The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.
Table of Contents
- AZ-500 Question 291
- Question
- Answer
- Explanation
- Reference
- AZ-500 Question 292
- Question
- Answer
- Explanation
- AZ-500 Question 293
- Question
- Answer
- AZ-500 Question 294
- Question
- Answer
- Reference
- AZ-500 Question 295
- Question
- Answer
- Reference
- AZ-500 Question 296
- Question
- Answer
- Reference
- AZ-500 Question 297
- Question
- Answer
- Explanation
- Reference
- AZ-500 Question 298
- Question
- Answer
- Reference
- AZ-500 Question 299
- Question
- Answer
- Reference
- AZ-500 Question 300
- Question
- Answer
- Reference
AZ-500 Question 291
Question
You suspect that users are attempting to sign in to resources to which they have no access.
You need to create an Azure Log Analytics query to identify failed user sign-in attempts from the last three days. The results must only show users who had more than five failed sign-in attempts.
How should you configure the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer
Explanation
The following example identifies user accounts that failed to log in more than five times in the last day, and when they last attempted to log in.
let timeframe = 1d;
SecurityEvent
| where TimeGenerated > ago(1d)
| where AccountType == ‘User’ and EventID == 4625 // 4625 – failed log in
| summarize failed_login_attempts=count(), latest_failed_login=arg_max(TimeGenerated, Account) by Account
| where failed_login_attempts > 5
| project-away Account1
Reference
- Azure Data Explorer > Kusto > Kusto Query Language > Samples for Kusto Queries
AZ-500 Question 292
Question
SIMULATION –
You need to ensure that when administrators deploy resources by using an Azure Resource Manager template, the deployment can access secrets in an Azure key vault named KV11597200.
To complete this task, sign in to the Azure portal.
Answer
See the explanation below.
Explanation
- You need to configure an option in the Advanced Access Policy of the key vault.
- In the Azure portal, type Azure Key Vault in the search box, select Azure Key Vault from the search results then select the key vault named KV11597200. Alternatively, browse to Azure Key Vault in the left navigation pane.
- In the properties of the key vault, click on Advanced Access Policies.
- Tick the checkbox labelled Enable access to Azure Resource Manager for template deployment.
- Click Save to save the changes.
AZ-500 Question 293
Question
You have an Azure subscription that contains the resources shown in the following table.
| Name | Type | Attached to | NSG |
|---|---|---|---|
| NSG1 | Network security group (NSG) | VM5 | Not applicable |
| NSG2 | Network security group (NSG) | Subnet1 | Not applicable |
| Subnet1 | Subnet | Not applicable | Not applicable |
| VM5 | Virtual machine | Subnet1 | NSG1 |
An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.
VM5 has just in time (JIT) VM access configured as shown in the following exhibit.
You enable JIT VM access for VM5.
NSG1 has the inbound rules shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Statements:
- Deleting the security rule that has a priority of 100 will revoke the approved JIT access request.
- Remote Desktop access to VM5 is blocked.
- An Azure Bastion host will enable Remote Desktop access to VM5 from the internet.
Answer
- Deleting the security rule that has a priority of 100 will revoke the approved JIT access request: Yes
- Remote Desktop access to VM5 is blocked: Yes
- An Azure Bastion host will enable Remote Desktop access to VM5 from the internet: No
AZ-500 Question 294
Question
You have an Azure subscription that contains an Azure key vault named Vault1.
On January 1, 2019, Vault1 stores the following secrets.
Which can each secret be used by an application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Password1:
- Never
- Always
- Only after May 1, 2019
Password2:
- Never
- Always
- Only between March 1, 2019 and May 1, 2019
Answer
Password1: Never
Password2: Only between March 1, 2019 and May 1, 2019
Reference
- Azure > Azure PowerShell > Reference > AzureRM.KeyVault > Set-AzureKeyVaultSecretAttribute
AZ-500 Question 295
Question
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.
Currently, the domain and the tenant are not integrated.
You need to ensure that User1 can access share1 by using his domain credentials.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Actions:
- Create a private link to storage1.
- Enable Active Directory Domain Services (AD DS) authentication on storage1.
- Implement Azure AD Connect.
- Create a service endpoint to storage1.
- Assign share-level permissions for share1.
Answer
- Implement Azure AD Connect.
- Enable Active Directory Domain Services (AD DS) authentication on storage1.
- Assign share-level permissions for share1.
Reference
- Azure > Security > Microsoft Defender for Cloud > Tutorial: Improve your regulatory compliance
AZ-500 Question 296
Question
You have an Azure subscription named Subscription1.
You need to view which security settings are assigned to Subscription1 by default.
Which Azure policy or initiative definition should you review?
A. the Audit diagnostic setting policy definition
B. the Enable Monitoring in Azure Security Center initiative definition
C. the Enable Azure Monitor for VMs initiative definition
D. the Azure Monitor solution ‘Security and Audit’ must be deployed policy definition
Answer
B. the Enable Monitoring in Azure Security Center initiative definition
Reference
- Azure > Security > Microsoft Defender for Cloud> Manage security policies
- Azure > Security > Microsoft Defender for Cloud > Azure Policy built-in definitions for Microsoft Defender for Cloud
AZ-500 Question 297
Question
SIMULATION –
You need to enable Advanced Data Security for the SQLdb1 Azure SQL database. The solution must ensure that Azure Advanced Threat Protection (ATP) alerts are sent to [email protected].
To complete this task, sign in to the Azure portal and modify the Azure resources.
Answer
See explanation below.
Explanation
- In the Azure portal, type SQL in the search box, select SQL databases from the search results then select SQLdb1. Alternatively, browse to SQL databases in the left navigation pane.
- In the properties of SQLdb1, scroll down to the Security section and select Advanced data security.
- Click on the Settings icon.
- Tick the Enable Advanced Data Security at the database level checkbox.
- Click Yes at the confirmation prompt.
- In the Storage account select a storage account if one isn’t selected by default.
- Under Advanced Threat Protection Settings, enter [email protected] in the Send alerts to box.
- Click the Save button to save the changes.
Reference
AZ-500 Question 298
Question
You have an Azure Active Directory (Azure AD) tenant and a root management group.
You create 10 Azure subscriptions and add the subscriptions to the rout management group.
You need to create an Azure Blueprints definition that will be stored in the root management group.
What should you do first?
A. Add an Azure Policy definition to the root management group.
B. Modify the role-based access control (RBAC) role assignments for the root management group.
C. Create a user-assigned identity.
D. Create a service principal.
Answer
B. Modify the role-based access control (RBAC) role assignments for the root management group.
Reference
- Azure > Role-based access control > Elevate access to manage all Azure subscriptions and management groups
AZ-500 Question 299
Question
You need to configure support for Azure Sentinel notebooks to meet the technical requirements.
What is the minimum number of Azure container registries and Azure Machine Learning workspaces required?
Container registries:
- 0
- 1
- 2
- 3
Workspaces:
- 0
- 1
- 2
- 3
Answer
Container registries: 0
Workspaces: 1
Reference
- Azure > Security > Microsoft Sentinel > Use Jupyter notebooks to hunt for security threats
AZ-500 Question 300
Question
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing an application named App1. App1 will run as a service on server that runs Windows Server 2016. App1 will authenticate to contoso.com and access Microsoft Graph to read directory data.
You need to delegate the minimum required permissions to App1.
Which three actions should you perform in sequence from the Azure portal? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Actions:
- Grant permissions.
- Add a delegated permission.
- Configure Azure AD Application Proxy.
- Add an application permission.
- Create an app registration.
Answer
- Create an app registration
- Add an application permission
- Grant permissions
Reference
- Azure > Active Directory > Develop > Permissions and consent in the Microsoft identity platform