AZ-500 Dumps

AZ-500 Braindumps AZ-500 Real Questions AZ-500 Practice Test

AZ-500 Actual Questions

Microsoft

AZ-500

Microsoft Azure Security Technologies 2023

https://killexams.com/pass4sure/exam-detail/AZ-500

Question: 114

You have an Azure web app named webapp1.

You need to configure continuous deployment for webapp1 by using an Azure Repo. What should you create first?

1. an Azure Application Insights service

2. an Azure DevOps organization

3. an Azure Storage account

4. an Azure DevTest Labs lab

Answer: B Question: 115 HOTSPOT

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

In Azure AD Privileged Identity Management (PIM), the Role settings for the Contributor role are configured as shown in the exhibit. (Click the Exhibit tab.)

You assign users the Contributor role on May 1, 2019 as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource- roles-assign-roles

Question: 116

CORRECT TEXT

You plan to connect several Windows servers to the WS11641655 Azure Log Analytics workspace.

You need to ensure that the events in the System event logs are collected automatically to the workspace after you connect the Windows servers.

To complete this task, sign in to the Azure portal and modify the Azure resources.

Answer: Azure Monitor can collect events from the Windows event logs or Linux Syslog and performance counters that you specify for longer term analysis and reporting, and take action when a particular condition is detected. Follow these steps to configure collection of events from the Windows system log and Linux Syslog, and several common performance counters to start with.

Data collection from Windows VM

Question: 117

You have 10 virtual machines on a single subnet that has a single network security group (NSG). You need to log the network traffic to an Azure Storage account.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

1. Install the Network Performance Monitor solution.

2. Enable Azure Network Watcher.

3. Enable diagnostic logging for the NS

1. Enable NSG flow logs.

2. Create an Azure Log Analytics workspace.

Answer: B,D Explanation:

A network security group (NSG) enables you to filter inbound traffic to, and outbound traffic from, a virtual machine (VM). You can log network traffic that flows through an NSG with Network Watcher’s NSG flow log capability.

Steps include:

Create a VM with a network security group

Enable Network Watcher and register the Microsoft. Insights provider

Enable a traffic flow log for an NSG, using Network Watcher’s NSG flow log capability Download logged data

View logged data

Reference: https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal

Question: 118

You have an Azure Active Din-dory (Azure AD) tenant named contoso.com that contains a user named User1. You plan to publish several apps in the tenant.

You need to ensure that User1 can grant admin consent for the published apps.

Which two possible user roles can you assign to User! to achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

1. Application developer

2. Security administrator

3. Application administrator

4. User administrator

5. Cloud application administrator

Answer: C,E Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent

Question: 119

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant.

When a developer attempts to register an app named App1 in the tenant, the developer receives the error message shown in the following exhibit.

You need to ensure that the developer can register App1 in the tenant.

What should you do for the tenant?

1. Modify the User settings

2. Set Enable Security default to Yes.

3. Modify the Directory properties.

4. Configure the Consent and permissions settings for enterprise applications.

Answer: A Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-how-applications-are- added

Question: 120

You plan to implement JIT VM access. Which virtual machines will be supported?

1. VM1 and VM3 only

2. VM1. VM2. VM3, and VM4

3. VM2, VM3, and VM4 only

4. VM1 only

Answer: A

Question: 121

You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings.

You need to create a custom sensitivity label. What should you do first?

1. Create a custom sensitive information type.

2. Elevate access for global administrators in Azure A

1. Upgrade the pricing tier of the Security Center to Standard.

2. Enable integration with Microsoft Cloud App Security.

Answer: A Explanation:

First, you need to create a new sensitive information type because you can’t directly modify the default rules.

References: https://docs.microsoft.com/en-us/office365/securitycompliance/customize-a-built-in-sensitive- information-type

Question: 122

CORRECT TEXT

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: [email protected]

Azure Password: Ag1Bh9!#Bd

The following information is for technical support purposes only: Lab Instance: 10598168

You need to collect all the audit failure data from the security log of a virtual machine named VM1 to an Azure Storage account.

To complete this task, sign in to the Azure portal.

This task might take several minutes to complete You can perform other tasks while the task completes.

Answer: Step 1: Create a workspace

Azure Monitor can collect data directly from your Azure virtual machines into a Log Analytics workspace for detailed analysis and correlation.

Question: 123

DRAG DROP

You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1. You have 500 Azure virtual machines that run Windows Server 2016 and are enrolled in LAW1.

You plan to add the System Update Assessment solution to LAW1.

You need to ensure that System Update Assessment-related logs are uploaded to LAW1 from 100 of the virtual machines only.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

References: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/solution-targeting

Question: 124

You have an Azure subscription.

You configure the subscription to use a different Azure Active Directory (Azure AD) tenant.

What are two possible effects of the change? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

1. Role assignments at the subscription level are lost.

2. Virtual machine managed identities are lost.

3. Virtual machine disk snapshots are lost.

4. Existing Azure resources are deleted.

Answer: A,B Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions- associated-directory

Question: 125

CORRECT TEXT

You plan to connect several Windows servers to the WS11641655 Azure Log Analytics workspace.

You need to ensure that the events in the System event logs are collected automatically to the workspace after you connect the Windows servers.

To complete this task, sign in to the Azure portal and modify the Azure resources.

Answer: Azure Monitor can collect events from the Windows event logs or Linux Syslog and performance counters that you specify for longer term analysis and reporting, and take action when a particular condition is detected. Follow these steps to configure collection of events from the Windows system log and Linux Syslog, and several common performance counters to start with.

Data collection from Windows VM

Question: 126

You plan to create an Azure Kubernetes Service (AKS) cluster in an Azure subscription. The manifest of the registered server application is shown in the following exhibit.

You need to ensure that the AKS cluster and Azure Active Directory (Azure AD) are integrated.

Which property should you modify in the manifest?

1. accessTokenAcceptedVersion

2. keyCredentials

3. groupMembershipClaims

4. acceptMappedClaims

Answer: C Explanation: Reference:

https://docs.microsoft.com/en-us/azure/aks/azure-ad-integration-cli https://www.codeproject.com/Articles/3211864/Operation-and-Maintenance-of-AKS-Applications

6$03/( 48(67,216

7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV

.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP

$FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP

([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP

3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV

*XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV

8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV

7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\

'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU

.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG