Certification Exam Prep Questions For Microsoft Azure Security Technologies (AZ-500)

QuickStart is now offering assessment questions for Microsoft Azure Security Technologies (AZ-500). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for Microsoft Azure Security Technologies (AZ-500)



You manage an Azure App Service app that hosts website artifacts in a general purpose v2 storage account. You need to configure the App Service app to authenticate programmatically to the storage account. Which of the following should you create?


A company has over a hundred Windows Server 2016 VMs running in the Azure West Europe region. Machines start and stop automatically by using an Azure Automation runbook. and updates are managed by using Azure Update Management. You learn of a Microsoft security vulnerability that affects the Windows Server 2016 operating system. The vulnerability is fixed by installing a hotfix. You need to create a report of the systems that do not have the hotfix installed. What should you do to generate the report?


You are the Azure administrator for your company. All Azure resources are in a single subscription and a single region. The company's Active Directory (AD) domain is synchronized from on-premises via Azure AD Connect. Active Directory Federation Services (ADFS) is used for Single Sign-On (SSO). You deploy a managed SQL instance named Database1 to Azure with a single-user database. You use SQL Server authentication to authenticate users when they connect. Users report that they need to remember a separate username and password when they connect Excel to the managed SQL instance. You need to configure the Azure SQL Database to allow the users to login without having to enter a username and password. Which two actions should you perform? Each correct answer presents part of the solution.


You are the Azure administrator for your company. You migrate an on-premises SQL Server to four Azure SQL databases in a single Azure SQL Server. Before migrating to Azure, the SQL Server audit logs were copied to an Azure Blob storage. The audit logs are reviewed quarterly for any suspicious activity. You need to ensure that the auditing events of all Azure SQL databases are logged and stored for review while minimizing costs. Which two actions should you perform? Each correct answer presents part of the solution.


You manage an Azure subscription named Sub1 that is associated with an Azure Active Directory (Azure AD) tenant named companyl.com. Your company IT department manages another Azure AD tenant named corp-companyl.com. Your company hires a new administrator named Admin1. Admin1 has the following identities: • An account in companyl.com named Identity1 • An account in corp-companyl.com named Identity2 • An Outlook.com account named Identity3 You need to transfer Sub1 ownership to Admin1. Which identities from Admin1 could be used to transfer Sub1 ownership?


You are the Azure administrator for your company. You use several applications that use Azure Key Vault to store and access keys for Azure Service Bus. You regenerate the keys manually and store them in the key vault. The process takes a while to complete. You need to configure Azure to rotate the keys automatically. What should you do?


You manage an Azure Virtual Machine (VM) running Windows Server named vm1. You want to use Serial Console to perform emergency security configuration on vm1. What should you do first?


You are the Azure administrator for your company. A recent audit highlighted that several privileged users do not have multi-factor authentication (MFA) enabled on their accounts. You need to retrieve a list of privileged accounts that require enabling MFA. What should you do? Each correct answer presents a complete solution.


A manufacturing company has offices located across the world. Each office has a local file server that stores departmental data. Your company creates a storage account for a pilot of Azure File Sync for a remote office. The remote office uses the subnet You need to ensure that the storage account can only be accessed from the remote office. It should not be accessible from anywhere else


Your company wants to set up a new design project and needs to share some confidential drawings with a customer. You need to allow read access to the drawings and ensure that they are only accessible to the customer for a short period from the customer's office. The customer's office connects to the internet via a static IP address. You need to provide the most cost-effective, secure solution. What should you do?


Your company develops a web application that requires API access to a general purpose v2 storage account in Azure. You need to ensure that the access keys for the storage account are regenerated on a schedule. What should you do?


Your company has several development servers running in an Azure virtual network (VNet) named VNet1. Your developers have several Docker images stored in a private repository. The developers want to use Azure Container Instances (ACI) to deploy these container images in Azure. You need to restrict access to these containers to VNet1. What should you do?


Your company uses Azure Active Directory (Azure AD) Privileged Identity Management (PIM). You need to ensure that user Abby Brown requests administrative role elevation prior to her taking any administrative action in Azure. What should you do?


Your company uses Azure Container Registry to store Docker images for internal development use. You need to configure the registry so that developers can log into the registry by using the registry name as the username and an access key as the password. What should you do?


You have four Azure virtual machines (VMs) running Windows Server 2016 located on a subnet named web1 in a virtual network (VNet) named vnet1. The Azure VMs are named web1, web2. web3, and web4. You have the following inbound network traffic requirements: • TCP 443 (all VMs) • TCP 1444 (web1, web3) How many network security groups (NSGs) do you need?

A. 4
B. 2
C. 1
D. 3

You manage six Azure virtual machines (VMs) running Linux that form the web tier of your company's line-of-business web application. You need to ensure that key application services are started programmatically. What should you use?

A. Webjob
B. Custom script extension
C. Login App
D. Application security group (ASG)

A company runs five Windows Server 2012 R2 virtual machines (VMs) in the Azure West Europe region. The VMs were originally deployed from the Azure marketplace. The company has an antivirus solution that will shortly become end of life and wants to replace it with Microsoft Antimalware. You need to enable Microsoft Antimalware on each VM without any manual interaction. What should you do?


You are the Azure administrator for your company. You have over 100 virtual machines (VMs) running within the same tenant. There are three subscriptions in the single tenant. You notice an increase in security alerts within Azure Security Center. You need to ensure that you are notified immediately when alerts are detected in Security Center. Which action should you perform? Each correct answer presents part of the solution


You are a security administrator on a team of developers and data scientists. The team plans to perform data analysis by using Azure Databricks. You need to create an Azure-based storage repository that meets the following requirements: • Hadoop-compatible file system • File-level access control lists • Shared access signature (SAS) token support What should you create?


You have an Azure SQL database. You need to ensure that sensitive data never appears as plain text inside the database system. What should you do?


You have an Azure subscription named Sub1 that contains the Azure key vaults as shown in the exhibit. You create a new Azure virtual machine (VM) running Windows Server 2016 named VM1 in Sub1. VM1 is provisioned in the Central US region and in the resource group named RG1. You need to enable Azure disk encryption on VM1 and store the encryption key in Azure Key Vault. In which key vaults should you store the encryption key for VM1?s


A company deploys resources into a single Azure subscription. The company's production resources are created in a resource group named production-rg and development resources in a resource group named development-rg. The development team is assigned the Contributor role to the development-rg resource group. They regularly make configuration changes to its resources as part of their testing using the Azure portal, PowerShell, and Azure CLI. You need to ensure that the existing resources in development-rg are not deleted by any users while still allowing the development team to continue working.


You are the Azure administrator for your company. Your company uses a third-party email scanning system that scans email before it enters or leaves Microsoft Office 365. The solution supports single sign-on (SSO) and has advanced mail scanning, reporting, and quarantine features. The third-party email scanning system has a recipient verification feature that connects to the tenant directory via a non-interactive Azure enterprise app. The application verifies the sending email address before allowing the email to be sent. You need to verify what permissions are configured on the Azure enterprise app. Which two actions should you perform? Each correct answer presents part of the solution.


You have a Microsoft SQL Server 2019 database hosted on an Azure virtual machine (VM). The database is the data store for a web application. When customers visit the shopping cart page of the application, the page loads slowly. You need to determine the stored procedure that is being called when this page is accessed. What should you do?

Product Image

Sample Question - Microsoft Azure Security Technologies (AZ-500)

Practice Exam

Learning Style



Course Info

Download PDF


See Sample

Buy Individually Timezone
Courses Offered In This Certification

You have already taken demo for this course.

If you want to get access to demo again, feel free to contact our support at (855) 800-8240


More Information

More Information
Lab AccessNo
Learning TypePractice Exam


Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account

click here