Microsoft AZ-500 Practice Test - Questions Answers, Page 46

HOTSPOT

You have two Azure subscriptions named Sub1 and Sub2 that contain the virtual networks shown in the following table.

You have an Azure Virtual Network Manager instance that has the following settings:

* Name: NetMgr1

* Region: East US

* Features: Connectivity

* Management scope: Sub1

For NetMgr1, you create the target network groups shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE; Each correct selection is worth one point.

HOTSPOT

You have an Azure subscription that is linked to a Microsoft Entra tenant. The tenant uses Microsoft Entra ID Protection.

You have 2,000 users that are each assigned a Microsoft Entra ID P2 license.

You plan to use Azure Monitor to generate an alert when a workload identity that is using leaked credentials is detected.

You need to configure the Diagnostic setting to support the planned alert. The solution must minimize administrative effort.

Which log category should you collect, and to

which destination should you send the logs? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

HOTSPOT

You have an Azure App Service web app named App1 as shown in the following exhibit.

Subnet 2 contains a virtual machine named VM1.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic

NOTE: Each correct selection is worth one point.

Answer:

You have an Azure subscription that contains an Azure App Services web app named WebApp1. WebApp1 is accessed by users in multiple Azure regions.

You need to secure access to WebApp1. The solution must meet the following requirements:

* Protect against common web vulnerabilities.

* Optimize the routing of traffic from different regions.

What should you use?

You have an Azure subscription that contains a key vault and an Azure SQL server.

You need to deploy an Azure SQL database that uses Transparent Data Encryption (TDE) and a customer-managed key.

What should you create before you deploy the database?

You have an Azure subscription.

You plan to create a workflow automation in Microsoft Defender for Cloud that will automatically remediate a security vulnerability.

What should you create first?

HOTSPOT

You have a Microsoft Entra tenant named contoso.com that contains the users shown in the following table.

You add enterprise applications to contoso.com as shown in the following table.

You need to Identify which users can grant admin consent for App1 and App2.

HOTSPOT

You have an Azure key vault named sk2311 configured as shown in the following exhibit.

Sk2311 contains the items shown in the following table.

In sk2311, the following events occur in sequence:

* Item1 is deleted.

* Item2 and Policy1 ate deleted.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have an Azure subscription.

You plan to use Microsoft Defender for Cloud to provide AI security posture management capabilities.

You need to recommend a Defender for Cloud plan that supports the deployment requirements. The solution must minimize costs.

What should you recommend?