JustenSharp

Member
Member
Joined
Feb 26, 2018
Messages
38
Reaction score
1
Points
8
ATTENTION PLEASE!!! THE AZ-500 EXAM UPDATED RECENTLY (Nov/2019) WITH MANY NEW QUESTIONS!!!

And, Pass Leader has updated its AZ-500 dumps recently, all new questions available now!!!

119Q NEW Version!!!

You can get the newest Pass Leader AZ-500 exam questions in the #4 of this thread!!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The new AZ-500 dumps (Sep/2019 Updated) now are available, here are part of AZ-500 exam questions (FYI):

[Get the download link at the end of this post]


NEW QUESTION 1
You have an Azure Subscription named Sub1. You have an Azure Storage account named Sa1 in a resource group named RG1. Users and applications access the blob service and the file service in Sa1 by using several shared access signatures (SASs) and stored access policies. You discover that unauthorized users accessed both the file service and the blob service. You need to revoke all access to Sa1.
Solution: You generate new SASs.
Does this meet the goal?

A. Yes
B. No

Answer: B
Explanation:
Instead you should create a new stored access policy. To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it.

NEW QUESTION 2
You have a hybrid configuration of Azure Active Directory (Azure AD). You have an Azure HDInsight cluster on a virtual network. You plan to allow users to authenticate to the cluster by using their on-premises Active Directory credentials. You need to configure the environment to support the planned authentication.
Solution: You create a site-to-site VPN between the virtual network and the on-premises network.
Does this meet the goal?

A. Yes
B. No

Answer: A
Explanation:
You can connect HDInsight to your on-premises network by using Azure Virtual Networks and a VPN gateway.

NEW QUESTION 3
Your company plans to create separate subscriptions for each department. Each subscription will be associated to the same Azure Active Directory (Azure AD) tenant. You need to configure each subscription to have the same role assignments. What should you use?

A. Azure Security Center
B. Azure Blueprints
C. Azure AD Privileged Identity Management (PIM)
D. Azure Policy

Answer: C
Explanation:
The Azure AD Privileged Identity Management (PIM) service also allows Privileged Role Administrators to make permanent admin role assignments.

NEW QUESTION 4
You have Azure Resource Manager templates that you use to deploy Azure virtual machines. You need to disable unused Windows features automatically as instances of the virtual machines are provisioned. What should you use?

A. device compliance policies in Microsoft Intune
B. Azure Automation State Configuration
C. application security groups
D. Azure Advisor

Answer: B
Explanation:
You can use Azure Automation State Configuration to manage Azure VMs (both Classic and Resource Manager), on-premises VMs, Linux machines, AWS VMs, and on-premises physical machines.

NEW QUESTION 5
You are configuring an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry. You need to use the auto-generated service principal to authenticate to the Azure Container Registry. What should you create?

A. an Azure Active Directory (Azure AD) group
B. an Azure Active Directory (Azure AD) role assignment
C. an Azure Active Directory (Azure AD) user
D. a secret in Azure Key Vault

Answer: B
Explanation:
When you create an AKS cluster, Azure also creates a service principal to support cluster operability with other Azure resources. You can use this auto-generated service principal for authentication with an ACR registry. To do so, you need to create an Azure AD role assignment that grants the cluster's service principal access to the container registry.

NEW QUESTION 6
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com. You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings. You need to create a custom sensitivity label. What should you do first?

A. Create a custom sensitive information type.
B. Elevate access for global administrators in Azure AD.
C. Upgrade the pricing tier of the Security Center to Standard.
D. Enable integration with Microsoft Cloud App Security.

Answer: A
Explanation:
First, you need to create a new sensitive information type because you can't directly modify the default rules.

NEW QUESTION 7
You have an Azure subscription named Sub1. In Azure Security Center, you have a security playbook named Play1. Play1 is configured to send an email message to a user named User1. You need to modify Play1 to send email messages to a distribution group named Alerts. What should you use to modify Play1?

A. Azure DevOps
B. Azure Application Insights
C. Azure Monitor
D. Azure Logic Apps Designer

Answer: D
Explanation:
You can change an existing playbook in Security Center to add an action, or conditions. To do that you just need to click on the name of the playbook that you want to change, in the Playbooks tab, and Logic App Designer opens up.

NEW QUESTION 8
You create a new Azure subscription. You need to ensure that you can create custom alert rules in Azure Security Center. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A. Onboard Azure Active Directory (Azure AD) Identity Protection.
B. Create an Azure Storage account.
C. Implement Azure Advisor recommendations.
D. Create an Azure Log Analytics workspace.
E. Upgrade the pricing tier of Security Center to Standard.

Answer: BD
Explanation:
D: You need write permission in the workspace that you select to store your custom alert.

NEW QUESTION 9
You have an Azure SQL database. You implement Always Encrypted. You need to ensure that application developers can retrieve and decrypt data in the database. Which two pieces of information should you provide to the developers? (Each correct answer presents part of the solution. Choose two.)

A. a stored access policy
B. a shared access signature (SAS)
C. the column encryption key
D. user credentials
E. the column master key

Answer: CE
Explanation:
Always Encrypted uses two types of keys: column encryption keys and column master keys. A column encryption key is used to encrypt data in an encrypted column. A column master key is a key-protecting key that encrypts one or more column encryption keys.

NEW QUESTION 10
Your company uses Azure DevOps. You need to recommend a method to validate whether the code meets the company's quality standards and code review standards. What should you recommend implementing in Azure DevOps?

A. branch folders
B. branch permissions
C. branch policies
D. branch locking

Answer: C
Explanation:
Branch policies help teams protect their important branches of development. Policies enforce your team's code quality and change management standards.

NEW QUESTION 11
......

Download more NEW Pass Leader AZ-500 PDF dumps from Google Drive here:


OR

Read the newest Pass Leader AZ-500 exam questions from this Blog:


Good Luck!!!
 
Last edited:

donaldfackle

Member
Member
Joined
Nov 7, 2018
Messages
222
Reaction score
2
Points
18
Visit Microsoft AZ-500 Mock Exam With Valid AZ-500 Exam Questions : https://www.passitcertify.com/microsoft/az-500-questions.html

Choose a sure way towards your success in Azure Security Engineer Associate certification with Microsoft AZ-500 exam questions of Passitcertify. We provide you 100% passing Microsoft Azure Security Technologies exam success with a 100% money back guarantee. Our Free AZ-500 PDF questions are based on the full AZ-500 exam Questions which are available on Passitcertify.
 

BruceWeiss

Member
Member
Joined
Jun 23, 2019
Messages
8,034
Reaction score
3
Points
38
Microsoft AZ-500 exam is a famous exam that will open new opportunities for you in a professional career. It all depends on your hard work. The harder you work the more chances will be created to boost your Microsoft AZ-500 IT career. It’ll catch the eyeballs of the interviewer. Microsoft AZ-500 exam focuses on many technologies which are why it’s getting more and more fame in the IT sector. Within a short span Microsoft AZ-500 updates their tech system or introduce new technology in the market by this value of AZ-500 Microsoft Dynamics 365 for Marketing exam increases.You can also avail 25% discount by using this coupon code E4S25%. Thus by this increases the difficulty of passing the Microsoft AZ-500 exam. You need not to worry about passing marks. Exams4Sale is a solution of all problems.

Here is the link below: https://www.exams4sale.com/Microsoft/AZ-500-exam-questions
 

JustenSharp

Member
Member
Joined
Feb 26, 2018
Messages
38
Reaction score
1
Points
8
The new Azure AZ-500 dumps (Nov/2019 Updated) now are available, here are part of AZ-500 exam questions (FYI):

[Get the download link at the end of this post]


NEW QUESTION 105
You are securing access to the resources in an Azure subscription. A new company policy states that all the Azure virtual machines in the subscription must use managed disks. You need to prevent users from creating virtual machines that use unmanaged disks. What should you do?

A. Azure Monitor
B. Azure Policy
C. Azure Security Center
D. Azure Service Health

Answer: B

NEW QUESTION 106
You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry. You need to use automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry. What should you create?

A. a secret in Azure Key Vault
B. a role assignment
C. an Azure Active Directory (Azure AD) user
D. an Azure Active Directory (Azure AD) group

Answer: B

NEW QUESTION 107
You use Azure Security Center for the centralized policy management of three Azure subscriptions. You use several policy definitions to manage the security of the subscriptions. You need to deploy the policy definitions as a group to all three subscriptions.
Solution: You create an initiative and an assignment that is scoped to a management group.
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 109
You are troubleshooting a security issue for an Azure Storage account. You enable the diagnostic logs for the storage account. What should you use to retrieve the diagnostics logs?

A. the Security & Compliance admin center
B. SQL query editor in Azure
C. File Explorer in Windows
D. AzCopy

Answer: D

NEW QUESTION 110
You have an Azure Storage account named storage1 that has a container named container1. You need to prevent the blobs in container1 from being modified. What should you do?

A. From container1, change the access level.
B. From container1, add an access policy.
C. From container1, modify the Access Control (IAM) settings.
D. From storage1, enable soft delete for blobs.

Answer: B

NEW QUESTION 111
You company has an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to create several security alerts by using Azure Monitor. You need to prepare the Azure subscription for the alerts. What should you create first?

A. an Azure Storage account
B. an Azure Log Analytics workspace
C. an Azure event hub
D. an Azure Automation account

Answer: B

NEW QUESTION 112
You company has an Azure subscription named Sub1. Sub1 contains an Azure web app named WebApp1 that uses Azure Application Insights. WebApp1 requires users to authenticate by using OAuth 2.0 client secrets. Developers at the company plan to create a multi-step web test app that preforms synthetic transactions emulating user traffic to Web App1. You need to ensure that web tests can run unattended. What should you do first?

A. In Microsoft Visual Studio, modify the .webtest file.
B. Upload the .webtest file to Application Insights.
C. Register the web test app in Azure AD.
D. Add a plug-in to the web test app.

Answer: B

NEW QUESTION 113
You are troubleshooting a security issue for an Azure Storage account. You enable the diagnostic logs for the storage account. What should you use to retrieve the diagnostics logs?

A. The Security & Compliance admin center
B. Azure Security Center
C. Azure Cosmos DB explorer
D. AzCopy

Answer: D

NEW QUESTION 114
Drag and Drop
You are configuring network connectivity for two Azure virtual networks named VNET1 and VNET2. You need to implement VPN gateways for the virtual networks to meet the following requirements:
  • VNET1 must have six site-to-site connections that use BGP.
  • VNET2 must have 12 site-to-site connections that use BGP.
  • Costs must be minimized.
Which VPN gateway SKU should you use for each virtual network? (To answer, drag the appropriate SKUs to the correct networks. Each SKU may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)


Answer:


NEW QUESTION 115
HotSpot
You are configuring just in time (JIT) VM access to a set of Azure virtual machines. You need to grant users PowerShell access to the virtual machine by using JIT VM access. What should you configure? (To answer, select the appropriate options in the answer area.)


Answer:


NEW QUESTION 116
......

Download more NEW Pass Leader AZ-500 PDF dumps from Google Drive here:


OR

Read the newest Pass Leader AZ-500 exam questions from this Blog:


Good Luck!!!
 
Top