MICROSOFT-AZ500

Microsoft's AZ-500 You have an Azure Active Directory (Azure AD) tenant and a root management group.You create 10 Azure subscriptions and add the subscriptions to the root management group.You need to create an Azure Blueprints definition that will be stored in the root management group.What should you do first?

Microsoft's AZ-500 You have three on-premises servers named Server1, Server2, and Server3 that run Windows Server 2019. Server1 and Server2 are located on the internal network. Server3 is located on the perimeter network. All servers have access to Azure.From Azure Sentinel, you install a Windows firewall data connector.You need to collect Microsoft Defender Firewall data from the servers for Azure Sentinel.What should you do?

Microsoft's AZ-500 You have an Azure subscription that contains several Azure SQL databases and an Azure Sentinel workspace.You need to create a saved query in the workspace to find events reported by Azure Defender for SQL.What should you do?

Microsoft's AZ-500 You are collecting events from Azure virtual machines to an Azure Log Analytics workspace.You plan to create alerts based on the collected events.You need to identify which Azure services can be used to create the alerts.Which two services should you identify? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point. E. Azure Advisor

Microsoft's AZ-500 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Microsoft Defender for Cloud for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create an initiative and an assignment that is scoped to a management group.Does this meet the goal?

Microsoft's AZ-500 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Microsoft Defender for Cloud for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create a policy initiative and assignments that are scoped to resource groups.Does this meet the goal?

Microsoft's AZ-500 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Microsoft Defender for Cloud for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create a policy definition and assignments that are scoped to resource groups.Does this meet the goal?

Microsoft's AZ-500 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Microsoft Defender for Cloud for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create a resource graph and an assignment that is scoped to a management group.Does this meet the goal?

Microsoft's AZ-500 You create a new Azure subscription.You need to ensure that you can create custom alert rules in Azure Security Center.Which two actions should you perform? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point. E. Upgrade the pricing tier of Security Center to Standard.

Microsoft's AZ-500 You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1.You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers connect to LAW1. LAW1 is configured to collect security-related performance counters from the connected servers.You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:✑ Alert rules must support dimensions.✑ The time it takes to generate an alert must be minimized.✑ Alert notifications must be generated only once when the alert is generated and once when the alert is resolved.Which signal type should you use when you create the alert rules?

Microsoft's AZ-500 You have an Azure subscription named Subscription1 that contains the resources shown in the following table.You need to identify which initiatives and policies you can add to Subscription1 by using Azure Security Center.What should you identify?

Microsoft's AZ-500 You have an Azure resource group that contains 100 virtual machines.You have an initiative named Initiative1 that contains multiple policy definitions. Initiative1 is assigned to the resource group.You need to identify which resources do NOT match the policy definitions.What should you do?

Microsoft's AZ-500 You have an Azure subscription named Subscription1.You need to view which security settings are assigned to Subscription1 by default.Which Azure policy or initiative definition should you review?

Microsoft's AZ-500 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You use Microsoft Defender for Cloud for the centralized policy management of three Azure subscriptions.You use several policy definitions to manage the security of the subscriptions.You need to deploy the policy definitions as a group to all three subscriptions.Solution: You create a policy initiative and an assignment that is scoped to the Tenant Root Group management group.Does this meet the goal?

Microsoft's AZ-500 You have an Azure environment.You need to identify any Azure configurations and workloads that are non-compliant with ISO 27001:2013 standards.What should you use?

Microsoft's AZ-500 You have an Azure subscription named Sub1 that contains the virtual machines shown in the following table.You need to ensure that the virtual machines in RG1 have the Remote Desktop port closed until an authorized user requests access.What should you configure?

Microsoft's AZ-500 You are troubleshooting a security issue for an Azure Storage account.You enable the diagnostic logs for the storage account.What should you use to retrieve the diagnostics logs?

Microsoft's AZ-500 You have an Azure subscription that contains the resources shown in the following table.You plan to enable Azure Defender for the subscription.Which resources can be protected by using Azure Defender? E. VM1 and storage1 only

Microsoft's AZ-500 You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group (NSG) named NSG1. ServerAdmins can access the virtual machines by using RDP.You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access.What should you configure?

Microsoft's AZ-500 You have an Azure Sentinel deployment.You need to create a scheduled query rule named Rule1.What should you use to define the query rule logic for Rule1?

Microsoft's AZ-500 You have an Azure subscription named Subscription1 that contains a resource group named RG1 and the users shown in the following table.You perform the following tasks:✑ Assign User1 the Network Contributor role for Subscription1.✑ Assign User2 the Contributor role for RG1.To Subscription1 and RG1, you assign the following policy definition: External accounts with write permissions should be removed from your subscription.What is the Compliance State of the policy assignments?

Microsoft's AZ-500 You have 10 on-premises servers that run Windows Server 2019.You plan to implement Azure Security Center vulnerability scanning for the servers.What should you install on the servers first?

Microsoft's AZ-500 You have an Azure subscription name Sub1 that contains an Azure Policy definition named Policy1. Policy1 has the following settings:✑ Definition location: Tenant Root Group✑ Category: MonitoringYou need to ensure that resources that are noncompliant with Policy1 are listed in the Azure Security Center dashboard.What should you do first?

Microsoft's AZ-500 You have an Azure subscription.You plan to create a workflow automation in Azure Security Center that will automatically remediate a security vulnerability.What should you create first? E. an alert rule

Microsoft's AZ-500 You are troubleshooting a security issue for an Azure Storage account.You enable the diagnostic logs for the storage account.What should you use to retrieve the diagnostics logs?

Microsoft's AZ-500 You are troubleshooting a security issue for an Azure Storage account.You enable Azure Storage Analytics logs and archive it to a storage account.What should you use to retrieve the diagnostics logs?

Microsoft's AZ-500 You have an Azure Sentinel workspace.You need to create a playbook.Which two triggers will start the playbook? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point. E. An Azure Sentinel incident is created.

Microsoft's AZ-500 You are troubleshooting a security issue for an Azure Storage account.You enable Azure Storage Analytics logs and archive it to a storage account.What should you use to retrieve the diagnostics logs?

Microsoft's AZ-500 You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.You plan to enable passwordless authentication for the tenant.You need to ensure that User1 can enable the combined registration experience. The solution must use the principle of least privilege.Which role should you assign to User1?

Microsoft's AZ-500 You are troubleshooting a security issue for an Azure Storage account.You enable Azure Storage Analytics logs and archive it to a storage account.What should you use to retrieve the diagnostics logs?