Exam Logo

Microsoft (AZ-500) Exam Questions And Answers page 14

SIMULATION

You need to collect all the audit failure data from the security log of a virtual machine named VM1 to an Azure Storage account.

To complete this task, sign in to the Azure portal.

This task might take several minutes to complete You can perform other tasks while the task completes.
Manage security operations Secure data and applications
You have an Azure subscription that contains the virtual networks shown in the following table.


The subscription contains the virtual machines shown in the following table.


On NIC1, you configure an application security group named ASG1.

On which other network interfaces can you configure ASG1?
Manage identity and access Manage security operations
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.

You plan to publish several apps in the tenant.

You need to ensure that User1 can grant admin consent for the published apps.

Which two possible user roles can you assign to User1 to achieve this goal? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.
Manage identity and access Secure data and applications
You have an Azure subscription that contains several Azure SQL databases and an Azure Sentinel workspace.

You need to create a saved query in the workspace to find events reported by Azure Defender for SQL.

What should you do?
Manage security operations Secure data and applications
Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.

You need to register App1 in Azure AD.

What information should you obtain from the developer to register the application?
Manage identity and access Secure data and applications
You have an Azure environment.

You need to identify any Azure configurations and workloads that are non-compliant with ISO 27001 standards.

What should you use?
Implement platform protection Secure data and applications
From Azure Security Center, you create a custom alert rule.

You need to configure which users will receive an email message when the alert is triggered.

What should you do?
Manage identity and access Manage security operations
You need to perform the planned changes for OU2 and User1.

Which tools should you use? To answer, drag the appropriate tools to the correct resources. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Manage identity and access Manage security operations
You plan to configure Azure Disk Encryption for VM4.

Which key vault can you use to store the encryption key?
Manage security operations Secure data and applications
SIMULATION

You need to configure Azure to allow RDP connections from the Internet to a virtual machine named VM1. The solution must minimize the attack surface of VM1.

To complete this task, sign in to the Azure portal.
Manage security operations Secure data and applications