ExamGecko
Search Search Login
Home Home / Microsoft / AZ-500

Microsoft AZ-500 Practice Test - Questions Answers, Page 7

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Simulation LAB Task 1 You need to ensure that connections from the Internet to VNET1\subnet0 are allowed only over TCP port 7777. The solution must use only currently deployed resources.
You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM). A user named User1 is eligible for the Billing administrator role. You need to ensure that the role can only be used for a maximum of two hours. What should you do?
HOTSPOT You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table. You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6. Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure key vault named KeyVault1 that contains the items shown in the following table. In KeyVault1 the following events occur in sequence: • item is deleted. • ltem2 and Policy1 are deleted. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services: • Alibaba Cloud • Amazon Web Services (AWS) • Google Cloud Platform (GCP) What can you add to Defender for Cloud?
You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all network traffic is routed through VM1. What should you configure?
From Azure Security, you create a custom alert rule. You need to configure which users will receive an email message when the alert is triggered. What should you do?
HOTSPOT You have an Azure key vault. You need to delegate administrative access to the key vault to meet the following requirements: Provide a user named User1 with the ability to set advanced access policies for the key vault. Provide a user named User2 with the ability to add and delete certificates in the key vault. Use the principle of least privilege. What should you use to assign access to each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure subscription that contains the virtual networks shown in the following table. NSG1 and NSG2 both have default rules only. The subscription contains the virtual machines shown in the following table. The subscription contains the web apps shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Simulation LAB Task 6 You need to configure a Microsoft SQL server named Web3l 330471 only to accept connections from the Subnet0 subnet on the VNET01 virtual network.

Question 61

Report
Export
Collapse

You have an Azure web app named WebApp1.

You upload a certificate to WebApp1.

You need to make the certificate accessible to the app code of WebApp1.

What should you do?

A.
Add a user-assigned managed identity to WebApp1.
A.
Add a user-assigned managed identity to WebApp1.
Answers
B.
Add an app setting to the WebApp1 configuration.
B.
Add an app setting to the WebApp1 configuration.
Answers
C.
Enable system-assigned managed identity for the WebApp1.
C.
Enable system-assigned managed identity for the WebApp1.
Answers
D.
Configure the TLS/SSL binding for WebApp1.
D.
Configure the TLS/SSL binding for WebApp1.
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code

Question 62

Report
Export
Collapse

HOTSPOT

You have the Azure key vaults shown in the following table.

KV1 stores a secret named Secret1 and a key for a managed storage account named Key1.

You back up Secret1 and Key1.

To which key vaults can you restore each backup? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 62
Correct answer: Question 62

Explanation:

The backups can only be restored to key vaults in the same subscription and same geography. You can restore to a different region in the same geography.

Question 63

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains a web app named App1 and an Azure key vault named Vault1.

You need to configure App1 to store and access the secrets in Vault1.

How should you configure App1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 63
Correct answer: Question 63

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet

Question 64

Report
Export
Collapse

HOTSPOT

You have an Azure key vault named KeyVault1 that contains the items shown in the following table.

In KeyVault1, the following events occur in sequence:

Item1 is deleted.

Item2 and Policy1 are deleted.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 64
Correct answer: Question 64

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview

Question 65

Report
Export
Collapse

HOTSPOT

You have an Azure Storage account that contains a blob container named container1 and a client application named App1.

You need to enable App1 access to container1 by using Azure Active Directory (Azure AD) authentication.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 65
Correct answer: Question 65

Explanation:

Reference:

https://azure.microsoft.com/en-in/blog/announcing-the-preview-of-aad-authentication-for-storage/

https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/storage/common/storage-auth-aad-rbac-portal.md

Question 66

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains an Azure key vault named ContosoKey1.

You create users and assign them roles as shown in the following table.

You need to identify which users can perform the following actions:

Delegate permissions for ContsosKey1.

Configure network access to ContosoKey1.

Which users should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 66
Correct answer: Question 66

Explanation:

Reference:

https://docs.microsoft.com/en-gb/azure/key-vault/general/rbac-guide

Question 67

Report
Export
Collapse

You have an Azure subscription that contains four Azure SQL managed instances.

You need to evaluate the vulnerability of the managed instances to SQL injection attacks.

What should you do first?

A.
Create an Azure Sentinel workspace.
A.
Create an Azure Sentinel workspace.
Answers
B.
Enable Advanced Data Security.
B.
Enable Advanced Data Security.
Answers
C.
Add the SQL Health Check solution to Azure Monitor.
C.
Add the SQL Health Check solution to Azure Monitor.
Answers
D.
Create an Azure Advanced Threat Protection (ATP) instance.
D.
Create an Azure Advanced Threat Protection (ATP) instance.
Answers
Suggested answer: B

Question 68

Report
Export
Collapse

DRAG DROP

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.

You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.

Currently, the domain and the tenant are not integrated.

You need to ensure that User1 can access share1 by using his domain credentials.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 68
Correct answer: Question 68

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable

Question 69

Report
Export
Collapse

You have an Azure subscription that contains an Azure SQL database named sql1.

You plan to audit sql1.

You need to configure the audit log destination. The solution must meet the following requirements:

Support querying events by using the Kusto query language.

Minimize administrative effort.

What should you configure?

A.
an event hub
A.
an event hub
Answers
B.
a storage account
B.
a storage account
Answers
C.
a Log Analytics workspace
C.
a Log Analytics workspace
Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-log-analytics-wizard

Question 70

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the storage accounts shown in the following table.

You enable Azure Defender for Storage.

Which storage services of storage5 are monitored by Azure Defender for Storage, and which storage accounts are protected by Azure Defender for Storage? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 70
Correct answer: Question 70

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/azure-defender-storage-configure?tabs=azure-security-center

Total 439 questions
Go to page: of 44
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms