ExamGecko
Search Search Login
Home Home / Microsoft / AZ-500

Microsoft AZ-500 Practice Test - Questions Answers, Page 35

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Simulation LAB Task 1 You need to ensure that connections from the Internet to VNET1\subnet0 are allowed only over TCP port 7777. The solution must use only currently deployed resources.
You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM). A user named User1 is eligible for the Billing administrator role. You need to ensure that the role can only be used for a maximum of two hours. What should you do?
HOTSPOT You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table. You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6. Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure key vault named KeyVault1 that contains the items shown in the following table. In KeyVault1 the following events occur in sequence: • item is deleted. • ltem2 and Policy1 are deleted. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
From Azure Security, you create a custom alert rule. You need to configure which users will receive an email message when the alert is triggered. What should you do?
You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services: • Alibaba Cloud • Amazon Web Services (AWS) • Google Cloud Platform (GCP) What can you add to Defender for Cloud?
You have an Azure subscription that uses Microsoft Defender for Cloud. You have an Amazon Web Services (AWS) account. You need to ensure that when you deploy a new AWS Elastic Compute Cloud (EC2) instance, the Microsoft Defender for Servers agent installs automatically. What should you configure first?
SIMULATION You need to ensure that User2-11641655 has all the key permissions for KeyVault11641655. To complete this task, sign in to the Azure portal and modify the Azure resources.
You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all network traffic is routed through VM1. What should you configure?
HOTSPOT You have an Azure key vault. You need to delegate administrative access to the key vault to meet the following requirements: Provide a user named User1 with the ability to set advanced access policies for the key vault. Provide a user named User2 with the ability to add and delete certificates in the key vault. Use the principle of least privilege. What should you use to assign access to each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 341

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the resources shown in the following table.

SQL1 has the following configurations:

• Auditing: Enabled

• Audit log destination: storage1, Workspace1

DB1 has the following configurations:

• Auditing: Enabled

• Audit log destination: storage2

DB2 has auditing disabled.

Where are the audit logs for DB1 and DB2 stored? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.


Question 341
Correct answer: Question 341

Question 342

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the virtual machines shown in the following table.

Subnet1 and Subnet2 have a network security group {NSG). The NSG has an outbound rule that has the following configurations:

• Port; Any

• Source: Any

• Priority: 100

• Action: Deny

• Protocol: Any

• Destination: Storage

The subscription contains a storage account named storage1.

You create a private endpoint named Private1 that has the following settings:

• Resource type: Microsoft.Storage/storageAccounts

• Resource: storage1

• Target sub-resource: blob

• Virtual network: VNet1

• Subnet: Subnet1

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 342
Correct answer: Question 342

Question 343

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the resources shown in the following table.

VNet1 contains the subnets shown in the following table.

You plan to use the Azure portal to deploy an Azure firewall named AzFW1 to VNet1.

Which resource group and subnet can you use to deploy AzFW1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 343
Correct answer: Question 343

Question 344

Report
Export
Collapse

DRAG DROP

You have an Azure subscription that contains an Azure web app named Appl.

You plan to configure a Conditional Access policy for App1. The solution must meet the following requirements:

• Only allow access to App1 from Windows devices.

• Only allow devices that are marked as compliant to access App1.

Which Conditional Access policy settings should you configure? To answer, drag the appropriate settings to the correct requirements. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Question 344
Correct answer: Question 344

Question 345

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that is linked to an Azure AD tenant and contains the virtual machines shown in the following table.

The subnets of the virtual networks have the service endpoints shown in the following table.

You create the resources shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:

Each correct selection is worth one point.


Question 345
Correct answer: Question 345

Question 346

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains a user named User1 and a storage account named storage1. The storage1 account contains the resources shown in the following table.

In storage1, you create a shared access signature (SAS) named SAS1 as shown in the following exhibit.

To which resources can User! write on July 1, 2022 by using SAS1 and key 1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 346
Correct answer: Question 346

Question 347

Report
Export
Collapse

HOTSPOT

On Monday, you configure an email notification in Microsoft Defender for Cloud to notify user1 @contoso.com about alerts that have a severity level of Low, Medium, or High. On Tuesday, Microsoft Defender for Cloud generates the security alerts shown in the following table.

How many email notifications will user1 @contoso.com receive on Tuesday? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Question 347
Correct answer: Question 347

Question 348

Report
Export
Collapse

You have an Azure subscription and the computers shown in the following table.

You need to perform a vulnerability scan of the computers by using Microsoft Defender for Cloud.

Which computers can you scan?

A.
VM1 only
A.
VM1 only
Answers
B.
VM1 and VM2 only
B.
VM1 and VM2 only
Answers
C.
Server1 and VMSS1.0 only
C.
Server1 and VMSS1.0 only
Answers
D.
VM1, VM2, and Server1 only
D.
VM1, VM2, and Server1 only
Answers
E.
VM1, VM2, Server1, and VMSS1.0
E.
VM1, VM2, Server1, and VMSS1.0
Answers
Suggested answer: A

Question 349

Report
Export
Collapse

HOTSPOT

You have an Azure Subscription that is linked to an Azure Active Directory (Azure AD). The tenant contains the users shown in the following table.

You have an Azure key vault named Vault1 that has Purge protection set to Disabled. Vault1 contains the access policies shown in the following table.

You create role assignments for Vault1 as shown in the following table.

For each of the following statements, Yes if the statement is true, Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 349
Correct answer: Question 349

Question 350

Report
Export
Collapse

You have an Azure subscription that contains a Microsoft Defender External Attack Surface

Management (Defender EASM) resource named EASM1. EASM1 has discovery enabled and contains several inventory assets. You need to identify which inventory assets are vulnerable to the most critical web app security risks. Which Defender EASM dashboard should you use?

A.
Attack Surface Summary
A.
Attack Surface Summary
Answers
B.
GDPRCompliance
B.
GDPRCompliance
Answers
C.
Security Posture
C.
Security Posture
Answers
D.
OWASPToplO
D.
OWASPToplO
Answers
Suggested answer: D
Total 439 questions
Go to page: of 44
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms