Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 147

Q131

A company needs to enforce multi-factor authentication for all users. Which condition must they implement?

  • A Only for external users
  • B On all sign-in attempts
  • C For users with admin roles
  • D Only during weekdays
Explanation MFA must be enforced on all sign-in attempts to ensure comprehensive security.
Q132

What happens when you assign more than one role to a user in Azure AD?

  • A Only the highest role applies
  • B Roles are cumulative
  • C Only the last role takes effect
  • D User cannot have multiple roles
Explanation Roles assigned to a user are cumulative, granting combined permissions.
Q133

Which service provides threat detection in Azure?

  • A Azure Security Center
  • B Azure Active Directory
  • C Azure Monitor
  • D Azure Kubernetes Service
Explanation Azure Security Center provides comprehensive threat detection, while the others focus on different aspects of Azure services.
Q134

A company needs to minimize data loss in their Azure storage. Which replication option should they choose?

  • A Locally Redundant Storage (LRS)
  • B Read-Access Geo-Redundant Storage (RA-GRS)
  • C Zone-Redundant Storage (ZRS)
  • D Geo-Redundant Storage (GRS)
Explanation Geo-Redundant Storage (GRS) replicates data across regions to minimize data loss, unlike LRS or ZRS.
Q135

What happens when you enable Azure Defender for SQL?

  • A Database is automatically backed up
  • B Performance is significantly improved
  • C Security alerts are generated
  • D All firewall rules are deleted
Explanation Azure Defender for SQL generates security alerts and threat intelligence, while other options are incorrect actions.
Q136

Which Azure service is used for advanced threat protection?

  • A Azure Sentinel
  • B Azure Functions
  • C Azure Blob Storage
  • D Azure Kubernetes Service
Explanation Azure Sentinel is designed for advanced threat protection; others serve different purposes.
Q137

A company needs to ensure that sensitive data is protected when shared across Azure subscriptions. What should they implement?

  • A Azure Private Link
  • B Azure DevOps
  • C Azure Blob Storage
  • D Azure Firewall
Explanation Azure Private Link provides secure access to services without exposing them to the public internet.
Q138

You are configuring Azure Key Vault. What happens when a key’s version is deleted?

  • A Key becomes unrecoverable
  • B It remains accessible
  • C Soft delete allows recovery
  • D Key is permanently lost
Explanation Soft delete allows retrieval of deleted keys, while others imply permanent loss.
Q139

Which Azure service secures your applications by offering centralized control over API access?

  • A Azure API Management
  • B Azure DevOps
  • C Azure Functions
  • D Azure Logic Apps
Explanation Azure API Management controls access to APIs, while others serve different functions.
Q140

A company needs to ensure that storage accounts are encrypted at rest. What should they configure?

  • A Storage account replication
  • B Azure Disk Encryption
  • C Storage Service Encryption
  • D Network Security Groups
Explanation Storage Service Encryption provides encryption at rest, whereas the others address different needs.