These are practice questions for Microsoft Azure Security Technologies AZ500 certification exam. An explanation is provided at the end.
Answer 10 multiple-choice questions. Verify the correct answer at end. To help you get started, a study guide is available for the AZ-500 Microsoft Security Technologies preparation.
Here’s the Quiz:
Your organization has successfully implemented Azure Multi-Factor Authentication. You must provide a status report for each user account. Which of the following is not a valid MFA status. Choose one.a. Disabledb. Enabledc. enforcedd. Required
You are creating an Azure AD security team. You can assign group membership in any of the following ways, except? Choose one. Assignedb. Dynamic Devicec. Dynamic Userd. Office 365 User
Identity Protection reported that credentials of a user were leaked. The policy requires that the password be reset. Which Azure AD role can reset your password? Choose one.a. Global Administratorb. Security Administratorc. Security Operatord. Security Reader
Three virtual machines (VM1,VM2,VM3, and VM3) are available in a resource group. The Helpdesk hires new employees. The new employee must have the ability to modify settings on VM3, but not VM1 or VM2. Your solution must minimize administrative overhead. What should you do? Choose one. Assign the user the Contributor role in the resource group. Next, assign the user the Ownerrole in VMb. Move VM3 into a new resource group, and assign the user the Contributor role in VM3.c. Assign the user the Contributor role in VM3.d. Assign the user the Contributor role in the resource group.
You want to enable Azure AD PIM in your directory. Which Azure AD role do you need in order to enable PIM in your directory? Choose one.a. Office 365 Adminb. PIM Administratorc. Global Admind. Co-Administrator
Azure Kubernetes Service is what you need to manage traffic between pods and to block traffic to the backend app. What should you do? Choose one. Create an application gatewayb. Create an Azure firewallc. Create an AKS network policy. Create a network security group
How does Azure Key Vault protect your secrets once they are loaded by your app Choose one. Azure Key Vault protects the memory regions used by your app to prevent accidental secret exposure. Azure Key Vault double-encrypts secrets and requires that your app decrypt them locally each time they are used. It does not protect secrets. Once secrets are loaded by your application, they are not protected. Azure Key Vault automatically generates new secrets after each use.
Sentinel is being used to investigate an incident. You can see all of the incident details when you view it. Choose one. Incident IDb. Number of entities involvedc. Raw events that caused the incidentd. Severitye. Incident owner
The Azure Security Centre dashboard displays a Secure Score. How would you describe this score? Choose one. Only premium features can affect the Secure Score. The Secure Score is calculated by comparing healthy resources to total resources. The Secure Score is a machine-learning-based prediction of how likely your resources are to be infiltrated by a hacker.d. The Secure Score is a count that shows how many recommendations have been made against your monitored resources.
Lab scenario:
You were asked to create a proof-of-concept for monitoring the performance of virtual machines.
You want to:
You can create a virtual machine so that logs and telemetry can be collected.
Show how telemetry and logs are collected.
Demonstrate how data can be used and questioned.
Lab Exercise: Collect data using Azure Monitor to monitor a virtual machine in Azure.
Correct Answers
d.Explanation MFA has three states: Enabled (Enforced), and Disabled.
d.Explanation : Office 365 User. When you