Practice Free AZ-500 Exam Online Questions
HOTSPOT
You have an Azure subscription that contains three storage accounts, an Azure SQL managed instance named SQL and three Azure SQL databases.
The storage accounts are configured as shown in the following table.
SQ11 has the following settings:
• Auditing: On
• Audit tog destination: storage1
The Azure SQL databases are configured as shown in the following table.
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/auditing-configure
https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview
HOTSPOT
You have an Azure subscription that contains the resources shown in the following table.
Transparent Data Encryption (TDE) is disabled on SQL1.
You assign polices to the resource groups as shown in the following table.
You plan to deploy Azure SQL databases by using an Azure Resource Manager (ARM) template. The databases will be configured as shown in the following table. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure key vault named KeyVault1 that contains the items shown in the following table.
In KeyVault1 the following events occur in sequence:
• item is deleted.
• ltem2 and Policy1 are deleted.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure subscription that uses Microsoft Defender for Cloud.
You have an Amazon Web Service (AWS) account named AWS1 that is connected to defender for Cloud.
You need to ensure that AWS foundational Security Best Practices. The solution must minimize administrate effort.
What should do you in Defender for Cloud?
- A . Create a new customer assessment.
- B . Assign a built-in assessment.
- C . Assign a built-in compliance standard.
- D . Create a new custom standard.
You have an Azure virtual machine named VM1.
From Azure Security Center, you get the following high-severity recommendation: “Install endpoint protection solutions on virtual machine”.
You need to resolve the issue causing the high-severity recommendation.
What should you do?
- A . Add the Microsoft Antimalware extension to VM1.
- B . Install Microsoft System Center Security Management Pack for Endpoint Protection on VM1.
- C . Add the Network Watcher Agent for Windows extension to VM1.
- D . Onboard VM1 to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/security-center/security-center-endpoint-protection
HOTSPOT
You have the hierarchy of Azure resources shown in the following exhibit.
RG1, RG2, and RG3 are resource groups.
RG2 contains a virtual machine named VM1.
You assign role-based access control (RBAC) roles to the users shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains an Azure SQL database named DB1 in the East US Azure region.
You create the storage accounts shown in the following table.
You plan to enable auditing for DB1.
Which storage accounts can you use as the auditing destination for DB1?
- A . storage1 only
- B . storage1 and storage4 only
- C . Storage2 and storage3 only
- D . storage1, storage2 and storage3 only
You have an Azure subscription.
You create a new virtual network named VNet1.
You plan to deploy an Azure web app named App1 that will use VNet1 and will be reachable by using private IP addresses. The solution must support inbound and outbound network traffic.
What should you do?
- A . Create an Azure App Service Hybrid Connection.
- B . Configure regional virtual network integration.
- C . Create an App Service Environment
- D . Create an Azure application gateway.
HOTSPOT
You have an Azure subscription that has a managed identity named identity and is linked to an Azure Active Directory (Azure AD) tenant.
The tenant contains the resources shown in the following table.
Which resources can be added to AU1 and AU2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription named Subcription1 that contains the resources shown in the following table.
You have an Azure subscription named Subcription2 that contains the following resources:
– An Azure Sentinel workspace
– An Azure Event Grid instance
You need to ingest the CEF messages from the NVAs to Azure Sentinel. NOTE: Each correct selection is worth one point.
