Curious about Actual Microsoft Azure Security Engineer Associate (AZ-500) Exam Questions?

Here are sample Microsoft Azure Security Technologies (AZ-500) Exam questions from real exam. You can get more Microsoft Azure Security Engineer Associate (AZ-500) Exam premium practice questions at TestInsights.

Page: 1 /
Total 408 questions

Want more questions? Get Premium Access.

Question 1

You have an Azure subscription that contains an Azure Blob storage account bolb1.

You need to configure attribute-based access control (ABAC) for blob1.

Which attributes can you use in access conditions?

Ablob index tags only

Bblob index tags and container names only

Cfile extensions and container names only

Dblob index tags, file extensions, and container names

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

Ablob index tags only

Bblob index tags and container names only

Cfile extensions and container names only

Dblob index tags, file extensions, and container names

0 / 1500

Question 2

You have an Azure subscription that contains a resource group named RG1 and the identities shown in the following table.

You assign Group4 the Contributor role for RG1.

Which identities can you add to Group4 as members?

AUser1 only

BUser1 and Group3 only

CUser1, Group1, and Group3 only

DUser1, Group2, and Group3 only

EUser1, Group1, Group2, and Group3

Correct : B

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AUser1 only

BUser1 and Group3 only

CUser1, Group1, and Group3 only

DUser1, Group2, and Group3 only

EUser1, Group1, Group2, and Group3

0 / 1500

Question 3

You have an Azure subscription that contains an Azure Key Vault Standard key vault named Vault1. Vault1 hosts a 2048-bit RSA key named key1.

You need to ensure that key1 is rotated every 90 days.

What should you do first?

ACreate a key rotation policy.

BModify the Access policies settings of Vault1.

CUpgrade Vault1 to Key Vault Premium.

DRecreate key1 as an EC key.

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ACreate a key rotation policy.

BModify the Access policies settings of Vault1.

CUpgrade Vault1 to Key Vault Premium.

DRecreate key1 as an EC key.

0 / 1500

Question 4

You have an Azure subscription that contains an Azure Data Lake Storage account named sa1.

You plan to deploy an app named Appl that will access sa1 and perform operations, including Read. List, Create Directory, and Delete Directory.

You need to ensure that Appl can connect securely to sa1 by using a private endpoint

What is the minimum number of private endpoints required for sa1 ?

Correct : A

A private endpoint is a network interface that connects you privately and securely to a service that's powered by Azure Private Link. By enabling a private endpoint, you're bringing the service into your virtual network. You only need one private endpoint for each service that you want to access privately, such as Azure Data Lake Storage. You can create a private endpoint for your Azure Data Lake Storage account named sa1 by following the steps inthis article.

What is a private endpoint? - Azure Private Link

Private Endpoints for Azure Storage are now Generally Available

Step-by-Step: How to Configure a Private Endpoint to Secure Azure ...

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

0 / 1500

Question 5

You have an Azure subscription named Sub1. Sub1 contains a virtual network named VNet1 that contains one subnet named Subnet1.

Subnet1 contains an Azure virtual machine named VM1 that runs Ubuntu Server 20.04.

You create a service endpoint for Microsoft. Storage in Subnet1.

You need to ensure that when you deploy Docker containers to VM1, the containers can access Azure Storage resources by using the service endpoint.

What should you do on VM1 before you deploy the container?

ACreate an application security group and a network security group (NSG).

BInstall the container network interface (CNI) plug-in.

CEdit the docker-compose.ym1 file.

Correct : B

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ACreate an application security group and a network security group (NSG).

BInstall the container network interface (CNI) plug-in.

CEdit the docker-compose.ym1 file.

0 / 1500

Page: 1 / 82
Total 408 questions

Unlock Full
AZ-500 Exam Features

In Just $49 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Marked Questions
AZ-500 Exam

AZ-500 Exam Question 1
AZ-500 Exam Question 2
AZ-500 Exam Question 3
AZ-500 Exam Question 4
AZ-500 Exam Question 5

Download PDF File Demo

Try Web-Based Exam Practice Software Demo

Commenting

In order to participate in the comments you need to be logged-in.
You can sign-up or login