ExamGecko
Search Search Login
Home Home / Microsoft / AZ-500

Microsoft AZ-500 Practice Test - Questions Answers, Page 36

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Simulation LAB Task 1 You need to ensure that connections from the Internet to VNET1\subnet0 are allowed only over TCP port 7777. The solution must use only currently deployed resources.
You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM). A user named User1 is eligible for the Billing administrator role. You need to ensure that the role can only be used for a maximum of two hours. What should you do?
HOTSPOT You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table. You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6. Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure key vault named KeyVault1 that contains the items shown in the following table. In KeyVault1 the following events occur in sequence: • item is deleted. • ltem2 and Policy1 are deleted. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
From Azure Security, you create a custom alert rule. You need to configure which users will receive an email message when the alert is triggered. What should you do?
You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services: • Alibaba Cloud • Amazon Web Services (AWS) • Google Cloud Platform (GCP) What can you add to Defender for Cloud?
SIMULATION You need to ensure that User2-11641655 has all the key permissions for KeyVault11641655. To complete this task, sign in to the Azure portal and modify the Azure resources.
You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all network traffic is routed through VM1. What should you configure?
HOTSPOT You have an Azure key vault. You need to delegate administrative access to the key vault to meet the following requirements: Provide a user named User1 with the ability to set advanced access policies for the key vault. Provide a user named User2 with the ability to add and delete certificates in the key vault. Use the principle of least privilege. What should you use to assign access to each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure subscription that contains the virtual networks shown in the following table. NSG1 and NSG2 both have default rules only. The subscription contains the virtual machines shown in the following table. The subscription contains the web apps shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question 351

Report
Export
Collapse

You have an Azure subscription that uses Microsoft Defender for Cloud. The subscription contains the Azure Policy definitions shown in the following table.

Which definitions can be assigned as a security policy in Defender for Cloud?

A.
Policy1 and Policy2 only
A.
Policy1 and Policy2 only
Answers
B.
Initiative1 and Initiative2 only
B.
Initiative1 and Initiative2 only
Answers
C.
Policy1 and Initiative1 only
C.
Policy1 and Initiative1 only
Answers
D.
Policy2 and Initiative2 only
D.
Policy2 and Initiative2 only
Answers
E.
Policy1, Policy2, Initiative1, and Initiative2
E.
Policy1, Policy2, Initiative1, and Initiative2
Answers
Suggested answer: D

Question 352

Report
Export
Collapse

You have an Azure subscription that uses Microsoft Defender for Cloud.

You need to use Defender for Cloud to review regulatory compliance with the Azure CIS 1.4,0 standard. The solution must minimize administrative effort. What should you do first?

A.
Assign an Azure policy.
A.
Assign an Azure policy.
Answers
B.
Manually add the Azure CIS 1.4.0 standard.
B.
Manually add the Azure CIS 1.4.0 standard.
Answers
C.
Disable one of the Out of the box standards.
C.
Disable one of the Out of the box standards.
Answers
D.
Add a custom initiative.
D.
Add a custom initiative.
Answers
Suggested answer: A

Question 353

Report
Export
Collapse

Your on-premises network contains a Hyper-V virtual machine named VM1. You need to use Azure Arc to onboard VM1 to Microsoft Defender for Cloud. What should you install first?

A.
the Azure Monitor agent
A.
the Azure Monitor agent
Answers
B.
the Azure Connected Machine agent
B.
the Azure Connected Machine agent
Answers
C.
the Log Analytics agent
C.
the Log Analytics agent
Answers
D.
the guest configuration agent
D.
the guest configuration agent
Answers
Suggested answer: B

Question 354

Report
Export
Collapse

You have an Azure subscription. That contains the virtual machines shown in the following table.

You need to enable file integrity monitoring in Microsoft Defender for Cloud. Which computers will support file integrity monitoring?

A.
Computed only
A.
Computed only
Answers
B.
Computer 1 and Computer2 only
B.
Computer 1 and Computer2 only
Answers
C.
Computed and Computed only
C.
Computed and Computed only
Answers
D.
Computer1, Computed, and Computed
D.
Computer1, Computed, and Computed
Answers
Suggested answer: B

Question 355

Report
Export
Collapse

You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud. You have the management group hierarchy shown in the following exhibit.

You create the definitions shown in the following table.

You need to use Defender for Cloud to add a security policy. Which definitions can you use as a security policy?

A.
Policy1 only
A.
Policy1 only
Answers
B.
Policy1 and Initiative1 only
B.
Policy1 and Initiative1 only
Answers
C.
Initiative1 and Initiative2 only
C.
Initiative1 and Initiative2 only
Answers
D.
Initiative1, Initiative2, and Initiatives only
D.
Initiative1, Initiative2, and Initiatives only
Answers
E.
Policy1, Initiative1, Initiative2, and Initiative3
E.
Policy1, Initiative1, Initiative2, and Initiative3
Answers
Suggested answer: B

Question 356

Report
Export
Collapse

You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM).

A user named User1 is eligible for the Billing administrator role.

You need to ensure that the role can only be used for a maximum of two hours.

What should you do?

A.
Create a new access review.
A.
Create a new access review.
Answers
B.
Edit the role assignment settings.
B.
Edit the role assignment settings.
Answers
C.
Update the end date of the user assignment
C.
Update the end date of the user assignment
Answers
D.
Edit the role activation settings.
D.
Edit the role activation settings.
Answers
Suggested answer: B

Question 357

Report
Export
Collapse

You have an Azure subscription that contains the resources shown in the following table.

You need to configure storage1 to regenerate keys automatically every 90 days. Which cmdlet should you run?

A.
set -A=StorageAccount
A.
set -A=StorageAccount
Answers
B.
Add-A:StorogcAccountmanagementPolicyAction
B.
Add-A:StorogcAccountmanagementPolicyAction
Answers
C.
Set-A;StorageAccountimanagementPolicy
C.
Set-A;StorageAccountimanagementPolicy
Answers
D.
Add-AsKeyVaultmanageStorageAccount
D.
Add-AsKeyVaultmanageStorageAccount
Answers
Suggested answer: D

Question 358

Report
Export
Collapse

You have an Azure subscription that contains a web app named Appl. App1 provides users with product images and videos. Users access App1 by using a URL of HTTPS://appl.contoso.com. You deploy two server pools named Pool! and Pool2. Pool1 hosts product images. Pool2 hosts product videos. You need to optimize The performance of Appl. The solution must meet the following requirements:

• Minimize the performance impact of TLS connections on Pool1 and Pool2.

• Route user requests to the server pools based on the requested URL path.

What should you include in the solution?

A.
Azure Traffic Manager
A.
Azure Traffic Manager
Answers
B.
Azure Bastion
B.
Azure Bastion
Answers
C.
Azure Application Gateway
C.
Azure Application Gateway
Answers
D.
Azure Front Door
D.
Azure Front Door
Answers
Suggested answer: C

Question 359

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the following Azure firewall:

• Name: Fw1

• Azure region: UK West

• Private IP address: 10.1.3.4

• Public IP address: 23.236.62.147

The subscription contains. The virtual networks shown in the following table.

The subscription contains the subnets shown in the following table.

The subscription contains the routes shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:

Each correct selection is worth one point.


Question 359
Correct answer: Question 359

Question 360

Report
Export
Collapse

DRAG DROP

You have an Azure subscription.

You plan to create two custom roles named Role1 and Role2.

The custom roles will be used to perform the following tasks:

• Members of Role1 will manage application security groups.

• Members of Role2 will manage Azure Bastion.

You need to add permissions to the custom roles.

Which resource provider should you use for each role? To answer, drag the appropriate resource providers to the correct roles. Each resource provider may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content


Question 360
Correct answer: Question 360
Total 439 questions
Go to page: of 44
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms