DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Master Microsoft AZ-500 Exams with Exam Questions & Study Materials, Microsoft Azure Security Engineer Associate | SPOTO

High-quality practice tests can help you succeed on your first attempt at passing the certification exam. The Microsoft AZ-500 certification validates skills in implementing security controls, maintaining security posture, and identifying vulnerabilities. It covers security aspects like identity and access management, platform protection, security operations, and data security. Our practice tests, free tests, exam practice resources, online exam questions, sample questions, exam dumps, exam questions and answers, mock exams, and comprehensive exam materials are designed to effectively prepare you for the AZ-500 exam. These resources provide a thorough understanding of the topics and ensure you're well-equipped to achieve certification success.
Take other online exams
Question #1
You have a web app named WebApp1.You create a web application firewall (WAF) policy named WAF1.You need to protect WebApp1 by using WAF1.What should you do first?
A. Deploy an Azure Front Door
B. Add an extension to WebApp1
C. Deploy Azure Firewall
View answer
Correct Answer: A
Question #2
You have an Azure subscription named Sub1 that contains the Azure key vaults shown in the following table:In Sub1, you create a virtual machine that has the following configurations:Name: VM1Size: DS2v2Resource group: RG1Region: West EuropeOperating system: Windows Server 2016You plan to enable Azure Disk Encryption on VM1.In which key vaults can you store the encryption key for VM1?
A. Vault1 or Vault3 only
B. Vault1, Vault2, Vault3, or Vault4
C. Vault1 only
D. Vault1 or Vault2 only
View answer
Correct Answer: A
Question #3
You have an Azure subscription that contains an Azure SQL database named sql1.You plan to audit sql1.You need to configure the audit log destination. The solution must meet the following requirements:Support querying events by using the Kusto query language. Minimize administrative effort.What should you configure?
A. an event hub
B. a storage account
C. a Log Analytics workspace
View answer
Correct Answer: C
Question #4
You have a Microsoft Entra tenant that contains a user named User1. You plan to enable passwordless authentication for the tenant. You need to ensure that User1 can enable the combined registration experience. The solution must use the principle of least privilege. Which role should you assign to User1?
A. ecurity Administrator
B. lobal Administrator
C. rivileged Role Administrator
D. uthentication Administrator
View answer
Correct Answer: D
Question #5
You have an Azure subscription that contains an Azure Key Vault Standard key vault named Vault1. Vault1 hosts a 2048-bit RSA key named key1. You need to ensure that key1 is rotated every 90 days. What should you do first?
A. reate a key rotation policy
B. odify the Access policies settings of Vault1
C. pgrade Vault1 to Key Vault Premium
D. ecreate key1 as an EC key
View answer
Correct Answer: A
Question #6
You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry. You need to use the automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry. What should you create?
A. n Azure AD user
B. secret in Azure Key Vault
C. n Azure AD group
D. role assignment
View answer
Correct Answer: D
Question #7
You have an Azure subscription named Sub1. Sub1 contains a virtual network named VNet1 that contains one subnet named Subnet1. Subnet1 contains an Azure virtual machine named VM1 that runs Ubuntu Server 20.04. You create a service endpoint for Microsoft. Storage in Subnet1. You need to ensure that when you deploy Docker containers to VM1, the containers can access Azure Storage resources by using the service endpoint. What should you do on VM1 before you deploy the container?
A. reate an application security group and a network security group (NSG)
B. nstall the container network interface (CNI) plug-in
C. dit the docker-compose
View answer
Correct Answer: B
Question #8
You have an Azure subscription that contains a virtual machine named VM1.You create an Azure key vault that has the following configurations:Name: Vault5Region: West USResource group: RG1You need to use Vault5 to enable Azure Disk Encryption on VM1. The solution must support backing up VM1 by using AzureBackup.Which key vault settings should you configure?
A. Access policies
B. Secrets
C. Keys
D. Locks
View answer
Correct Answer: A
Question #9
You have an Azure subscription named Sub1 that contains the resources shown in the following table.You need to ensure that you can provide VM1 with secure access to a database on SQL1 by using a contained databaseuser.What should you do?
A. Enable a managed identity on VM1
B. Create a secret in KV1
C. Configure a service endpoint on SQL1
D. Create a key in KV1
View answer
Correct Answer: B
Question #10
You have an Azure subscription that contains four Azure SQL managed instances.You need to evaluate the vulnerability of the managed instances to SQL injection attacks.What should you do first?
A. Create an Azure Sentinel workspace
B. Enable Advanced Data Security
C. Add the SQL Health Check solution to Azure Monitor
D. Create an Azure Advanced Threat Protection (ATP) instance
View answer
Correct Answer: B
Question #11
You have an Azure subscription that uses Microsoft Defender for Cloud. You have an Amazon Web Service (AWS) account named AWS1 that is connected to defender for Cloud. You need to ensure that AWS foundational Security Best Practices. The solution must minimize administrate effort. What should do you in Defender for Cloud?
A. reate a new customer assessment
B. ssign a built-in assessment
C. ssign a built-in compliance standard
D. reate a new custom standard
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.