How Many Questions Of Az-500 Pdf Exam

NEW QUESTION 1

Lab Task
use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password. place your cursor in the Enter password box and click on the password below. Azure Username: Userl -28681041@ExamUsers.com
Azure Password: GpOAe4@lDg
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only: Lab Instance: 28681041
Task 3
The developers at your company plan to create a web app named App28681041 and to publish the app to https://www.contoso.com. You need to perform the following tasks:
• Ensure that App28681041 is registered to Azure AD.
• Generate a password for App28681041.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 2

You have an Azure subscription that uses Microsoft Defender for Cloud.
You need to use Defender for Cloud to review regulatory compliance with the Azure CIS 1.4,0 standard. The solution must minimize administrative effort.
What should you do first?

• A. Assign an Azure policy.
• B. Manually add the Azure CIS 1.4.0 standard.
• C. Disable one of the Out of the box standards.
• D. Add a custom initiative.

Answer: A

NEW QUESTION 3

You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1. You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers
connect to LAW1. LAW1 is configured to collect security-related performance counters from the connected servers.
You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:
Alert rules must support dimensions.
The time it takes to generate an alert must be minimized.
resolved.
Which signal type should you use when you create the alert rules?

• A. Log
• B. Log (Saved Query)
• C. Metric
• D. Activity Log

Answer: C

Explanation:
Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a threshold. Metric alerts work on a range of multi-dimensional platform metrics, custom metrics, Application Insights standard and custom metrics.
Note: Signals are emitted by the target resource and can be of several types. Metric, Activity log, Application Insights, and Log.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric

NEW QUESTION 4

You have an Azure subscription that contains the virtual machines shown in the following table.

You have an Azure Cosmos DB account named cosmos1 configured as shown in the following exhibit.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 5

You have an Azure subscription that contains the storage accounts shown in the following, table.

You enable Microsoft Defender for Storage.
Which storage services of storages are monitored by Microsoft Defender for Storage, and which storage accounts are protected by Microsoft Defender for Storage? To answer, select the appropriate options in the answer area.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6

You have a network security group (NSG) bound to an Azure subnet.
You run Get-AzureRmNetworkSecurityRuleConfig and receive the output shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7

You have a Azure subscription that contains an Azure Container Registry named Registry1. The subscription uses the Standard use tier of Azure Security Center.
You upload several container images to Register1.
You discover that vulnerability security scans were not performed
You need to ensured that the images are scanned for vulnerabilities when they are uploaded to Registry1. What should you do?

• A. From the Azure portal modify the Pricing tier settings.
• B. From Azure CLI, lock the container images.
• C. Upload the container images by using AzCopy
• D. Push the container images to Registry1 by using Docker

Answer: A

Explanation:

Reference:
https://charbelnemnom.com/scan-container-images-in-azure-container-registry-with-azure-security-center/

NEW QUESTION 8

Your network contains an Active Directory forest named contoso.com. You have an Azure Directory (Azure AD) tenant named contoso.com.
You plan to configure synchronization by using the Express Settings installation option in Azure AD Connect. You need to identify which roles and groups are required to perform the planned configurations. The solution
must use the principle of least privilege.
Which two roles and groups should you identify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A. the Domain Admins group in Active Directory
• B. the Security administrator role in Azure AD
• C. the Global administrator role in Azure AD
• D. the User administrator role in Azure AD
• E. the Enterprise Admins group in Active Directory

Answer: CE

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions

NEW QUESTION 9

You have an Azure subscription that contains an instance of Azure Firewall Standard named AzFWL You need to identify whether you can use the following features with AzFW1:
• TLS inspection
• Threat intelligence
• The network intrusion detection and prevention systems (IDPS) What can you use?

• A. TLS inspection only
• B. threat intelligence only
• C. TLS inspection and the IDPS only
• D. threat intelligence and the IDPS only
• E. TLS inspection, threat intelligence, and the IDPS

Answer: E

NEW QUESTION 10

You have the role assignments shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 11

You have an Azure key vault named KeyVault1 that contains the items shown in the following table.

In KeyVault1 the following events occur in sequence:
• item is deleted.
• ltem2 and Policy1 are deleted.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12

You have an Azure subscription that contains the following Azure firewall:
• Name: Fw1
• Azure region: UK West
• Private IP address: 10.1.3.4
• Public IP address: 23.236.62.147
The subscription contains. The virtual networks shown in the following table.

The subscription contains the subnets shown in the following table.

The subscription contains the routes shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

You have an Azure Sentinel deployment.
You need to create a scheduled query rule named Rule1. What should you use to define the query rule logic for Rule1?

• A. a Transact-SQL statement
• B. a JSON definition
• C. GraphQL
• D. a Kusto query

Answer: D

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom

NEW QUESTION 14

You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table.

You schedule two update deployments named Update1 and Update2. Update1 updates VM3. Update2 updates VM6.
Which additional virtual machines can be updated by using Update1 and Update2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 15

From Azure Security, you create a custom alert rule.
You need to configure which users will receive an email message when the alert is triggered. What should you do?

• A. From Azure Monitor, create an action group.
• B. From Security Center, modify the Security policy settings of the Azure subscription.
• C. From Azure Active Directory (Azure AD). modify the members of the Security Reader role group.
• D. From Security Center, modify the alert rule.

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups

NEW QUESTION 16

You have an Azure subscription that contains the virtual machines shown in the following table.

You create the Azure policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 17

You have an Azure subscription that contains the virtual machines shown in the following table.

Subnet1 and Subnet2 have a Microsoft.Storage service endpoint configured.
You have an Azure Storage account named storageacc1 that is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 18
......