Practice Free AZ-500 Exam Online Questions
Lab Task
use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password. place your cursor in the Enter password box and click on the password below.
Azure Username: Userl [email protected]
Azure Password: GpOAe4@lDg
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 28681041
Task 10
You need to create a new Azure AD directory named 28681041.onmicrosoft.com. The new directory must contain a new user named [email protected].
In the Azure portal, search for and select Azure Active Directory.
In the left pane, select Domains.
Select Add domain.
In the Add a custom domain pane, enter the following information:
Domain name: Enter the domain name you want to use. For example, 28681041.onmicrosoft.com.
Add domain: Select Add domain.
In the left pane, select Users.
Select New user.
In the New user pane, enter the following information:
User name: Enter the user name you want to use. For example, [email protected].
Name: Enter the name of the user.
Password: Enter a password for the user.
Groups: Select the groups you want the user to be a member of.
Select Create.
You can find more information on these topics in the following Microsoft documentation:
Add a custom domain name to Azure Active Directory
Create a new user in your organization – Azure Active Directory
DRAG DROP
You have an Azure subscription that contains an Azure SQL database named SQLDB1.
SQLDB1 contains the columns shown in the following table.
For the Email and Birthday columns, you implement dynamic data masking by using the default masking function.
Which value will the users see in each column? To answer, drag the appropriate values to the correct columns. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Lab Task
Task 2
You need to ensure that the events in the NetworkSecurityGroupRuleCounter log of the VNETOI-Subnet0-NSG network security group (NSG) are stored in the Iogs31330471 Azure Storage account for 30 days.
Configure the retention policy for the storage account to keep the logs for 30 days. You can use the Azure portal, Azure PowerShell, or the Azure CLI to do this. You need to specify the days parameter as 30 for the Set-AzStorageServiceProperty cmdlet or the az storage logging update command.
View and analyze the logs in the storage account. You can use any tool that can read JSON files, such as Azure Storage Explorer or Visual Studio Code. You can also export the logs to any visualization tool, SIEM solution, or IDS of your choice
HOTSPOT
You need to ensure that the Azure AD application registration and consent configurations meet the identity and access requirements.
What should you use in the Azure portal? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-user-consent
HOTSPOT
You need to ensure that the Azure AD application registration and consent configurations meet the identity and access requirements.
What should you use in the Azure portal? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-user-consent
You have a web app named WebApp1.
You create a web application firewall (WAF) policy named WAF1.
You need to protect WebApp1 by using WAF1.
What should you do first?
- A . Deploy an Azure Front Door.
- B . Add an extension to WebApp1.
- C . Deploy Azure Firewall.
A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-door
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Active Directory forest with a single domain, named weylandindustries.com.
They also have an Azure Active Directory (Azure AD) tenant with the same name.
You have been tasked with integrating Active Directory and the Azure AD tenant. You intend to deploy Azure AD Connect.
Your strategy for the integration must make sure that password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant, and that the amount of necessary servers are reduced.
Solution: You recommend the use of password hash synchronization and seamless SSO.
Does the solution meet the goal?
- A . Yes
- B . No
You have an Azure subscription that contains an Azure SQL database named sql1.
You plan to audit sql1. You need to configure the audit log destination.
The solution must meet the following requirements:
– Support querying events by using the Kusto query language.
– Minimize administrative effort.
What should you configure?
- A . an event hub
- B . a storage account
- C . a Log Analytics workspace
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-log-analytics-wizard
HOTSPOT
You have an Azure subscription.
You need to create and deploy an Azure policy that meets the following requirements:
– When a new virtual machine is deployed, automatically install a custom security extension.
– Trigger an autogenerated remediation task for non-compliant virtual machines to install the extension.
What should you include in the policy? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources
You have an Azure subscription that contains a user named UseR1.
You need to ensure that UseR1 can perform the following tasks:
• Create groups.
• Create access reviews for role-assignable groups.
• Assign Azure AD roles to groups.
The solution must use the principle of least privilege.
Which role should you assign to User1?
- A . Groups administrator
- B . Authentication administrator
- C . Identity Governance Administrator
- D . Privileged role administrator