Skip to Content

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers – 3

The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers

Question 241

Question

You have an Azure Active Directory (Azure AD) tenant named contoso1812.onmicrosoft.com that contains the users shown in the following table.

Name Username Type
User1 [email protected] Member
User2 [email protected] Member
User3 [email protected] Member
User4 [email protected] Guest

You create an Azure Information Protection label named Label1. The Protection settings for Label1 are configured as shown in the exhibit. (Click the Exhibit tab.)

You create an Azure Information Protection label named Label1. The Protection settings for Label1 are configured as shown in the exhibit. (Click the Exhibit tab.)

Label1 is applied to a file named File1.
For each of the following statements, select Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.

Statements:

  • User1 can print File1.
  • User3 can print File1.
  • User4 can print File1.

Answer

  • User1 can print File1: Yes
  • User3 can print File1: Yes
  • User4 can print File1: No

Question 242

Question

You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table.

Name Operating system Region Resource group
VM1 Windows Server 2012 East US RG1
VM2 Windows Server 2012 R2 West US RG1
VM3 Windows Server 2016 West US RG2
VM4 Ubuntu Server 18.04 LTS West US RG2
VM5 Red Hat Enterprise Linux 7.4 East US RG1
VM6 CentOS 7.5 East US RG1

You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6.
Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Update1:

  • VM2 only
  • VM4 only
  • VM1 and VM2 only
  • VM1, VM2, VM4, VM5, and VM6

Update2:

  • VM5 only
  • VM1 and VM5 only
  • VM4 and VM5 only
  • VM1, VM2, and VM5 only
  • VM1, VM2, VM3, VM4, and VM5

Answer

Update1: VM2 only
Update2: VM1 and VM5 only

Reference

Question 243

Question

SIMULATION –
You need to ensure that User2-11641655 has all the key permissions for KeyVault11641655.
To complete this task, sign in to the Azure portal and modify the Azure resources.

Answer

See the explanation below.

Explanation

  1. You need to assign the user the Key Vault Secrets Officer role.
  2. In the Azure portal, type Key Vaults in the search box, select Key Vaults from the search results then select KeyVault11641655. Alternatively, browse to Key Vaults in the left navigation pane.
  3. In the key vault properties, select Access control (IAM).
  4. In the Add a role assignment section, click the Add button.
  5. In the Role box, select the Key Vault Secrets Officer role from the drop-down list.
  6. In the Select box, start typing User2-11641655 and select User2-11641655 from the search results.
  7. Click the Save button to save the changes.

Question 244

Question

You have an Azure SQL Database server named SQL1.
You plan to turn on Advanced Threat Protection for SQL1 to detect all threat detection types.
Which action will Advanced Threat Protection detect as a threat?

A. A user updates more than 50 percent of the records in a table.
B. A user attempts to sign as SELECT * from table1.
C. A user is added to the db_owner database role.
D. A user deletes more than 100 records from the same table.

Answer

B. A user attempts to sign as SELECT * from table1.

Explanation

Advanced Threat Protection can detect potential SQL injections: This alert is triggered when an active exploit happens against an identified application vulnerability to SQL injection. This means the attacker is trying to inject malicious SQL statements using the vulnerable application code or stored procedures.

Reference

Question 245

Question

You have an Azure subscription named Subscription1 that contains a resource group named RG1 and the users shown in the following table.

You perform the following tasks:
Assign User1 the Network Contributor role for Subscription1.
Assign User2 the Contributor role for RG1.
To Subscription1 and RG1, you assign the following policy definition: External accounts with write permissions should be removed from your subscription.
What is the Compliance State of the policy assignments?

A. The Compliance State of both policy assignments is Non-compliant.
B. The Compliance State of the policy assignment to Subscription1 is Compliant, and the Compliance State of the policy assignment to RG1 is Non-compliant.
C. The Compliance State of the policy assignment to Subscription1 is Non-compliant, and the Compliance State of the policy assignment to RG1 is Compliant.
D. The Compliance State of both policy assignments is Compliant.

Answer

A. The Compliance State of both policy assignments is Non-compliant.

Question 246

Question

You have an Azure subscription.
You plan to create a storage account.
You need to use customer-managed keys to encrypt the tables in the storage account.
From Azure Cloud Shell, which three cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.

Cmdlets:

  • New-AzStorageAccountKey
  • New-AzStorageTable
  • Register-AzProviderFeature
  • New-AzStorageAccount
  • Register-AzResourceProvider

Answer

  1. New-AzStorageAccount
  2. New-AzStorageAccountKey
  3. New-AzStorageTable

Explanation

Question 247

Question

Note: scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Security Center for the centralized policy management of three Azure subscriptions.
You use several policy definitions to manage the security of the subscriptions.
You need to deploy the policy definitions as a group to all three subscriptions.
Solution: You create a policy definition and assignments that are scoped to resource groups.
Does this meet the goal?

A. Yes
B. No

Answer

B. No

Question 248

Question

You have an Azure key vault named KeyVault1 that contains the items shown in the following table.

Name Type
Item1 Key
Item2 Secret
Policy1 Access policy

In KeyVault, the following events occur in sequence:

  1. Item1 is deleted
  2. Administrator enables soft delete
  3. Item2 and Policy1 are deleted.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Statements:

  • You can recover Policy1.
  • You can add a new key named Item1.
  • You can add a new secret named Item2.

Answer

  • You can recover Policy1: No
  • You can add a new key named Item1: Yes
  • You can add a new secret named Item2: No

Question 249

Question

You have an Azure Sentinel deployment. You need to create a scheduled query rule named Rule1. What should you use to define the query rule logic for Rule1?

A. a Transact-SQL statement
B. a JSON definition
C. GraphQL
D. a Kusto query

Answer

D. a Kusto query

Reference

Question 250

Question

Your company has an Azure SQL database. The database also consists of sensitive data. You want the prevent sensitive data from appearing as plain text inside the database system. What would be your step of action?

A. Configure Dynamic Data Masking (DDM).
B. Enable Advanced Data Security (ADS).
C. Configure Always Encrypted.
D. Enable Transparent Data Encryption (TDE).

Answer

C. Configure Always Encrypted.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker