Vcedump 100% Guareented AZ-500 Questions and Answers. 100% Pass Guarantee. Latest Questions with Accurate Answers.

Exam Details

Exam Code
:AZ-500
Exam Name
:Microsoft Azure Security Technologies
Certification
:Role-based
Vendor
:Microsoft
Total Questions
:491 Q&As
Last Updated
:May 08, 2024

Microsoft Role-based AZ-500 Questions & Answers

Question 1:

SIMULATION
You need to configure Azure to allow RDP connections from the Internet to a virtual machine named VM1. The solution must minimize the attack surface of VM1.
To complete this task, sign in to the Azure portal.
A. See the explanation below.

Correct Answer: A

To enable the RDP port in an NSG, follow these steps:
1.
Sign in to the Azure portal.
2.
In Virtual Machines, select VM1
3.
In Settings, select Networking.
4.
In Inbound port rules, check whether the port for RDP is set correctly. The following is an example of the configuration:
Priority: 300 Name: Port_3389 Port(Destination): 3389 Protocol: TCP Source: Any Destinations: Any Action: Allow
Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/troubleshoot-rdp-nsg-problem
Question 2:

SIMULATION
You need to create a new Azure Active Directory (Azure AD) directory named 11641655.onmicrosoft.com and a user named User1 in the new directory. The solution must ensure that User1 is enabled for Azure Multi-Factor Authentication (MFA).
To complete this task, sign in to the Azure portal.
A. See the explanation below.

Correct Answer: A
Step 1: Create an Azure Active Directory tenant
1.
Browse to the Azure portal and sign in with an account that has an Azure subscription.
2.
Select the plus icon (+) and search for Azure Active Directory.
3.
Select Azure Active Directory in the search results.
4.
Select Create.
5.
Provide an Organization name and an Initial domain name (10598168). Then select Create. Your directory is created.
6.
After directory creation is complete, select the information box to manage your new directory. Next, you're going to add tenant users.
Step 2: Create an Azure Active Directory tenant user
7.
In the Azure portal, make sure you are on the Azure Active Directory fly out.
8.
Under Manage, select Users.
9.
Select All users and then select + New user.
10.
Provide a Name and User name (user1) for the regular user tenant You can also show the temporary password. When you're done, select Create.
Name: user1 User name: [email protected]
Reference: https://docs.microsoft.com/en-us/power-bi/developer/create-an-azure-active-directory-tenant
Question 3:

SIMULATION
You need to add the network interface of a virtual machine named VM1 to an application security group named ASG1.
To complete this task, sign in to the Azure portal.
A. See the explanation below.

Correct Answer: A
1.
In the Search resources, services, and docs box at the top of the portal, begin typing the name of a virtual machine, VM1 that has a network interface that you want to add to, or remove from, an application security group.
2.
When the name of your VM appears in the search results, select it.
3.
Under SETTINGS, select Networking. Select Configure the application security groups, select the application security groups that you want to add the network interface to, or unselect the application security groups that you want to remove the network interface from, and then select Save.
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface
Question 4:

HOTSPOT
You have an Azure subscription that contains the resources shown in the following table.
VNet1 contains the subnets shown in the following table.
You plan to use the Azure portal to deploy an Azure firewall named AzFW1 to VNet1.
Which resource group and subnet can you use to deploy AzFW1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Question 5:

HOTSPOT
You have an Azure subscription named Sub1 that contains the resource groups shown in the following table.
You create the Azure Policy definition shown in the following exhibit.
You assign the policy to Sub1.
You plan to create the resources shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Question 6:

SIMULATION
The developers at your company plan to create a web app named App10598168 and to publish the app to https://www.contoso.com.
You need to perform the following tasks:
1.
Ensure that App10598168 is registered to Azure Active Directory (Azure AD).
2.
Generate a password for App10598168.
To complete this task, sign in to the Azure portal.
A. See the explanation below.

Correct Answer: A
Step 1: Register the Application
1.
Sign in to your Azure Account through the Azure portal.
2.
Select Azure Active Directory.
3.
Select App registrations.
4.
Select New registration.
5.
Name the application App10598168 . Select a supported account type, which determines who can use the application. Under Redirect URI, select Web for the type of application you want to create. Enter the URI: https://www.contoso.com , where the access token is sent to.
6.
Click Register
Step 2: Create a new application secret
If you choose not to use a certificate, you can create a new application secret.
7 Select Certificates and secrets.
8.
Select Client secrets -> New client secret.
9.
Provide a description of the secret, and a duration. When done, select Add.
After saving the client secret, the value of the client secret is displayed. Copy this value because you aren't able to retrieve the key later. You provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
Question 7:

HOTSPOT
You have an Azure subscription that contains two users named User1 and User2 and the blob containers shown in the following table.
Policy1 is configured as shown in the following exhibit.
You assign the roles for storage1 as shown in the following table.
The storage1 account has the following shared access signature (SAS) named SAS1:
Allowed services: Blob Allowed resource types: Container Allowed permissions: Read, Write, List, Add, Create Blob versioning permissions: enables deletion of versions Allowed blob index permissions: Read/Write Starr and expiry date/time:
-Start: 12/1/2021
-End: 12/31/2021
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Question 8:

HOTSPOT
Your on-premises network contains the servers shown in the following table.
You have an Azure subscription that contains multiple virtual machines that run either Windows Server 2019 or SLES.
You plan to implement adaptive application controls in Microsoft Defender for Cloud.
Which operating systems and platforms can you monitor? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Question 9:

HOTSPOT
You have an Azure AD tenant named contoso.com that contains the users shown in the following table.
You add enterprise applications to contoso.com as shown in the following table.
You need to identify which users can grant admin consent for App1 and App2.
Which users should you identify for each application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Question 10:

HOTSPOT - (Topic 4)
You have an Azure subscription that contains the resources shown in the following table.
Pass Your Certification With Marks4sure Guarantee 398 Microsoft AZ-500 : Practice Test
SQL1 has the following configurations:
1.
Auditing: Enabled
2.
Audit log destination: storage1, Workspace1
DB1 has the following configurations:
1.
Auditing: Enabled
2.
Audit log destination: storage2
DB2 has auditing disabled.
Where are the audit logs for DB1 and DB2 stored?
To answer, select the appropriate options in the answer area
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-500 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.

Exam Details

Exam Code

Exam Name

Certification

Vendor

Total Questions

Last Updated

Microsoft Role-based AZ-500 Questions & Answers

Question 1:

Question 2:

Question 3:

Question 4:

Question 5:

Question 6:

Question 7:

Question 8:

Question 9:

Question 10:

Related Exams:

MS-720

MS-740

AZ-700

MB-340

SC-400

SC-300

SC-200

AI-102

AZ-600

PL-400

Tips on How to Prepare for the Exams

Microsoft Azure Security Technologies

Exam Details

Exam Code

Exam Name

Certification

Vendor

Total Questions

Last Updated

Microsoft Role-based AZ-500 Questions & Answers

Question 1:

Question 2:

Question 3:

Question 4:

Question 5:

Question 6:

Question 7:

Question 8:

Question 9:

Question 10:

Related Exams:

Tips on How to Prepare for the Exams