Microsoft AZ-500 Übungsprüfungen
Zuletzt aktualisiert am 24.04.2025- Prüfungscode: AZ-500
- Prüfungsname: Microsoft Azure Security Technologies
- Zertifizierungsanbieter: Microsoft
- Zuletzt aktualisiert am: 24.04.2025
DRAG DROP
You have an Azure subscription.
You plan to implement Azure DDoS Protection.
The solution must meet the following requirement:
* Provide access to DDoS rapid response support during active attacks.
* Project Basic SKU public IP addresses.
You need to recommend which type of DDoS projection to use for each requirement.
What should you recommend? To answer, drag the appropriate DDoS projection types to the correct requirements. Each DDoS Projection type may be used once, or not at all. You may need to drag the split bar between panes or scroll to view connect. NOTE: Each correct selection is worth one point.
HOTSPOT
You are evaluating the security of VM1, VM2, and VM3 in Sub2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription mat contains a resource group named RG1. RG1 contains a storage account named storage1.
You have two custom Azure rotes named Role1 and Role2 that are scoped to RG1.
The permissions for Role1 are shown in the following JSON code.
Your network contains an on-premises Active Directory domain named corp.contoso.com.
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
You sync all on-premises identities to Azure AD.
You need to prevent users who have a givenName attribute that starts with TEST from being synced to Azure AD. The solution must minimize administrative effort.
What should you use?
- A . Synchronization Rules Editor
- B . Web Service Configuration Tool
- C . the Azure AD Connect wizard
- D . Active Directory Users and Computers
Your network contains an on-premises Active Directory domain named corp.contoso.com.
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
You sync all on-premises identities to Azure AD.
You need to prevent users who have a givenName attribute that starts with TEST from being synced to Azure AD. The solution must minimize administrative effort.
What should you use?
- A . Synchronization Rules Editor
- B . Web Service Configuration Tool
- C . the Azure AD Connect wizard
- D . Active Directory Users and Computers
You have an Azure subscription that contains a user named User1. You need to ensure that User1 can create managed identities. The solution must use the principle of least privilege.
What should you do?
- A . Create a resource group and assign User1 to the Managed Identity Contributor role.
- B . Create a management group and assign User1 the Managed Identity Operator role.
- C . Create an organizational unit (OU) and assign User1 the User administrator Azure AD role.
- D . Create management group and assign User1 the Hybrid Identity Administrator Azure AD role.
HOTSPOT
You have an Azure subscription.
You plan to deploy a virtual machine named VM1.
You need to use confidential disk encryption on VM1.
Which virtual machine series should you use for VM1, and which type of disks can be encrypted by using confidential disk encryption? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription.
You plan to deploy a virtual machine named VM1.
You need to use confidential disk encryption on VM1.
Which virtual machine series should you use for VM1, and which type of disks can be encrypted by using confidential disk encryption? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the subnets shown in the following table.
The subscription contains Azure web app named WebApp1 that has the following configurations.
* Region West Us
* Virtual network VNet1
* VNet integration on: Enabled
* Outbound subnet: Subnet11
* Windows plan (West US): ASP1
You plan to deploy an Azure web app named WebApp2 that will have the following settings:
* Region: West US
* VNet integration on-Enabled
* Windows plan (West UAS): WebApp2?
To which subnets can you integrate WebApp2?
- A . Subnet11 only
- B . Subnet2 only
- C . Subnet11 or subnet12 only
- D . Subnet2 or Subnet21 only
- E . Subnet11, subnet2, or Subnet21
You have an Azure subscription that contains the subnets shown in the following table.
The subscription contains Azure web app named WebApp1 that has the following configurations.
* Region West Us
* Virtual network VNet1
* VNet integration on: Enabled
* Outbound subnet: Subnet11
* Windows plan (West US): ASP1
You plan to deploy an Azure web app named WebApp2 that will have the following settings:
* Region: West US
* VNet integration on-Enabled
* Windows plan (West UAS): WebApp2?
To which subnets can you integrate WebApp2?
- A . Subnet11 only
- B . Subnet2 only
- C . Subnet11 or subnet12 only
- D . Subnet2 or Subnet21 only
- E . Subnet11, subnet2, or Subnet21