Exampass – unlimited lifetime access to IT training Exams and Certifications in PDF and Exam Engine formats, along with 1800+ other exams and updates

[2021.3] Prep Actual Microsoft AZ-500 Exam Questions For Free Share

Valid Microsoft AZ-500 questions shared by Pass4itsure for helping to pass the Microsoft AZ-500 exam! Get the newest Pass4itsure Microsoft AZ-500 exam dumps with VCE and PDF here: https://www.pass4itsure.com/az-500.html (250 Q&As Dumps).

[Free PDF] Microsoft AZ-500 pdf Q&As https://drive.google.com/file/d/14LrU_GlQS7dVzbRQDQ8HFH74TUL1W08B/view?usp=sharing

Suitable for AZ-500 complete Microsoft learning pathway

The content is rich and diverse, and learning will not become boring. You can learn in multiple ways through the Microsoft AZ-500 exam.

  1. Download 
  2. Answer practice questions, the actual Microsoft AZ-500 test

Microsoft AZ-500 Microsoft Azure Security Technologies

Free Microsoft AZ-500 dumps download

[PDF] Free Microsoft AZ-500 dumps pdf download https://drive.google.com/file/d/14LrU_GlQS7dVzbRQDQ8HFH74TUL1W08B/view?usp=sharing

Pass4itsure offers the latest Microsoft AZ-500 practice test free of charge 1-13

QUESTION 1
You have an Azure subscription named Subcription1 that contains an Azure Active Directory (Azure AD) tenant named
contoso.com and a resource group named RG1.
You create a custom role named Role1 for contoso.com.
You need to identify where you can use Role1 for permission delegation.
What should you identify?
A. contoso.com only
B. contoso.com and RGT only
C. contoso.com and Subscription1 only
D. contoso.com, RG1, and Subcription1
Correct Answer: D


QUESTION 2
From Azure Security Center, you create a custom alert rule.
You need to configure which users will receive an email message when the alert is triggered.
What should you do?
A. From Azure Monitor, create an action group.
B. From Security Center, modify the Security policy settings of the Azure subscription.
C. From Azure Active Directory (Azure AD), modify the members of the Security Reader role group.
D. From Security Center, modify the alert rule.
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups


QUESTION 3
SIMULATION
You need to configure a Microsoft SQL server named Web11597200 only to accept connections from the Subnet0
subnet on the VNET01 virtual network.
To complete this task, sign in to the Azure portal.
A. See the below.
Correct Answer: A
You need to allow access to Azure services and configure a virtual network rule for the SQL Server.
1.
In the Azure portal, type SQL Server in the search box, select SQL Server from the search results then select the server
named web11597200. Alternatively, browse to SQL Server in the left navigation pane.
2.
In the properties of the SQL Server, click Firewalls and virtual networks.
3.
In the Virtual networks section, click on Add existing. This will open the Create/Update virtual network rule window.
4.
Give the rule a name such as Allow_VNET01-Subnet0 (it doesn\\’t matter what name you enter for the exam).
5.
In the Virtual network box, select VNET01.
6.
In the Subnet name box, select Subnet0.
7.
Click the OK button to save the rule.
8.
Back in the Firewall / Virtual Networks window, set the Allow access to Azure services option to On.

QUESTION 4
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

az-500 exam questions-q4

The tenant contains the named locations shown in the following table.

az-500 exam questions-q4-2

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct
selection is worth one point.
Hot Area:

az-500 exam questions-q4-3

Correct Answer:

az-500 exam questions-q4-4

QUESTION 5
SIMULATION
You need to email an alert to a user named [email protected] if the average CPU usage of a virtual machine
named VM1 is greater than 70 percent for a period of 15 minutes.
To complete this task, sign in to the Azure portal.
A. See the below.
Correct Answer: A
Create an alert rule on a metric with the Azure portal
1.
In the portal, locate the resource, here VM1, you are interested in monitoring and select it.
2.
Select Alerts (Classic) under the MONITORING section. The text and icon may vary slightly for different resources.
3.
Select the Add metric alert (classic) button and fill in the fields as per below, and click OK.
Metric: CPU Percentage Condition: Greater than Period: Over last 15 minutes Notify via: email Additional administrator
email(s): [email protected]

az-500 exam questions-q5

Reference: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-insights-alerts-portal

QUESTION 6
HOTSPOT
You have an Azure subscription named Subcription1 that contains the resources shown in the following table.

az-500 exam questions-q6

You create an Azure role by using the following JSON file.

az-500 exam questions-q6-2

You assign Role1 to User1 for RG1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

az-500 exam questions-q6-3

Correct Answer:

az-500 exam questions-q6-4

Reference: https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#compute


QUESTION 7
You have an Azure Active Directory (Azure AD) tenant. You have the deleted objects shown in the following table.

az-500 exam questions-q7

On May 4, 2020, you attempt to restore the deleted objects by using the Azure Active Directory admin center.
Which two objects can you restore? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Group1
B. Group2
C. User2
D. User1
Correct Answer: BC
Deleted users and deleted Office 365 groups are available for restore for 30 days. You cannot restore a deleted security
group.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-restore-deleted


QUESTION 8
SIMULATION
You need to configure a virtual network named VNET2 to meet the following requirements:
1.
Administrators must be prevented from deleting VNET2 accidentally.
2.
Administrators must be able to add subnets to VNET2 regularly.
To complete this task, sign in to the Azure portal and modify the Azure resources.
A. See the below.
Correct Answer: A
Locking prevents other users in your organization from accidentally deleting or modifying critical resources, such as
Azure subscription, resource group, or resource.
Note: In Azure, the term resource refers to an entity managed by Azure. For example, virtual machines, virtual networks,
and storage accounts are all referred to as Azure resources.
1.
In the Azure portal, type Virtual Networks in the search box, select Virtual Networks from the search results then select
VNET2. Alternatively, browse to Virtual Networks in the left navigation pane.
2.
In the Settings blade for virtual network VNET2, select Locks.
3.
To add a lock, select Add.
4.
For Lock type select Delete lock, and click OK

az-500 exam questions-q8

Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources


QUESTION 9
You have an Azure subscription that contains 100 virtual machines and has Azure Security Center Standard tier
enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager
template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines?
Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. the user assigned managed identity
B. the Key Vault managed storage account Key
C. the Azure Active Directory (Azure AD) ID
D. the system-assigned managed identity
E. the primary shared key
F. the workspace ID
Correct Answer: AC

QUESTION 10
You have the Azure virtual machines shown in the following table.

az-500 exam questions-q10

Each virtual machine has a single network interface.
You add the network interface of VM1 to an application security group named ASG1.
You need to identify the network interfaces of which virtual machines you can add to ASG1.
What should you identify?
A. VM2 only
B. VM2, VM3, VM4, and VM5
C. VM2, VM3, and VM5 only
D. VM2 and VM3 only
Correct Answer: D
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/application-security-groups

QUESTION 11
You have an Azure subscription that contains the Azure Log Analytics workspaces shown in the following table.

az-500 exam questions-q11

You plan to use Azure Sentinel to monitor Windows Defender Firewall on the virtual machines. Which virtual machines
you can connect to Azure Sentinel?
A. VM1 and VM3 only
B. VM1 Only
C. VM1 and VM2 only
D. VM1, VM2, VM3 and VM4
Correct Answer: C
Reference: https://docs.microsoft.com/en-us/azure/sentinel/connect-windows-firewall


QUESTION 12
HOTSPOT
You have the Azure key vaults shown in the following table.

az-500 exam questions-q12

KV1 stores a secret named Secret1 and a key for a managed storage account named Key1.
You back up Secret1 and Key1.
To which key vaults can you restore each backup? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

az-500 exam questions-q12-2

Correct Answer:

az-500 exam questions-q12-3

The backups can only be restored to key vaults in the same subscription and same geography. You can restore to a
different region in the same geography.


QUESTION 13
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
The User administrator role is assigned to a user named Admin1.
An external partner has a Microsoft account that uses the [email protected] sign in.
Admin1 attempts to invite the external partner to sign in to the Azure AD tenant and receives the following error
message: “Unable to invite user [email protected] Generic authorization exception.”
You need to ensure that Admin1 can invite the external partner to sign in to the Azure AD tenant.
What should you do?
A. From the Roles and administrators blade, assign the Security administrator role to Admin1.
B. From the Organizational relationships blade, add an identity provider.
C. From the Custom domain names blade, add a custom domain.
D. From the Users blade, modify the External collaboration settings.
Correct Answer: D
Explanation:
You need to allow guest invitations in the External collaboration settings.

Summarize:

[Q1-Q13] Free Microsoft AZ-500 pdf download https://drive.google.com/file/d/14LrU_GlQS7dVzbRQDQ8HFH74TUL1W08B/view?usp=sharing

Share all the resources: Latest Microsoft AZ-500 practice questions, latest Microsoft AZ-500 pdf dumps. The latest updated Microsoft AZ-500 dumps https://www.pass4itsure.com/az-500.html Study hard and practices a lot. This will help you prepare for the Microsoft AZ-500 exam. Good luck!