Free Microsoft Azure Security Technologies AZ-500 Exam Practice Test

You onboard Azure Sentinel. You connect Azure Sentinel to Azure Security Center.You need to automate the mitigation of incidents in Azure Sentinel. The solution must minimize administrative effort.What should you create?

• an alert rule
• a playbook
• a function app
• a runbook

From Azure Security Center, you enable Azure Container Registry vulnerability scanning of the images inRegistry1.You perform the following actions:Push a Windows image named Image1 to Registry1.Push a Linux image named Image2 to Registry1.Push a Windows image named Image3 to Registry1.Modify Image1 and push the new image as Image4 to Registry1.Modify Image2 and push the new image as Image5 to Registry1.Which two images will be scanned for vulnerabilities? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.

• Image4
• Image2
• Image1
• Image3
• Image5

You have a web app hosted on an on-premises server that is accessed by using a URL of https://www.contoso.com. You plan to migrate the web app to Azure. You will continue to use https://www.contoso.com. You need to enable HTTPS for the Azure web app. What should you do first?

• Export the public key from the on-premises server and save the key as a P7b file.
• Export the private key from the on-premises server and save the key as a PFX file that is encrypted by using TripleDES.
• Export the public key from the on-premises server and save the key as a CER file.
• Export the private key from the on-premises server and save the key as a PFX file that is encrypted by using AES256.

Your company uses Azure DevOps.You need to recommend a method to validate whether the code meets the company's quality standards and code review standards.What should you recommend implementing in Azure DevOps?

• branch folders
• branch permissions
• branch policies
• branch locking

You need to ensure that you can meet the security operations requirements.What should you do first?

• Turn on Auto Provisioning in Security Center.
• Integrate Security Center and Microsoft Cloud App Security.
• Upgrade the pricing tier of Security Center to Standard.
• Modify the Security Center workspace configuration.

You need to meet the technical requirements for the finance department users.Which CAPolicy1 settings should you modify?

• Cloud apps or actions
• Conditions
• Grant
• Session

You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group JNSG) named NSG1. ServerAdmins can access the virtual machines by using RDP.You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access.What should you configure?

• an Azure policy assigned to RGl
• a just in time (JIT) VM access policy in Microsoft Defender for Cloud
• an Azure AD Privileged Identity Management (PiM) role assignment
• an Azure Bastion host on VNET1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure Subscription. The subscription contains 50 virtual machines that run Windows Server 2012 R2 or Windows Server 2016.You need to deploy Microsoft Antimalware to the virtual machines.Solution: You connect to each virtual machine and add a Windows feature.Does this meet the goal?

• Yes
• No

You have an Azure subscription that contains two virtual machines named VM1 and VM2 that run Windows Server 2019.You are implementing Update Management in Azure Automation.You plan to create a new update deployment named Update1.You need to ensure that Update! meets the following requirements:* Automatically applies updates to VM1 and VM2.* Automatically adds any new Windows Server 2019 virtual machines to Update1.What should you include in Update1?

• a security group that has a Membership type of Dynamic Device
• a security group that has a Membership type of Assigned
• a Kusto query language query
• a dynamic group query

Lab Taskuse the following login credentials as needed:To enter your username, place your cursor in the Sign in box and click on the username below.To enter your password. place your cursor in the Enter password box and click on the password below.Azure Username: Userl -28681041@ExamUsers.comAzure Password: GpOAe4@lDgIf the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.The following information is for technical support purposes only:Lab Instance: 28681041Task 9You need to ensure that the rg1lod28681041n1 Azure Storage account is encrypted by using a key stored in the KeyVault28681041 Azure key vault.

• Check below steps in explanation for Task