ExamGecko
Home / Microsoft / AZ-500 / List of questions
Ask Question

Microsoft AZ-500 Practice Test - Questions Answers, Page 10

List of questions

Question 91

Report
Export
Collapse

You have 15 Azure virtual machines in a resource group named RG1.

All virtual machines run identical applications.

You need to prevent unauthorized applications and malware from running on the virtual machines.

What should you do?

Apply an Azure policy to RG1.
Apply an Azure policy to RG1.
From Azure Security Center, configure adaptive application controls.
From Azure Security Center, configure adaptive application controls.
Configure Azure Active Directory (Azure AD) Identity Protection.
Configure Azure Active Directory (Azure AD) Identity Protection.
Apply a resource lock to RG1.
Apply a resource lock to RG1.
Suggested answer: B

Explanation:

Adaptive application control is an intelligent, automated end-to-end application whitelisting solution from Azure Security Center. It helps you control which applications can run on your Azure and non-Azure VMs (Windows and Linux), which, among other benefits, helps harden your VMs against malware. Security Center uses machine learning to analyze the applications running on your VMs and helps you apply the specific whitelisting rules using this intelligence.

Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-adaptive-application

asked 02/10/2024
Brian scott
28 questions

Question 92

Report
Export
Collapse

You plan to deploy Azure container instances.

You have a containerized application that validates credit cards. The application is comprised of two containers: an application container and a validation container.

The application container is monitored by the validation container. The validation container performs security checks by making requests to the application container and waiting for responses after every transaction.

You need to ensure that the application container and the validation container are scheduled to be deployed together. The containers must communicate to each other only on ports that are not externally exposed.

What should you include in the deployment?

application security groups
application security groups
network security groups (NSGs)
network security groups (NSGs)
management groups
management groups
container groups
container groups
Suggested answer: D

Explanation:

Azure Container Instances supports the deployment of multiple containers onto a single host using a container group. A container group is useful when building an application sidecar for logging, monitoring, or any other configuration where a service needs a second attached process.

Reference:

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-container-groups

asked 02/10/2024
Guilherme Silva
27 questions

Question 93

Report
Export
Collapse

HOTSPOT

You create resources in an Azure subscription as shown in the following table.

Microsoft AZ-500 image Question 20 87342 10022024015440000000

VNET1 contains two subnets named Subnet1 and Subnet2. Subnet1 has a network ID of 10.0.0.0/24. Subnet2 has a network ID of 10.1.1.0/24.

Contoso1901 is configured as shown in the exhibit. (Click the Exhibit tab.)

Microsoft AZ-500 image Question 20 87342 10022024015440000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Microsoft AZ-500 image Question 93 87342 10022024015440000
Correct answer: Microsoft AZ-500 image answer Question 93 87342 10022024015440000

Explanation:

Box 1: Yes

Access from Subnet1 is allowed.

Box 2: No

No access from Subnet2 is allowed.

Box 3: Yes

Access from IP address 193.77.10.2 is allowed.

asked 02/10/2024
KOSSIBA LANTONKPODE
28 questions

Question 94

Report
Export
Collapse

DRAG DROP

You are configuring network connectivity for two Azure virtual networks named VNET1 and VNET2.

You need to implement VPN gateways for the virtual networks to meet the following requirements:

VNET1 must have six site-to-site connections that use BGP.

VNET2 must have 12 site-to-site connections that use BGP.

Costs must be minimized.

Which VPN gateway SKU should you use for each virtual network? To answer, drag the appropriate SKUs to the correct networks. Each SKU may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.


Microsoft AZ-500 image Question 94 87343 10022024015440000
Correct answer: Microsoft AZ-500 image answer Question 94 87343 10022024015440000

Explanation:

References:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways#gwsku

asked 02/10/2024
Vinayak H
35 questions

Question 95

Report
Export
Collapse

You are securing access to the resources in an Azure subscription.

A new company policy states that all the Azure virtual machines in the subscription must use managed disks.

You need to prevent users from creating virtual machines that use unmanaged disks.

What should you do?

Azure Monitor
Azure Monitor
Azure Policy
Azure Policy
Azure Security Center
Azure Security Center
Azure Service Health
Azure Service Health
Suggested answer: B
asked 02/10/2024
Piyush Zope
41 questions

Question 96

Report
Export
Collapse

You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry.

You need to use automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry.

What should you create?

a secret in Azure Key Vault
a secret in Azure Key Vault
a role assignment
a role assignment
an Azure Active Directory (Azure AD) user
an Azure Active Directory (Azure AD) user
an Azure Active Directory (Azure AD) group
an Azure Active Directory (Azure AD) group
Suggested answer: B

Explanation:

References:

https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal

asked 02/10/2024
Duc Hai
40 questions

Question 97

Report
Export
Collapse

You have the Azure virtual machines shown in the following table.

Microsoft AZ-500 image Question 24 87346 10022024015440000000

For which virtual machine can you enable Update Management?

VM2 and VM3 only
VM2 and VM3 only
VM2, VM3, and VM4 only
VM2, VM3, and VM4 only
VM1, VM2, and VM4 only
VM1, VM2, and VM4 only
VM1, VM2, VM3, and VM4
VM1, VM2, VM3, and VM4
VM1, VM2, and VM3 only
VM1, VM2, and VM3 only
Suggested answer: C

Explanation:

References:

https://docs.microsoft.com/en-us/azure/automation/automation-update-management?toc=%2Fazure%2Fautomation%2Ftoc.json

asked 02/10/2024
Jim McKay
34 questions

Question 98

Report
Export
Collapse

DRAG DROP

You have an Azure subscription named Sub1.

You have an Azure Active Directory (Azure AD) group named Group1 that contains all the members of your IT team.

You need to ensure that the members of Group1 can stop, start, and restart the Azure virtual machines in Sub1. The solution must use the principle of least privilege.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Microsoft AZ-500 image Question 98 87347 10022024015440000
Correct answer: Microsoft AZ-500 image answer Question 98 87347 10022024015440000

Explanation:

References:

https://www.petri.com/cloud-security-create-custom-rbac-role-microsoft-azure

asked 02/10/2024
chengbin lin
44 questions

Question 99

Report
Export
Collapse

DRAG DROP

You have an Azure subscription that contains the following resources:

A virtual network named VNET1 that contains two subnets named Subnet1 and Subnet2.

A virtual machine named VM1 that has only a private IP address and connects to Subnet1.

You need to ensure that Remote Desktop connections can be established to VM1 from the internet.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange then in the correct order.


Microsoft AZ-500 image Question 99 87348 10022024015440000
Correct answer: Microsoft AZ-500 image answer Question 99 87348 10022024015440000
asked 02/10/2024
Juan Contreras
36 questions

Question 100

Report
Export
Collapse

You have an Azure subscription that contains a user named User1 and an Azure Container Registry named ContReg1.

You enable content trust for ContReg1.

You need to ensure that User1 can create trusted images in ContReg1. The solution must use the principle of least privilege.

Which two roles should you assign to User1? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

AcrQuarantineReader
AcrQuarantineReader
Contributor
Contributor
AcrPush
AcrPush
AcrImageSigner
AcrImageSigner
AcrQuarantineWriter
AcrQuarantineWriter
Suggested answer: C, D

Explanation:

References:

https://docs.microsoft.com/en-us/azure/container-registry/container-registry-content-trust

https://docs.microsoft.com/en-us/azure/container-registry/container-registry-roles

asked 02/10/2024
Henock Asmerom
34 questions
Total 442 questions
Go to page: of 45
Search

Related questions