Question # 1
You have an Azure subscription named Sub1.
In Azure Security Center, you have a workflow automation named WF1. WF1 is configured to send an email message to a user named User1.
You need to modify WF1 to send email messages to a distribution group named Alerts.
What should you use to modify WF1? |
A. Azure Application Insights | B. Azure Monitor | C. Azure Logic Apps Designer | D. Azure DevOps |
C. Azure Logic Apps Designer
Explanation:
[Reference:, https://docs.microsoft.com/en-us/azure/security-center/workflow-automation, https://docs.microsoft.com/en-us/learn/modules/resolve-threats-with-azure-security-center/6-exerciseconfigure-playbook, , , ]
Question # 2
You have the Azure resource shown in the following table.
You need to meet the following requirements:
* Internet-facing virtual machines must be protected by using network security groups (NSGs).
* All the virtual machines must have disk encryption enabled.
What is the minimum number of security that you should create in Azure Security Center?
|
A. 1 | B. 2 | C. 3 | D. 4 |
D. 4
Question # 3
You have an Azure Active Directory (Azure AD) tenant that contains a user named Admin1. Admin1 is assigned the Application developer role.
You purchase a cloud app named App1 and register App1 in Azure AD.
Admin1 reports that the option to enable token encryption for App1 is unavailable.
You need to ensure that Admin1 can enable token encryption for App1 in the Azure portal.
What should you do?
|
A. Upload a certificate for App1. | B. Modify the API permissions of App1. | C. Add App1 as an enterprise application. | D. Assign Admin1 the Cloud application administrator role. |
C. Add App1 as an enterprise application.
Explanation:
This is a tricky one because uploading a certificate is also required. However, the question states that the Token Encryption option is unavailable. This is because the app is not added as an enterprise application. When the app is added as an enterprise application, the Token Encryption option will be available. Then you can upload the certificate.
[Reference:, https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/howto-saml-token-encryption, , , , ]
Question # 4
You have an Azure Active Directory (Azure AD) tenant named contoso.com
You need to configure diagnostic settings for contoso.com. The solution must meet the following requirements:
• Retain loqs for two years.
• Query logs by using the Kusto query language
• Minimize administrative effort.
Where should you store the logs?
|
A. an Azure Log Analytics workspace | B. an Azure event hub | C. an Azure Storage account |
A. an Azure Log Analytics workspace
Explanation:
https://docs.microsoft.com/en-us/azure/azu re-monitor/log-query/get-started-queries
Question # 5
You have an Azure subscription that contains a user named User1. You need to ensure that User1 can create managed identities. The solution must use the principle of least privilege.
What should you do? |
A. Create a resource group and assign User1 to the Managed Identity Contributor role. | B. Create a management group and assign User1 the Managed Identity Operator role. | C. Create an organizational unit (OU) and assign User1 the User administrator Azure AD role. | D. Create management group and assign User1 the Hybrid Identity Administrator Azure AD role. |
A. Create a resource group and assign User1 to the Managed Identity Contributor role.
Question # 6
You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry.
You need to use the automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry.
What should you create? |
A. an Azure AD user | B. a secret in Azure Key Vault | C. an Azure AD group | D. a role assignment |
D. a role assignment
Question # 7
You have an Azure environment.
You need to identify any Azure configurations and workloads that are non-compliant with ISO 27001
standards. What should you use? |
A. Azure Sentinel | B. Azure Active Directory (Azure AD) Identity Protection | C. Azure Security Center | D. Azure Advanced Threat Protection (ATP) |
C. Azure Security Center
Explanation:
[Reference:, https://docs.microsoft.com/en-us/azure/security-center/security-center-compliance-dashboard, , , , ]
Question # 8
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Security Center for the centralized policy management of three Azure subscriptions.
You use several policy definitions to manage the security of the subscriptions.
You need to deploy the policy definitions as a group to all three subscriptions.
Solution: You create an initiative and an assignment that is scoped to a management group.
Does this meet the goal?
|
A. Yes | B. No |
A. Yes
Explanation:
References:
https://docs.microsoft.com/e n-us/azure/governance/policy/overview
Question # 9
You have an Azure subscription. That contains the virtual machines shown in the following table.
You need to enable file integrity monitoring in Microsoft Defender for Cloud. Which computers will support file integrity monitoring? |
A. Computed only | B. Computer 1 and Computer2 only | C. Computed and Computed only | D. Computer1, Computer2, and Computer3 |
D. Computer1, Computer2, and Computer3
Question # 10
You need to create Role1 to meet the platform protection requirements.
How should you complete the role definition of Role1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
|
Explanation:
1) Microsoft.Compute/
2) disks
3) /subscrption/{subscriptionId}/resourceGroups/{Resource Group Id}
A new custom RBAC role named Role1 must be used to delegate the administration of the managed disks in Resource Group1. Role1 must be available only for Resource Group1.
Get 425 Microsoft Azure Security Technologies questions Access in less then $0.12 per day.
Microsoft Bundle 1: 1 Month PDF Access For All Microsoft Exams with Updates $100
$400
Buy Bundle 1
Microsoft Bundle 2: 3 Months PDF Access For All Microsoft Exams with Updates $200
$800
Buy Bundle 2
Microsoft Bundle 3: 6 Months PDF Access For All Microsoft Exams with Updates $300
$1200
Buy Bundle 3
Microsoft Bundle 4: 12 Months PDF Access For All Microsoft Exams with Updates $400
$1600
Buy Bundle 4
Disclaimer: Fair Usage Policy - Daily 5 Downloads
Microsoft Azure Security Technologies Exam Dumps
Exam Code: AZ-500
Exam Name: Microsoft Azure Security Technologies
- 90 Days Free Updates
- Microsoft Experts Verified Answers
- Printable PDF File Format
- AZ-500 Exam Passing Assurance
Get 100% Real AZ-500 Exam Dumps With Verified Answers As Seen in the Real Exam. Microsoft Azure Security Technologies Exam Questions are Updated Frequently and Reviewed by Industry TOP Experts for Passing Azure Security Engineer Associate Exam Quickly and Hassle Free.
Microsoft AZ-500 Test Dumps
Struggling with Microsoft Azure Security Technologies preparation? Get the edge you need! Our carefully created AZ-500 test dumps give you the confidence to pass the exam. We offer:
1. Up-to-date Azure Security Engineer Associate practice questions: Stay current with the latest exam content.
2. PDF and test engine formats: Choose the study tools that work best for you. 3. Realistic Microsoft AZ-500 practice exam: Simulate the real exam experience and boost your readiness.
Pass your Azure Security Engineer Associate exam with ease. Try our study materials today!
AZ-500 Practice Test Details
200 Single Choice Questions
18 Multiple Choice Questions
134 Hotspot Questions
34 Drag Drop Questions
5 Fill in the Blanks
17 Performance Based Questions
Official Microsoft Azure Security Technologies exam info is available on Microsoft website at https://learn.microsoft.com/en-us/credentials/certifications/azure-security-engineer/
Prepare your Azure Security Engineer Associate exam with confidence!We provide top-quality AZ-500 exam dumps materials that are:
1. Accurate and up-to-date: Reflect the latest Microsoft exam changes and ensure you are studying the right content.
2. Comprehensive Cover all exam topics so you do not need to rely on multiple sources.
3. Convenient formats: Choose between PDF files and online Microsoft Azure Security Technologies practice questions for easy studying on any device.
Do not waste time on unreliable AZ-500 practice test. Choose our proven Azure Security Engineer Associate study materials and pass with flying colors. Try Dumps4free Microsoft Azure Security Technologies 2024 material today!
Azure Security Engineer Associate Exams
-
Assurance
Microsoft Azure Security Technologies practice exam has been updated to reflect the most recent questions from the Microsoft AZ-500 Exam.
-
Demo
Try before you buy! Get a free demo of our Azure Security Engineer Associate exam dumps and see the quality for yourself. Need help? Chat with our support team.
-
Validity
Our Microsoft AZ-500 PDF contains expert-verified questions and answers, ensuring you're studying the most accurate and relevant material.
-
Success
Achieve AZ-500 success! Our Microsoft Azure Security Technologies exam questions give you the preparation edge.
If you have any question then contact our customer support at live chat or email us at support@dumps4free.com.
Questions People Ask About AZ-500 Exam
The AZ-500 exam is part of Microsoft's role-based certification program and focuses on Microsoft Azure Security Technologies. It validates candidates' skills and knowledge in implementing security controls, maintaining security posture, and identifying and remediating vulnerabilities in Azure.
AZ-500 exam covers four main domains:
-
Manage identity and access (30-35%)
-
Implement platform protection (15-20%)
-
Manage security operations (25-30%)
-
Secure data and applications (20-25%)
Candidates will need to demonstrate practical skills in configuring security policies, implementing threat detection, managing security alerts, and responding to security incidents.
Microsoft offers official learning paths, training courses, and practice exams. You can also use online resources, study guides, and hands-on labs to prepare. Joining study groups and forums can also be beneficial.
|