Exams > Microsoft > AZ-500: Microsoft Azure Security Technologies
AZ-500: Microsoft Azure Security Technologies
Page 16 out of 39 pages Questions 151-160 out of 388 questions
Question#151

HOTSPOT -
You have an Azure subscription that contains a user named Admin1 and a resource group named RG1.
In Azure Monitor, you create the alert rules shown in the following table.

Admin1 performs the following actions on RG1:
✑ Adds a virtual network named VNET1
✑ Adds a Delete lock named Lock1
Which rules will trigger an alert as a result of the actions of Admin1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Discover Answer Hide Answer

Answer:

Question#152

You have an Azure subscription that contains 100 virtual machines and has Azure Defender enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. the user-assigned managed identity
  • B. the workspace ID
  • C. the Azure Active Directory (Azure AD) ID
  • D. the Key Vault managed storage account key
  • E. the system-assigned managed identity
  • F. the primary shared key
Discover Answer Hide Answer

Answer: AC

Question#153

You have an Azure subscription that contains a user named Admin1 and a virtual machine named VM1. VM1 runs Windows Server 2019 and was deployed by using an Azure Resource Manager template. VM1 is the member of a backend pool of a public Azure Basic Load Balancer.
Admin1 reports that VM1 is listed as Unsupported on the Just in time VM access blade of Azure Security Center.
You need to ensure that Admin1 can enable just in time (JIT) VM access for VM1.
What should you do?

  • A. Create and configure a network security group (NSG).
  • B. Create and configure an additional public IP address for VM1.
  • C. Replace the Basic Load Balancer with an Azure Standard Load Balancer.
  • D. Assign an Azure Active Directory Premium Plan 1 license to Admin1.
Discover Answer Hide Answer

Answer: A
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time?tabs=jit-config-asc%2Cjit-request-asc

Question#154

HOTSPOT -
You have an Azure Sentinel workspace that contains an Azure Active Directory (Azure AD) connector, an Azure Log Analytics query named Query1, and a playbook named Playbook1.
Query1 returns a subset of security events generated by Azure AD.
You plan to create an Azure Sentinel analytic rule based on Query1 that will trigger Playbook1.
You need to ensure that you can add Playbook1 to the new rule.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Discover Answer Hide Answer

Answer:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

Question#155

HOTSPOT -
You have an Azure subscription that contains the resources shown in the following table.

An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.
VM5 has just in time (JIT) VM access configured as shown in the following exhibit.

You enable JIT VM access for VM5.
NSG1 has the inbound rules shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Discover Answer Hide Answer

Answer:

Question#156

You have an Azure Active Directory (Azure AD) tenant and a root management group.
You create 10 Azure subscriptions and add the subscriptions to the root management group.
You need to create an Azure Blueprints definition that will be stored in the root management group.
What should you do first?

  • A. Modify the role-based access control (RBAC) role assignments for the root management group.
  • B. Add an Azure Policy definition to the root management group.
  • C. Create a user-assigned identity.
  • D. Create a service principal.
Discover Answer Hide Answer

Answer: A
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin

Question#157

HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

Contoso.com contains a group naming policy. The policy has a custom blocked word list rule that includes the word Contoso.
Which users can create a group named Contoso Sales in contoso.com? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Discover Answer Hide Answer

Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy

Question#158

DRAG DROP -
You have five Azure subscriptions linked to a single Azure Active Directory (Azure AD) tenant.
You create an Azure Policy initiative named SecurityPolicyInitiative1.
You identify which standard role assignments must be configured on all new resource groups.
You need to enforce SecurityPolicyInitiative1 and the role assignments when a new resource group is created.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Discover Answer Hide Answer

Answer:
Reference:
https://docs.microsoft.com/en-us/azure/governance/blueprints/create-blueprint-portal https://docs.microsoft.com/en-us/azure/azure-australia/azure-policy

Question#159

You have three on-premises servers named Server1, Server2, and Server3 that run Windows Server 2019. Server1 and Server2 are located on the internal network. Server3 is located on the perimeter network. All servers have access to Azure.
From Azure Sentinel, you install a Windows firewall data connector.
You need to collect Microsoft Defender Firewall data from the servers for Azure Sentinel.
What should you do?

  • A. Create an event subscription from Server1, Server2, and Server3.
  • B. Install the On-premises data gateway on each server.
  • C. Install the Microsoft Monitoring Agent on each server.
  • D. Install the Microsoft Monitoring Agent on Server1 and Server2. Install the On-premises data gateway on Server3.
Discover Answer Hide Answer

Answer: C
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/connect-windows-firewall

Question#160

You have an Azure subscription that contains several Azure SQL databases and an Azure Sentinel workspace.
You need to create a saved query in the workspace to find events reported by Azure Defender for SQL.
What should you do?

  • A. From Azure CLI, run the Get-AzOperationalInsightsWorkspace cmdlet.
  • B. From the Azure SQL Database query editor, create a Transact-SQL query.
  • C. From the Azure Sentinel workspace, create a Kusto query language query.
  • D. From Microsoft SQL Server Management Studio (SSMS), create a Transact-SQL query.
Discover Answer Hide Answer

Answer: C

chevron rightPrevious Nextchevron right