Practice Free AZ-500 Exam Online Questions
You have the Azure virtual machines shown in the following table.
Each virtual machine has a single network interface.
You add the network interface of VM1 to an application security group named ASG1.
You need to identify the network interfaces of which virtual machines you can add to ASG1.
What should you identify?
- A . VM2 only
- B . VM2, VM3, VM4, and VM5
- C . VM2, VM3, and VM5 only
- D . Vm2 and Vm3 only
D
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/application-security-groups
HOTSPOT
On Monday, you configure an email notification in Azure Security Center to notify user [email protected].
On Tuesday, Security Center generates the security alerts shown in the following table.
How many email notifications will [email protected] receive on Tuesday? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/security-center/security-center-provide-security-contact-details
You need to encrypt storage1 to meet the technical requirements.
Which key vaults can you use?
- A . KeyVault1 only
- B . KeyVault2 and KeyVault3 only
- C . KeyVault1 and KeyVault3 only
- D . KeyVault1 KeyVault2 and KeyVault3
B
Explanation:
The storage account and the key vault must be in the same region and in the same Azure Active Directory (Azure AD) tenant, but they can be in different subscriptions.
Storage1 is in the West US region. KeyVault1 is the only key vault in the same region.
Reference: https://docs.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview
HOTSPOT
You have an Azure subscription named Sub1.
You create a virtual network that contains one subnet.
On the subnet, you provision the virtual machines shown in the following table.
Currently, you have not provisioned any network security groups (NSGs).
You need to implement network security to meet the following requirements:
– Allow traffic to VM4 from VM3 only.
– Allow traffic from the Internet to VM1 and VM2 only.
– Minimize the number of NSGs and network security rules.
How many NSGs and network security rules should you create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
NSGs: 1
Network security rules: 3
Not 2: You cannot specify multiple service tags or application groups) in a security rule.
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
HOTSPOT
You are implementing an Azure Application Gateway web application firewall (WAF) named WAF1.
You have the following Bicep code snippet.
For each of The following statements, select Yes if the statement is true. Otherwise. Select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that contains the resources shown in the following table.
VNet1 contains the subnets shown in the following table.
You plan to use the Azure portal to deploy an Azure firewall named AzFW1 to VNet1.
Which resource group and subnet can you use to deploy AzFW1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains an instance of Azure Firewall Standard named AzFWL
You need to identify whether you can use the following features with AzFW1:
• TLS inspection
• Threat intelligence
• The network intrusion detection and prevention systems (IDPS)
What can you use?
- A . TLS inspection only
- B . threat intelligence only
- C . TLS inspection and the IDPS only
- D . threat intelligence and the IDPS only
- E . TLS inspection, threat intelligence, and the IDPS
You have an Azure subscription that contains the resources shown in the following table.
You need to configure storage1 to regenerate keys automatically every 90 days.
Which cmdlet should you run?
- A . set -A=StorageAccount
- B . Add-A:StorogcAccountmanagementPolicyAction
- C . Set-A;StorageAccountimanagementPolicy
- D . Add-AsKeyVaultmanageStorageAccount
HOTSPOT
You have an Azure subscription that contains the key vaults shown in the following table.
The subscription contains the users shown in the following table.
On June 1, you perform the following actions:
• Delete a key named key1 from KeyVault1.
• Delete a secret named secret 1 from KeyVault2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Explanation:
Yes
Yes
No
You have an Azure subscription that contains the subnets shown in the following table.
The subscription contains Azure web app named WebApp1 that has the following configurations.
* Region West Us
* Virtual network VNet1
* VNet integration on: Enabled
* Outbound subnet: Subnet11
* Windows plan (West US): ASP1
You plan to deploy an Azure web app named WebApp2 that will have the following settings:
* Region: West US
* VNet integration on-Enabled
* Windows plan (West UAS): WebApp2?
To which subnets can you integrate WebApp2?
- A . Subnet11 only
- B . Subnet2 only
- C . Subnet11 or subnet12 only
- D . Subnet2 or Subnet21 only
- E . Subnet11, subnet2, or Subnet21