AWS)

• Google Cloud Platform (GCP)

You plan to implement Microsoft Defender for Cloud.

On which platforms can you use Defender for Cloud to protect containers and storage? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 28

You have an Azure subscription that contains the resources shown in the following table.

as

Transparent Data Encryption (TDE) is disabled on SQL1.

You assign polices to the resource groups as shown in the following table.

as

You plan to deploy Azure SQL databases by using an Azure Resource Manager (ARM) template. The databases will be configured as shown in the following table.

NOTE: Each correct selection is worth one point.

as

Options:

Question 29

You have an Azure subscription that contains the virtual networks shown in the following table.

as

The subscription contains the virtual machines shown in the following table.

as

On NIC1, you configure an application security group named ASG1.

On which other network interfaces can you configure ASG1?

Options:

A.

NIC2 only

B.

NIC2, NIC3, NIC4, and NIC5

C.

NIC2 and NIC3 only

D.

NIC2, NIC3, and NIC4 only

Question 30

You have a Microsoft Entra tenant that contains a user named User1.

You have an app registration named App1.

For App1, you create an app role named Role1.

You need to assign User1 to Role1.

What should you use in the Azure portal?

Options:

A.

Roles and administrators for App1 from Enterprise applications

B.

App roles for App1 from App registrations

C.

Users and groups for App1 from Enterprise applications

D.

API permissions for App1 from App registrations

E.

Roles and administrators from the Microsoft Entra admin center

Question 31

: 2 HOTSPOT

Which virtual networks in Sub1 can User2 modify and delete in their current state? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 32

You assign User8 the Owner role for RG4, RG5, and RG6.

In which resource groups can User8 create virtual networks and NSGs? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 33

You are evaluating the security of VM1, VM2, and VM3 in Sub2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

as

Options:

Question 34

You are evaluating the security of the network communication between the virtual machines in Sub2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

as

Options:

Question 35

What is the membership of Group1 and Group2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

as

Options:

Question 36

You need to meet the technical requirements for VNetwork1.

What should you do first?

Options:

A.

Create a new subnet on VNetwork1.

B.

Remove the NSGs from Subnet11 and Subnet13.

C.

Associate an NSG to Subnet12.

D.

Configure DDoS protection for VNetwork1.

Question 37

You are evaluating the effect of the application security groups on the network communication between the virtual machines in Sub2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

as

Options:

Question 38

You need to ensure that User2 can implement PIM.

What should you do first?

Options:

A.

Assign User2 the Global administrator role.

B.

Configure authentication methods for contoso.com.

C.

Configure the identity secure score for contoso.com.

D.

Enable multi-factor authentication (MFA) for User2.

Page: 1 / 49
Total 492 questions