01. In order to get diagnostics from an Azure virtual machine you own, what is the first step to doing that?
a) You need to restart the Azure virtual machine
b) You need to create a storage account to store it
c) A diagnostics agent needs to be installed on the VM
d) You need to grant RBAC permissions to the user requesting diagnostics
02. A company is planning to develop a mobile application. The application will be using the OAuth2 implicit grant type to get Azure AD access tokens. The application needs to be registered in Azure AD.
Which of the following is required to register the application in Azure AD?
a) A client id
b) A secret access key
c) A redirect URI
d) A reply URL
03. Which Azure Service is the centralized spot for all Activity Logs, Metrics, Alerts, and Diagnostics for all resources across your subscription?
a) Azure Stream Analytics
b) Event Hub
c) Azure Log Analytics
d) Azure Monitor
04. Your company has configured an Azure Policy when it comes to governance for their Azure virtual machines. They want to deploy this policy via the use of Microsoft Defender for Cloud. Which of the following must they create for this requirement?
a) An initiative
b) A Conditional Access Policy
c) A Management Group
d) A Custom RBAC role
05. A team is planning on deploying Azure resources by using Resource Manager templates. The templates need to reference secrets that are stored in the Azure Key Vault. You need to ensure deployments can be made accordingly.
Which of the following would you use to restrict access to the secrets in the key vault?
a) Advanced access policy for the Key vault
b) Access policies for the Key vault
c) Role-Based access
d) An Azure policy
06. Web Application Firewall offers centralized protection of web applications from common vulnerabilities and exploits. Which of the following is an optional stage in creating a WAF (Web Application Firewall) policy on Azure Front Door using Azure Portal?
a) Configure WAF policy settings and rules.
b) Create a Web Application Firewall policy.
c) Associate the WAF policy with a Front Door profile.
d) Configure network security groups for the Front Door profile.
07. While configuring Azure Application Gateway for your company, you want to ensure that the user experiences no performance degradation even during peak times. Which of the following setting would you configure?
a) Health probes
b) Autoscaling
c) Manual scaling
d) Protocol
08. In the context of alerts, you can create an Action Group. Which of the following is not an Action Type that can exist inside an Action Group?
a) E-mail
b) Voice
c) Push notification
d) SMS text message
e) Facebook Messenger message
09. Being the network engineer at your company, you need to ensure that communications with Azure Storage pass through the Service Endpoint. How would you ensure it?
a) By adding one Inbound rule and one Outbound rule
b) You don't need to make a specific configuration or add any rule, it is automatically configured
c) By adding an Inbound rule to allow access to the storage
d) By adding an Outbound rule to allow access to the storage
10. You need to ensure that users signing in to the Azure portal are prompted to sign in every 48 hours. What should you configure?
a) Conditional Access Sign-in frequency
b) Conditional Access App Control
c) Conditional Access Persistent browser session
d) Azure AD Privileged Identity Management (PIM)
The purpose of this Sample Question Set is to provide you with information about the Microsoft Azure Security Technologies exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the AZ-500 certification test. To get familiar with real exam environment, we suggest you try our Sample Microsoft Azure Security Technologies Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual Microsoft Certified - Azure Security Engineer Associate certification exam.