AZ-500 Exam Details

  • Exam Code
    :AZ-500
  • Exam Name
    :Microsoft Azure Security Technologies
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :626 Q&As
  • Last Updated
    :Jul 12, 2026

Microsoft AZ-500 Online Questions & Answers

  • Question 141:

    You have an Azure Active Directory (Azure AD) tenant that contains a user named Admin1. Admin1 is assigned the Application developer role.

    You purchase a cloud app named App1 and register App1 in Azure AD.

    Admin1 reports that the option to enable token encryption for App1 is unavailable.

    You need to ensure that Admin1 can enable token encryption for App1 in the Azure portal.

    What should you do?

    A. Upload a certificate for App1.
    B. Modify the API permissions of App1.
    C. Add App1 as an enterprise application.
    D. Assign Admin1 the Cloud application administrator role.

  • Question 142:

    HOTSPOT

    On Monday, you configure an email notification in Microsoft Defender for Cloud to notify user1 @contoso.com about alerts that have a severity level of Low, Medium, or High. On Tuesday, Microsoft Defender for Cloud generates the security alerts shown in the following table.

    How many email notifications will user1 @contoso.com receive on Tuesday? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

  • Question 143:

    You have an Azure subscription.

    You plan to deploy a new Conditional Access policy named CAPolicy1.

    You need to use the What if tool to evaluate how CAPolicy1 wall affect users. The solution must minimize the impact of CAPolicy1 on the users.

    To what should you set the Enable policy setting for CAPolicy1?

    A. Off
    B. On
    C. Report only

  • Question 144:

    DRAG DROP

    You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) data connector.

    You are threat hunting suspicious traffic from a specific IP address.

    You need to annotate an intermediate event stored in the workspace and be able to reference the IP address when navigating through the investigation graph.

    Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

    Select and Place:

  • Question 145:

    You have an Azure key vault named Vault1 that stores the resources shown in following table.

    Which resources support the creation of a rotation policy?

    A. Key1 Only
    B. Cert1 only
    C. Key1 and Secret1 only
    D. Key1 and Cert1 only
    E. Secret1 and Cert1 only
    F. Key1, Secret1, and Cert1

  • Question 146:

    HOTSPOT

    You have an Azure subscription that contains a user named User1. User1 is assigned the Reader role for the subscription.

    You plan to create a custom role named Role1 and assign Role1 to User1.

    You need to ensure that User1 can create and manage application security groups by using Azure portal.

    Which two permissions should you add to Role1? To answer, select the appropriate permissions in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 147:

    You have an Azure subscription named Sub1 that contains the virtual machines shown in the following table.

    You need to ensure that the virtual machines in RG1 have the Remote Desktop port closed until an authorized user requests access.

    What should you configure?

    A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
    B. an application security group
    C. Azure Active Directory (Azure AD) conditional access
    D. just in time (JIT) VM access

  • Question 148:

    HOTSPOT

    You have an Azure subscription that contains the following resources:

    1. An Azure key vault

    2. An Azure SQL database named Database1

    3. Two Azure App Service web apps named AppSrv1 and AppSrv2 that are configured to use system-assigned managed identities and access Database1

    You need to implement an encryption solution for Database1 that meets the following requirements:

    1. The data in a column named Discount in Database1 must be encrypted so that only AppSrv1 can decrypt the data.

    2. AppSrv1 and AppSrv2 must be authorized by using managed identities to obtain cryptographic keys.

    How should you configure the encryption settings for Database1? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 149:

    You have an Azure subscription that contains an Azure key vault.

    You need to configure the maximum number of days for which new keys are valid. The solution must minimize administrative effort.

    What should you use?

    A. Azure Purview
    B. Key Vault properties
    C. Azure Blueprints
    D. Azure Policy

  • Question 150:

    SIMULATION

    You need to prevent administrative users from accidentally deleting a virtual network named VNET1. The administrative users must be allowed to modify the settings of VNET1.

    To complete this task, sign in to the Azure portal.

    A. See the explanation below.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-500 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.