AZ-500 Exam Dumps - Microsoft Azure Security Technologies

Go to page:

<< First
Prev
1
2
3
4
5
6
7
Next
Last >>

Question # 49

You are securing access to the resources in an Azure subscription.

A new company policy states that all the Azure virtual machines in the subscription must use managed disks.

You need to prevent users from creating virtual machines that use unmanaged disks.

What should you use?

Azure Monitor

Azure Policy

Azure Security Center

Azure Service Health

Full Access

Question # 50

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant and a user named User1.

The App registrations settings for the tenant are configured as shown in the following exhibit.

You plan to deploy an app named App1.

You need to ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.

Which role should you assign to User1?

App Configuration Data Owner for the subscription

Managed Application Contributor for the subscription

Cloud application administrator in Azure AD

Application developer in Azure AD.

Full Access

Question # 51

You need to implement the planned change for WAF1.

The solution must minimize administrative effort

What should you do?

Create an Azure policy.

Modify the Azure-managed DRS.

Add a custom rule.

Modify the Bot Manager 1.1 rule set.

Full Access

Question # 52

You have an Azure subscription that contains the resources shown in the following table.

You create the Azure Storage accounts shown in the following table.

You need to configure auditing for SQL1.

Which storage accounts and Log Analytics workspaces can you use as the audit log destination? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access

Question # 53

You have an Azure subscription that contains an Azure API Management instance named ContosoAPI1.

You need to configure SSL 3.0 support for ContosoAPI1.

What should you do first in the Azure portal?

From Certificates, add a certificate.

From Protocols + ciphers, select a backend protocol.

From APIs, add an API tag.

From Pricing tier, change the pricing tier.

Full Access

Question # 54

You have an Azure subscription that contains the resources shown in the following table.

You need to configure AFW1 to only allow traffic from VM1 to storage accounts in the West US Azure region. The solution must minimize administrative effort.

What should you configure?

a DNAT rule

a network rule

an SNAT private IP address range

an application rule

Full Access

Question # 55

You need to recommend an encryption solution for the planned ExpressRoute implementation. The solution must meet the technical requirements.

Which ExpressRoute circuit should you recommend for each type of encryption? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access

Question # 56

You need to configure the AKS1 and ID1 managed identities to meet the technical requirements. The solution must follow the principle of least privilege.

Which role should you assign to each identity? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.