Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 101–110 of 147

Q101

A company needs to restrict access to resources based on the role of a user. Which Azure feature should they implement?

  • A Network Security Groups
  • B Role-Based Access Control (RBAC)
  • C Azure AD Identity Protection
  • D Azure Firewall
Explanation Role-Based Access Control (RBAC) specifically restricts access based on roles, while the others serve different security functionalities.
Q102

What happens when you enable Managed Identity for an Azure resource?

  • A Resource gets a new IP address.
  • B Provides an identity to authenticate with Azure services.
  • C Encrypts the resource's data at rest.
  • D Changes the resource's location.
Explanation Enabling Managed Identity gives your resource a unique identity for Azure service authentication, whereas the others do not apply.
Q103

Which service helps protect Azure resources from DDoS attacks?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Application Gateway
Explanation Azure DDoS Protection specifically mitigates DDoS attacks, while others serve different security functions.
Q104

A company needs to prevent unauthorized access to sensitive data in Azure Blob Storage. What should they implement?

  • A Azure RBAC
  • B VNet Peering
  • C Network Security Groups
  • D Azure Load Balancer
Explanation Azure RBAC granularity helps enforce access controls, while others do not directly manage permissions.
Q105

You are configuring Azure Sentinel. What happens when an alert is triggered with a high severity level?

  • A Alert is ignored
  • B Investigation recommended
  • C Automatic remediation occurs
  • D Alert closes automatically
Explanation High severity alerts prompt a recommendation for further investigation, while others imply incorrect assumptions about automation or oversight.
Q106

Which service provides unified security tools for Azure?

  • A Azure Security Center
  • B Azure Active Directory
  • C Azure Monitor
  • D Azure DevOps
Explanation Azure Security Center offers centralized security management, while others serve different purposes.
Q107

A company needs to restrict VPN access to certain Azure resources. Which feature should they use?

  • A Network Security Groups
  • B Azure Firewall
  • C Role-Based Access Control
  • D Privileged Identity Management
Explanation Network Security Groups allow traffic control, while others manage permissions or identities.
Q108

What happens when an Azure AD user tries to access a resource without appropriate MFA?

  • A Access is granted immediately
  • B User is prompted for MFA
  • C Access is granted after delay
  • D User is logged out
Explanation Users must provide MFA to access resources when required, while the other options misrepresented the access flow.
Q109

Which Azure service provides global distribution of applications?

  • A Azure Front Door
  • B Azure Functions
  • C Azure VM Scale Sets
  • D Azure Data Lake Storage
Explanation Azure Front Door offers global application distribution; the others do not specialize in this.
Q110

A company needs to ensure that only users in the HR department can access sensitive employee data stored in Azure Storage. What should you implement?

  • A Shared Access Signatures
  • B Azure RBAC
  • C Network Security Groups
  • D Azure Key Vault
Explanation Azure RBAC allows role-based access control for users; others do not manage access in the same way.