Skip to Content

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers – 3 Part 2

By: Author Alex Lim

Posted on

Categories Exam

The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers

Question 231

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Sub1.
You have an Azure Storage account named Sa1 in a resource group named RG1.
Users and applications access the blob service and the file service in Sal by using several shared access signatures {SASs) and stored access policies.
You discover that unauthorized users accessed both the rile service and the blob service.
You need to revoke all access to Sa1.
Solution: You regenerate the access keys.
Does this meet the goal?

* A. Yes
B. No

Explanation

To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately effects all of the shared access signatures associated with it.

Question 232

You have an Azure subscription that contains the Azure Log Analytics workspaces shown in the following table.

Name Location Description
Workspace1 East US Used by Azure Sentinel
Workspace2 West US Not applicable

You create the virtual machines shown in the following table.

Name Location Operating system Connected to
VM1 East US Windows Server 2019 None
VM2 East US Windows Server 2019 Workspace2
VM3 West US Windows Server 2019 None
VM4 West US Windows Server 2019 Workspace2

You plan to use Azure Sentinel to monitor Windows Defender Firewall on the virtual machines.
Which virtual machines you can connect to Azure Sentinel?

A. VM1 and VM3 only
B. VM1 Only
C. VM1 and VM2 only
* D. VM1, VM2, VM3 and VM4

Question 233

You need to ensure that you can meet the security operations requirements.
What should you do first?

A. Turn on Auto Provisioning in Security Center.
B. Integrate Security Center and Microsoft Cloud App Security.
* C. Upgrade the pricing tier of Security Center to Standard.
D. Modify the Security Center workspace configuration.

Explanation

The Standard tier extends the capabilities of the Free tier to workloads running in private and other public clouds, providing unified security management and threat protection across your hybrid cloud workloads. The Standard tier also adds advanced threat detection capabilities, which uses built-in behavioral analytics and machine learning to identify attacks and zero-day exploits, access and application controls to reduce exposure to network attacks and malware, and more.
Scenario: Security Operations Requirements
Litware must be able to customize the operating system security configurations in Azure Security Center.

Question 234

You have a Azure subscription.
You enable Azure Active Directory (Azure AD) Privileged identify (PIM).
Your company’s security policy for administrator accounts has the following conditions:

  • The accounts must use multi-factor authentication (MFA).
  • The account must use 20-character complex passwords.
  • The passwords must be changed every 180 days.
  • The account must be managed by using PIM.

You receive alerts about administrator who have not changed their password during the last 90 days.
You need to minimize the number of generated alerts.
Which PIM alert should you modify?

A. Roles don’t require multi-factor authentication for activation.
B. Administrator aren’t using their privileged roles
C. Roles are being assigned outside of Privileged identity Management
* D. Potential state accounts in a privileged role.

Question 235

From Azure Security Center, you need to deploy SecPol1.
What should you do first?

A. Enable Azure Defender.
B. Create an Azure Management group.
*C. Create an initiative.
D. Configure continuous export.

Question 236

You have an Azure subscription that contains the resources shown in the following table.

Name Type
User1 Azure Active Directory (Azure AD) user
User2 Azure Active Directory (Azure AD) user
Group1 Azure Active Directory (Azure AD) group
Vault1 Azure key vault

User1 is a member of Group1. Group1 and User2 are assigned the Key Vault Contributor role for Vault1.
On January 1, 2019, you create a secret in Vault1. The secret is configured as shown in the exhibit. (Click the Exhibit tab.)

On January 1, 2019, you create a secret in Vault1. The secret is configured as shown in the exhibit. (Click the Exhibit tab.)

User2 is assigned an access policy to Vault1. The policy has the following configurations:

  • Key Management Operations: Get, List, and Restore
  • Cryptographic Operations: Decrypt and Unwrap Key
  • Secret Management Operations: Get, List, and Restore

Group1 is assigned an access to Vault1. The policy has the following configurations:

  • Key Management Operations: Get and Recover
  • Secret Management Operations: List, Backup, and Recover

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Statements:

  • On January 1, 2019, User1 can view the value of Password1.
  • On June 1, 2019, User2 can view the value of Password1.
  • On June 1, 2019, User1 can view the value of Password1.

Answer

  • On January 1, 2019, User1 can view the value of Password1: No
  • On June 1, 2019, User2 can view the value of Password1: Yes
  • On June 1, 2019, User1 can view the value of Password1: No

Question 237

You have an Azure subscription.
You need to create and deploy an Azure policy that meets the following requirements:
When a new virtual machine is deployed, automatically install a custom security extension.
Trigger an autogenerated remediation task for non-compliant virtual machines to install the extension.
What should you include in the policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Definition effect:

  • Append
  • DeployIfNotExists
  • EnforceOPAConstraint
  • EnforceRegoPolicy
  • Modify

Assignment remediation task:

  • A managed identity that has the Contributor role
  • A managed identity that has the User Access Administrator role
  • A service principal that has the Contributor role
  • A service principal that has the User Access Administrator role

Answer

Definition effect: DeployIfNotExists
Assignment remediation task: A managed identity that has the Contributor role

Question 238

You need to create Role1 to meet the platform protection requirements.
How should you complete the role definition of Role1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question: How should you complete the role definition of Role1

Answer

Answer: How should you complete the role definition of Role1

Question 239

You have an Azure subscription that contains the alerts shown in the following exhibit.

You have an Azure subscription that contains the alerts shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

The state of Alert1 that was fired at 11:23:52:

  • cannot be changed
  • can be changed to Closed only
  • can be changed to New only
  • can be changed to New or Closed

The state of Alert2 that was fired at 11:23:24:

  • cannot be changed
  • can be changed to Acknowledged only
  • can be changed to New only
  • can be changed to New or Acknowledged

Answer

The state of Alert1 that was fired at 11:23:52: can be changed to Closed only
The state of Alert2 that was fired at 11:23:24: can be changed to New or Acknowledged

Question 240

You have three Azure subscriptions and a user named User1.
You need to provide User1 with the ability to manage and view costs for the resources across all three subscriptions. The solution must use the principle of least privilege.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.

Actions:

  • Create a management group.
  • Add the three subscriptions to the management group.
  • Assign User1 the Global administrator role.
  • Assign User1 the Owner role for the management group.
  • Assign User1 the Cost Management Contributor role for the management group.

Answer

  • Assign User1 the Cost Management Contributor role for the management group.
  • Assign User1 the Global administrator role.
  • Add the three subscriptions to the management group.