Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Microsoft AZ-500 - Microsoft Azure Security Technologies

Microsoft AZ-500 Premium Access     Download Demo    
Page: 3 / 7
Total 460 questions

You have an Azure Sentinel workspace that contains an Azure Active Directory (Azure AD) connector, an Azure Log Analytics query named Query1 and a playbook named Playbook1.

Query1 returns a subset of security events generated by Azure AD.

You plan to create an Azure Sentinel analytic rule based on Query1 that will trigger Playbook1.

You need to ensure that you can add Playbook1 to the new rule.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings.

You need to create a custom sensitivity label.

What should you do first?

A.

Create a custom sensitive information type.

B.

Elevate access for global administrators in Azure AD.

C.

Upgrade the pricing tier of the Security Center to Standard.

D.

Enable integration with Microsoft Cloud App Security.

You have a Microsoft Entra tenant that contains a user named User1.

You plan to enable passwordless authentication for the tenant.

You need to ensure that User1 can enable the combined registration experience. The solution must use the principle of least privilege.

Which role should you assign to User1?

A.

Security Administrator

B.

Global Administrator

C.

Privileged Role Administrator

D.

Authentication Administrator

You have an Azure subscription that contains the alerts shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Lab Task

use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password. place your cursor in the Enter password box and click on the password below.

Azure Username: Userl -28681041@ExamUsers.com

Azure Password: GpOAe4@lDg

If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 28681041

Task 9

You need to ensure that the rg1lod28681041n1 Azure Storage account is encrypted by using a key stored in the KeyVault28681041 Azure key vault.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Subscription named Sub1. Sub1 contains an Azure virtual machine named VM1 that runs Windows Server 2016.

You need to encrypt VM1 disks by using Azure Disk Encryption.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You suspect that users are attempting to sign in to resources to which they have no access.

You need to create an Azure Log Analytics query to identify failed user sign-in attempts from the last three days. The results must only show users who had more than five failed sign-in attempts.

How should you configure the query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure subscription that is linked to a Microsoft Entra tenant named contoso.com. In contoso.com, you register an app named App1. You need to perform the following tasks for App1:

• Add and configure the Mobile and desktop applications platform.

• Add the ipaddr optional claim.

Which two settings should you select for App1? To answer, select the appropriate settings in the answer area.

NOTE; Each correct selection is worth one point.

You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud. You have the management group hierarchy shown in the following exhibit.

You create the definitions shown in the following table.

You need to use Defender for Cloud to add a security policy. Which definitions can you use as a security policy?

A.

Policy1 only

B.

Policy1 and Initiative1 only

C.

Initiative1 and Initiative2 only

D.

Initiative1, Initiative2, and Initiatives only

E.

Policy1, Initiative1, Initiative2, and Initiative3

You plan to deploy Azure container instances.

You have a containerized application that validates credit cards. The application is comprised of two

containers: an application container and a validation container.

The application container is monitored by the validation container. The validation container performs security checks by making requests to the application container and waiting for responses after every transaction.

You need to ensure that the application container and the validation container are scheduled to be deployedtogether. The containers must communicate to each other only on ports that are not externally exposed.

What should you include in the deployment?

A.

application security groups

B.

network security groups (NSGs)

C.

management groups

D.

container groups