Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 21–30 of 147

Q21

What happens when a resource is mistakenly deleted without proper retention policies set?

  • A Resource is permanently lost
  • B Resource can be restored easily
  • C Resource enters a recovery state
  • D Resource is archived automatically
Explanation Without retention policies, deleted resources are permanently lost; the other options provide misleading recovery assumptions.
Q22

Which Azure service is primarily used for identity management?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Firewall
  • D Azure Monitor
Explanation Azure Active Directory is designed for identity management, while others serve different purposes.
Q23

A company needs to restrict access to its Azure storage account based on IP address ranges. Which feature should they implement?

  • A Service Endpoint
  • B Network Security Group
  • C Storage Firewall
  • D Azure Policy
Explanation The Storage Firewall allows for IP restriction, while the other options are not directly aimed at this purpose.
Q24

What happens when a Security Center recommendation is marked as 'Resolved'?

  • A It is permanently deleted
  • B It will be re-evaluated later
  • C The associated threat is eliminated
  • D It is archived for auditing
Explanation Marked recommendations are re-evaluated, not deleted or archived, ensuring ongoing security compliance.
Q25

Which Azure service provides security for APIs?

  • A Azure API Management
  • B Azure Logic Apps
  • C Azure Data Lake
  • D Azure Blob Storage
Explanation Azure API Management secures APIs through policies, while others serve different purposes.
Q26

A company needs to ensure that their storage account data is encrypted. Which option should they enable?

  • A Blob Versioning
  • B Azure Disk Encryption
  • C Storage Service Encryption
  • D Azure Key Vault
Explanation Storage Service Encryption automatically encrypts data at rest; other options don't explicitly serve this purpose.
Q27

What happens when you configure a user-defined route in Azure Virtual Network?

  • A Sets static IP for the VM
  • B Bypasses NVA
  • C Overrides default routing
  • D Enables VPN connections
Explanation User-defined routes allow you to override the default routing table; others don’t directly change routing behavior.
Q28

Which Azure service provides managed DDoS protection?

  • A Azure DDoS Protection
  • B Azure Traffic Manager
  • C Azure Security Center
  • D Azure Front Door
Explanation Azure DDoS Protection specifically mitigates Distributed Denial of Service attacks; other options serve different purposes.
Q29

A company needs to ensure that Azure Active Directory users can sign in via SSO to both Azure and on-premises applications. Which solution should they implement?

  • A Conditional Access
  • B Azure AD Connect
  • C Privileged Identity Management
  • D Identity Protection
Explanation Azure AD Connect synchronizes on-premises identities for SSO, while the other options focus on different functions.
Q30

What happens when a multi-factor authentication (MFA) method is disabled for a user?

  • A User cannot sign in.
  • B User can sign in without MFA.
  • C User's access is permanently revoked.
  • D User receives no notifications.
Explanation Disabling MFA allows users to sign in without extra verification; other options imply actions that are incorrect.