












Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Azure certificate mainly for freshers, experienced, students
Typology: Exams
1 / 20
This page cannot be seen from the preview
Don't miss anything!













Exam : AZ-
Title : Microsoft Azure Security
Technologies
Vendor : Microsoft
Version : DEMO
IT Certification Guaranteed, The Easy Way!
1 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 1
https://docs.microsoft.com/en-us/azure/automation/automation-update- management?toc=%2Fazure%2Fautomati
To complete this task, sign in to the Azure portal and modify the Azure resources. This task might take several minutes to complete. You can perform other tasks while the task completes.
See the explanation below. Explanation To add an Azure firewall to a VNET, the VNET must first be configured with a subnet named AzureFirewallSubnet (if it doesn't already exist). Configure VNET3.
the web app by using Azure Active Directory (Azure AD). To complete this task, sign in to the Azure portal.
See the explanation below.
IT Certification Guaranteed, The Easy Way!
3 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 3
the identity and access requirements. What should you use in the Azure portal? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation
IT Certification Guaranteed, The Easy Way!
4 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 4
Subnet1 and Subnet2 have a Microsoft.Storage service endpoint configured. You have an Azure Storage account named storageacc1 that is configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
IT Certification Guaranteed, The Easy Way!
6 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 6
Explanation
Box 1: Yes The public IP of VM1 is allowed through the firewall. Box 2: No The allowed virtual network list is empty so VM2 cannot access storageacc1 directly. The public IP address of VM2 is not in the allowed IP list so VM2 cannot access storageacc1 over the Internet. Box 3: No The allowed virtual network list is empty so VM3 cannot access storageacc1 directly. VM3 does not have a public IP address so it cannot access storageacc1 over the Internet. Reference: https://docs.microsoft.com/en-gb/azure/storage/common/storage-network-security
Directory (Azure AD) tenant named contoso.com. You plan to configure synchronization by using the Express Settings installation option in Azure AD Connect. You need to identify which roles and groups are required to perform the planned configurations. The solution must use the principle of least privilege. Which two roles and groups should you identify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
IT Certification Guaranteed, The Easy Way!
7 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 7
Explanation
following table.
IT Certification Guaranteed, The Easy Way!
9 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 9
You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
Explanation
IT Certification Guaranteed, The Easy Way!
10 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 10
IT Certification Guaranteed, The Easy Way!
12 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 12
You need to prevent administrative users from accidentally deleting a virtual network named VNET1. The administrative users must be allowed to modify the settings of VNET1. To complete this task, sign in to the Azure portal.
See the explanation below. Explanation Locking prevents other users in your organization from accidentally deleting or modifying critical resources, such as Azure subscription, resource group, or resource. Note: In Azure, the term resource refers to an entity managed by Azure. For example, virtual machines, virtual networks, and storage accounts are all referred to as Azure resources.
IT Certification Guaranteed, The Easy Way!
13 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 13
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources
The User administrator role is assigned to a user named Admin1. An external partner has a Microsoft account that uses the [email protected] sign in. Admin1 attempts to invite the external partner to sign in to the Azure AD tenant and receives the following error message: "Unable to invite user [email protected] Generic authorization exception." You need to ensure that Admin1 can invite the external partner to sign in to the Azure AD tenant. What should you do?
Explanation You need to allow guest invitations in the External collaboration settings.
In Vault1, you create a secret named Secret1. An application developer registers an application in Azure Active Directory (Azure AD). You need to ensure that the application can use Secret1. What should you do?
Explanation "You may need to configure the target resource to allow access from your application. For example, if you request a token to Key Vault, you need to make sure you have added an access policy that includes your application's identity. Otherwise, your calls to Key Vault will be rejected, even if they include the token" https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet
Registry. You need to use automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry. What should you create?
IT Certification Guaranteed, The Easy Way!
15 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 15
Explanation References: https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal
You need to prevent the blobs in container1 from being modified. What should you do?
Explanation References: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage?tabs=azure- portal
To enter your username, place your cursor in the Sign in box and click on the username below. To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: [email protected] Azure Password: Ag1Bh9!#Bd The following information is for technical support purposes only: Lab Instance: 10598168
IT Certification Guaranteed, The Easy Way!
16 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 16
You need to ensure that a user named user21059868 can manage the properties of the virtual machines in the RG1lod10598168 resource group. The solution must use the principle of least privilege. To complete this task, sign in to the Azure portal.
See the explanation below. Explanation
IT Certification Guaranteed, The Easy Way!
18 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 18
Service (AKS) cluster AKS1. You discover that AKS1 cannot be accessed by using accounts from Contoso.com You need to ensure AKS1 can be accessed by using accounts from Contoso.com The solution must minimize administrative effort. What should you do first?
IT Certification Guaranteed, The Easy Way!
19 Get Latest & Valid az-500 Exam's Question and Answers from Actualpdf.com. 19