Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 1–10 of 147

Q1

Which setting enables auditing of Azure SQL databases?

  • A Advanced Data Security
  • B SQL Database Firewall
  • C Azure Monitor Alerts
  • D Data Encryption at Rest
Explanation Advanced Data Security provides auditing capabilities, while others deal with security or performance.
Q2

A company needs to ensure all APIs are accessed securely. What should they implement?

  • A Public IP Whitelisting
  • B Azure API Management
  • C Shared Access Signatures
  • D Network Security Groups
Explanation Azure API Management allows secure API access, unlike the others.
Q3

You are configuring Azure Security Center. What happens if you disable the security policy?

  • A Immediate threat protection stops
  • B Security recommendations are disabled
  • C All monitoring functionalities cease
  • D Data is automatically encrypted
Explanation Disabling the security policy halts recommendations but not monitoring or protection.
Q4

Which Azure service provides DDoS protection automatically?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Front Door
  • D Azure Application Gateway
Explanation Azure DDoS Protection automatically mitigates DDoS attacks; others do not provide this feature automatically.
Q5

A company needs to ensure that their data is encrypted both in transit and at rest. Which Azure solution should they implement?

  • A Azure SQL Database
  • B Azure Key Vault
  • C Azure Storage Service Encryption
  • D Azure VPN Gateway
Explanation Azure Storage Service Encryption provides encryption at rest, while others focus on encryption in transit or key management.
Q6

You are configuring security for an Azure subscription. What happens when you assign a role to a user at the resource group level?

  • A User can manage all resources
  • B User can only view resources
  • C User can manage resources within group
  • D User gains subscription-wide access
Explanation Assigning a role at the resource group level grants access only to that group’s resources, not all resources or subscription-wide access.
Q7

Which service provides Azure Active Directory identity protection?

  • A Azure AD Identity Protection
  • B Azure Monitor
  • C Azure Firewall
  • D Azure Security Center
Explanation Azure AD Identity Protection is specifically designed for identity security, while other options serve different purposes.
Q8

A company needs to restrict public access to their Azure Storage account but enables public blob access. What is the consequence of that configuration?

  • A Blobs are publicly accessible.
  • B Only private containers accessible.
  • C Containers are private only.
  • D Public access is completely blocked.
Explanation Enabling public blob access allows public access to blobs, the container’s restriction doesn’t impact blobs.
Q9

You are configuring Azure Security Center's recommendations. What happens when a recommendation is marked as 'resolved'?

  • A It removes all alerts.
  • B The issue is permanently fixed.
  • C It's hidden from the dashboard.
  • D The issue may be revisited later.
Explanation Marking a recommendation as resolved does not mean it is permanently fixed and can be revisited based on new assessments.
Q10

Which Azure service provides centralized policy management for resources?

  • A Azure Policy
  • B Azure Security Center
  • C Azure Sentinel
  • D Azure Monitor
Explanation Azure Policy allows you to create, assign, and manage policies to enforce rules over your resources; the other services have different focuses.