AZ-500 Exam Details

  • Exam Code
    :AZ-500
  • Exam Name
    :Microsoft Azure Security Technologies
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :626 Q&As
  • Last Updated
    :Jul 12, 2026

Microsoft AZ-500 Online Questions & Answers

  • Question 51:

    SIMULATION

    You need to ensure that connections through an Azure Application Gateway named Homepage-AGW are inspected for malicious requests.

    To complete this task, sign in to the Azure portal.

    You do not need to wait for the task to complete.

    A. See the explanation below.

  • Question 52:

    You have an Azure virtual machine named VM1.

    From Azure Security Center, you get the following high-severity recommendation: "Install endpoint protection solutions on virtual machine".

    You need to resolve the issue causing the high-severity recommendation.

    What should you do?

    A. Add the Microsoft Antimalware extension to VM1.
    B. Install Microsoft System Center Security Management Pack for Endpoint Protection on VM1.
    C. Add the Network Watcher Agent for Windows extension to VM1.
    D. Onboard VM1 to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).

  • Question 53:

    HOTSPOT

    You have an Azure subscription that contains a user named Admin1 and an Azure key vault named Vault1.

    You plan to implement Microsoft Entra Verified ID.

    You need to create an access policy to ensure that Admin1 has permissions to Vault1 that support the implementation of the Verified ID service. The solution must use the principle of least privilege.

    Which three key permissions should you select? To answer, select the appropriate permissions in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 54:

    Your company uses Azure DevOps.

    You need to recommend a method to validate whether the code meets the company's quality standards and code review standards.

    What should you recommend implementing in Azure DevOps?

    A. branch folders
    B. branch permissions
    C. branch policies
    D. branch locking

  • Question 55:

    You have a Microsoft Entra tenant.

    You need to prevent nonprivileged Microsoft Entra users from creating service principals in Microsoft Entra ID.

    A. From the Properties blade, set Enable Security defaults to Yes.
    B. From the Properties blade, set Access management for Azure resources to No.
    C. From the User settings blade, set Restrict access to Microsoft Entra ID administration portal to Yes.
    D. From the User settings blade, set Users can register applications to No.

  • Question 56:

    HOTSPOT

    You have an Azure subscription that has a managed identity named identity and is linked to an Azure Active Directory (Azure AD) tenant. The tenant contains the resources shown in the following table.

    Which resources can be added to AUI and AU2? To answer, select the appropriate options in the answer area.

    Which resources can be added to AU1 and AU2? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    2026-02-25_111720.jpg

  • Question 57:

    You have an Azure Container Registry named ContReg1 that contains a container image named image1.

    You enable content trust for ContReg1.

    After content trust is enabled, you push two images to ContReg1 as shown in the following table.

    Which images are trusted images?

    A. image1 and image2 only
    B. image2 only
    C. image1, image2, and image3

  • Question 58:

    HOTSPOT

    You have an Azure Active directory tenant that syncs with an Active Directory Domain Services (AD DS) domain.

    You plan to create an Azure file share that will contain folders and files.

    Which identity store can you use to assign permissions to the Azure file share and folders within the share? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 59:

    You have an Azure subscription named Sub1.

    In Azure Security Center, you have a security playbook named Play1. Play1 is configured to send an email message to a user named User1.

    You need to modify Play1 to send email messages to a distribution group named Alerts.

    What should you use to modify Play1?

    A. Azure DevOps
    B. Azure Application Insights
    C. Azure Monitor
    D. Azure Logic Apps Designer

  • Question 60:

    DRAG DROP

    You have two Azure subscriptions named Sub1 and Sub2. Sub1 contains a resource group named RG1 and an Azure policy named Policy1.

    You need to remediate the non-compliant resources in Sub1 based on Policy1.

    How should you complete the PowerShell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once,

    or not at all. You may need to drag the split bar between panes or scroll to view content.

    NOTE: Each correct selection is worth one point.

    Select and Place:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-500 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.