Skip to Content

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers – 4

The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.

AZ-500 Microsoft Azure Security Technologies Exam Questions and Answers

Question 291

Question

You suspect that users are attempting to sign in to resources to which they have no access.
You need to create an Azure Log Analytics query to identify failed user sign-in attempts from the last three days. The results must only show users who had more than five failed sign-in attempts.
How should you configure the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question: The results must only show users who had more than five failed sign-in attempts. How should you configure the query?

Answer

Answer: The results must only show users who had more than five failed sign-in attempts. How should you configure the query?

Explanation

The following example identifies user accounts that failed to log in more than five times in the last day, and when they last attempted to log in.
let timeframe = 1d;
SecurityEvent
| where TimeGenerated > ago(1d)
| where AccountType == ‘User’ and EventID == 4625 // 4625 – failed log in
| summarize failed_login_attempts=count(), latest_failed_login=arg_max(TimeGenerated, Account) by Account
| where failed_login_attempts > 5
| project-away Account1

Reference

Question 292

Question

SIMULATION –
You need to ensure that when administrators deploy resources by using an Azure Resource Manager template, the deployment can access secrets in an Azure key vault named KV11597200.
To complete this task, sign in to the Azure portal.

Answer

See the explanation below.

Explanation

  1. You need to configure an option in the Advanced Access Policy of the key vault.
  2. In the Azure portal, type Azure Key Vault in the search box, select Azure Key Vault from the search results then select the key vault named KV11597200. Alternatively, browse to Azure Key Vault in the left navigation pane.
  3. In the properties of the key vault, click on Advanced Access Policies.
  4. Tick the checkbox labelled Enable access to Azure Resource Manager for template deployment.
  5. Click Save to save the changes.

Question 293

Question

You have an Azure subscription that contains the resources shown in the following table.

Name Type Attached to NSG
NSG1 Network security group (NSG) VM5 Not applicable
NSG2 Network security group (NSG) Subnet1 Not applicable
Subnet1 Subnet Not applicable Not applicable
VM5 Virtual machine Subnet1 NSG1

An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.
VM5 has just in time (JIT) VM access configured as shown in the following exhibit.

VM5 has just in time (JIT) VM access configured as shown in the following exhibit.

You enable JIT VM access for VM5.
NSG1 has the inbound rules shown in the following exhibit.

NSG1 has the inbound rules shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Statements:

  • Deleting the security rule that has a priority of 100 will revoke the approved JIT access request.
  • Remote Desktop access to VM5 is blocked.
  • An Azure Bastion host will enable Remote Desktop access to VM5 from the internet.

Answer

  • Deleting the security rule that has a priority of 100 will revoke the approved JIT access request: Yes
  • Remote Desktop access to VM5 is blocked: Yes
  • An Azure Bastion host will enable Remote Desktop access to VM5 from the internet: No

Question 294

Question

You have an Azure subscription that contains an Azure key vault named Vault1.
On January 1, 2019, Vault1 stores the following secrets.

On January 1, 2019, Vault1 stores the following secrets.

Which can each secret be used by an application? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Password1:

  • Never
  • Always
  • Only after May 1, 2019

Password2:

  • Never
  • Always
  • Only between March 1, 2019 and May 1, 2019

Answer

Password1: Never
Password2: Only between March 1, 2019 and May 1, 2019

Reference

Question 295

Question

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.
Currently, the domain and the tenant are not integrated.
You need to ensure that User1 can access share1 by using his domain credentials.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Actions:

  • Create a private link to storage1.
  • Enable Active Directory Domain Services (AD DS) authentication on storage1.
  • Implement Azure AD Connect.
  • Create a service endpoint to storage1.
  • Assign share-level permissions for share1.

Answer

  • Implement Azure AD Connect.
  • Enable Active Directory Domain Services (AD DS) authentication on storage1.
  • Assign share-level permissions for share1.

Reference

Question 296

Question

You have an Azure subscription named Subscription1.
You need to view which security settings are assigned to Subscription1 by default.
Which Azure policy or initiative definition should you review?

A. the Audit diagnostic setting policy definition
B. the Enable Monitoring in Azure Security Center initiative definition
C. the Enable Azure Monitor for VMs initiative definition
D. the Azure Monitor solution ‘Security and Audit’ must be deployed policy definition

Answer

B. the Enable Monitoring in Azure Security Center initiative definition

Reference

Question 297

Question

SIMULATION –
You need to enable Advanced Data Security for the SQLdb1 Azure SQL database. The solution must ensure that Azure Advanced Threat Protection (ATP) alerts are sent to [email protected]
To complete this task, sign in to the Azure portal and modify the Azure resources.

Answer

See explanation below.

Explanation

  1. In the Azure portal, type SQL in the search box, select SQL databases from the search results then select SQLdb1. Alternatively, browse to SQL databases in the left navigation pane.
  2. In the properties of SQLdb1, scroll down to the Security section and select Advanced data security.
  3. Click on the Settings icon.
  4. Tick the Enable Advanced Data Security at the database level checkbox.
  5. Click Yes at the confirmation prompt.
  6. In the Storage account select a storage account if one isn’t selected by default.
  7. Under Advanced Threat Protection Settings, enter [email protected] in the Send alerts to box.
  8. Click the Save button to save the changes.

Reference

Question 298

Question

You have an Azure Active Directory (Azure AD) tenant and a root management group.
You create 10 Azure subscriptions and add the subscriptions to the rout management group.
You need to create an Azure Blueprints definition that will be stored in the root management group.
What should you do first?

A. Add an Azure Policy definition to the root management group.
B. Modify the role-based access control (RBAC) role assignments for the root management group.
C. Create a user-assigned identity.
D. Create a service principal.

Answer

B. Modify the role-based access control (RBAC) role assignments for the root management group.

Reference

Question 299

Question

You need to configure support for Azure Sentinel notebooks to meet the technical requirements.
What is the minimum number of Azure container registries and Azure Machine Learning workspaces required?

Container registries:

  • 0
  • 1
  • 2
  • 3

Workspaces:

  • 0
  • 1
  • 2
  • 3

Answer

Container registries: 0
Workspaces: 1

Reference

Question 300

Question

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing an application named App1. App1 will run as a service on server that runs Windows Server 2016. App1 will authenticate to contoso.com and access Microsoft Graph to read directory data.
You need to delegate the minimum required permissions to App1.
Which three actions should you perform in sequence from the Azure portal? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Actions:

  • Grant permissions.
  • Add a delegated permission.
  • Configure Azure AD Application Proxy.
  • Add an application permission.
  • Create an app registration.

Answer

  1. Create an app registration
  2. Add an application permission
  3. Grant permissions

Reference

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker