Microsoft (AZ-500) Exam Questions And Answers page 14
SIMULATION
You need to collect all the audit failure data from the security log of a virtual machine named VM1 to an Azure Storage account.
To complete this task, sign in to the Azure portal.
This task might take several minutes to complete You can perform other tasks while the task completes.
You need to collect all the audit failure data from the security log of a virtual machine named VM1 to an Azure Storage account.
To complete this task, sign in to the Azure portal.
This task might take several minutes to complete You can perform other tasks while the task completes.
Manage security operations
Secure data and applications
You have an Azure subscription that contains the virtual networks shown in the following table.
The subscription contains the virtual machines shown in the following table.
On NIC1, you configure an application security group named ASG1.
On which other network interfaces can you configure ASG1?
The subscription contains the virtual machines shown in the following table.
On NIC1, you configure an application security group named ASG1.
On which other network interfaces can you configure ASG1?
NIC2, NIC3, NIC4, and NIC5
NIC2 and NIC3 only
NIC2, NIC3, and NIC4 only
Manage identity and access
Manage security operations
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
You plan to publish several apps in the tenant.
You need to ensure that User1 can grant admin consent for the published apps.
Which two possible user roles can you assign to User1 to achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
You plan to publish several apps in the tenant.
You need to ensure that User1 can grant admin consent for the published apps.
Which two possible user roles can you assign to User1 to achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Security administrator
Cloud application administrator
Application administrator
User administrator
Application developer
Manage identity and access
Secure data and applications
You have an Azure subscription that contains several Azure SQL databases and an Azure Sentinel workspace.
You need to create a saved query in the workspace to find events reported by Azure Defender for SQL.
What should you do?
You need to create a saved query in the workspace to find events reported by Azure Defender for SQL.
What should you do?
From Azure CLI, run the Get-AzOperationalInsightsWorkspace cmdlet.
From the Azure SQL Database query editor, create a Transact-SQL query.
From the Azure Sentinel workspace, create a Kusto Query Language query.
From Microsoft SQL Server Management Studio (SSMS), create a Transact-SQL query.
Manage security operations
Secure data and applications
Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?
a redirect URI
a reply URL
a key
an application ID
Manage identity and access
Secure data and applications
You have an Azure environment.
You need to identify any Azure configurations and workloads that are non-compliant with ISO 27001 standards.
What should you use?
You need to identify any Azure configurations and workloads that are non-compliant with ISO 27001 standards.
What should you use?
Azure Sentinel
Azure Active Directory (Azure AD) Identity Protection
Azure Security Center
Azure Advanced Threat Protection (ATP)
Implement platform protection
Secure data and applications
From Azure Security Center, you create a custom alert rule.
You need to configure which users will receive an email message when the alert is triggered.
What should you do?
You need to configure which users will receive an email message when the alert is triggered.
What should you do?
From Azure Monitor, create an action group.
From Security Center, modify the Security policy settings of the Azure subscription.
From Azure Active Directory (Azure AD), modify the members of the Security Reader role group.
From Security Center, modify the alert rule.
Manage identity and access
Manage security operations
You need to perform the planned changes for OU2 and User1.
Which tools should you use? To answer, drag the appropriate tools to the correct resources. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Which tools should you use? To answer, drag the appropriate tools to the correct resources. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Manage identity and access
Manage security operations
You plan to configure Azure Disk Encryption for VM4.
Which key vault can you use to store the encryption key?
Which key vault can you use to store the encryption key?
KeyVault1
KeyVault2
KeyVault3
Manage security operations
Secure data and applications
SIMULATION
You need to configure Azure to allow RDP connections from the Internet to a virtual machine named VM1. The solution must minimize the attack surface of VM1.
To complete this task, sign in to the Azure portal.
You need to configure Azure to allow RDP connections from the Internet to a virtual machine named VM1. The solution must minimize the attack surface of VM1.
To complete this task, sign in to the Azure portal.
Manage security operations
Secure data and applications
Comments