Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–147 of 147

Q141

What happens when an Azure AD conditional access policy is triggered?

  • A User access is always granted
  • B User is blocked regardless of risk
  • C User may be required to authenticate again
  • D Policy has no effect on user access
Explanation Triggered policies can require additional authentication, while the other options are incorrect actions.
Q142

Which service provides a unified security management system in Azure?

  • A Azure Security Center
  • B Azure Logic Apps
  • C Azure DevOps
  • D Azure Sentinel
Explanation Azure Security Center provides security management; others do not serve this purpose.
Q143

A company needs to ensure their Azure Virtual Machines are not accessible from the public internet. What should they configure?

  • A Public IP addresses
  • B Network Security Groups
  • C Azure Load Balancer
  • D VM Scale Sets
Explanation Network Security Groups can restrict traffic effectively; others do not enforce security in this way.
Q144

You are configuring Azure Active Directory. What will happen if you disable a user account?

  • A User cannot log in or access resources
  • B All user data is deleted
  • C User retains access for 30 days
  • D Account automatically reactivates
Explanation Disabling an account prevents access immediately; others incorrectly state data deletion or self-recovery.
Q145

Which service primarily protects against DDoS attacks in Azure?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Application Gateway
Explanation Azure DDoS Protection specifically mitigates DDoS attacks; the others have different security functions.
Q146

A company needs to ensure an alert is triggered when sensitive data is accessed. Which Azure service should they use?

  • A Azure Sentinel
  • B Azure Policy
  • C Azure Monitor
  • D Azure Security Center
Explanation Azure Sentinel provides advanced threat detection and response capabilities, while the other services are not primarily for alerting on sensitive data access.
Q147

You are configuring Azure Key Vault for your application. What needs to be done to allow your app to retrieve secrets?

  • A Assign storage access permissions
  • B Set up a managed identity
  • C Use shared access signatures
  • D Enable public access
Explanation A managed identity is required to securely authenticate your app to Key Vault; the other options do not grant proper access to secrets.