Exam Logo

Microsoft (AZ-500) Exam Questions And Answers page 34

You have an Azure subscription that contains virtual machines.

You enable just in time (JIT) VM access to all the virtual machines.

You need to connect to a virtual machine by using Remote Desktop.

What should you do first?
Manage identity and access Manage security operations
You have an Azure subscription that contains the resources shown in the following table.


VM1 and VM2 are stopped.

You create an alert rule that has the following settings:

• Resource: RG1
• Condition: All Administrative operations
• Actions: Action groups configured for this alert rule: ActionGroup1
• Alert rule name: Alert1

You create an action rule that has the following settings:

• Scope: VM1
• Filter criteria: Resource Type = "Virtual Machines"
• Define on this scope: Suppression
• Suppression config: From now (always)
• Name: ActionRule1

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Note: Each correct selection is worth one point.

Manage security operations Secure data and applications
You have an Azure subscription that contains an Azure Container Registry named Registry1. Azure Defender is enabled in the subscription.

You upload several container images to Registry1.

You discover that vulnerability security scans were not performed.

You need to ensure that the container images are scanned for vulnerabilities when they are uploaded to Registry1.

What should you do?
Manage security operations Secure data and applications
You have been tasked with enabling Advanced Threat Protection for an Azure SQL Database server.

Advanced Threat Protection must be configured to identify all types of threat detection.

Which of the following will happen if when a faulty SQL statement is generate in the database by an application?
Manage security operations Secure data and applications
You have an Azure subscription that contains an Azure key vault named Vault1.

On January 1, 2019, Vault1 stores the following secrets. All dates are in mm/dd/yy format.


When can each secret be used by an application? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Manage security operations Secure data and applications
You have an Azure subscription that is associated with an Azure Active Directory (Azure AD) tenant.

When a developer attempts to register an app named App1 in the tenant, the developer receives the error message shown in the following exhibit.


You need to ensure that the developer can register App1 in the tenant.

What should you do for the tenant?
Manage identity and access Manage security operations
You have 10 virtual machines on a single subnet that has a single network security group (NSG).

You need to log the network traffic to an Azure Storage account.

What should you do?
Manage security operations Secure data and applications
You are troubleshooting a security issue for an Azure Storage account.

You enable the diagnostic logs for the storage account.

What should you use to retrieve the diagnostics logs?
Implement platform protection Manage security operations
You plan to create an Azure Kubernetes Service (AKS) cluster in an Azure subscription.

The manifest of the registered server application is shown in the following exhibit.


You need to ensure that the AKS cluster and Azure Active Directory (Azure AD) are integrated.

Which property should you modify in the manifest?
Manage identity and access Manage security operations
You have a Microsoft 365 tenant that uses an Azure Active Directory (Azure AD) tenant. The Azure AD tenant syncs to an on-premises Active Directory domain by using an instance of Azure AD Connect.

You create a new Azure subscription.

You discover that the synced on-premises user accounts cannot be assigned roles in the new subscription.

You need to ensure that you can assign Azure and Microsoft 365 roles to the synced Azure AD user accounts.

What should you do fist?
Manage identity and access Manage security operations