Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 147

Q41

A company needs to manage user identities and groups in Azure AD but doesn't want a third-party solution. What should they use?

  • A Azure AD Premium
  • B Azure Key Vault
  • C App Service Authentication
  • D Azure Functions
Explanation Azure AD Premium provides robust identity and group management features without needing third-party tools.
Q42

You are configuring Azure Policy for resources. What happens when a resource does not comply with a policy?

  • A Resource deletion automatically occurs
  • B Resource is flagged as non-compliant
  • C Policy settings are ignored
  • D Policy won't apply to that resource
Explanation Non-compliant resources are flagged for review but are not deleted or ignored.
Q43

Which Azure service provides a centralized management platform for security policies?

  • A Azure Security Center
  • B Azure DevOps
  • C Azure Monitor
  • D Azure Active Directory
Explanation Azure Security Center centralizes security management, while others serve different purposes.
Q44

A company needs to ensure encryption for data at rest and in transit in Azure. What should they use?

  • A Key Vault and SSL
  • B Virtual Machine Scale Sets
  • C Load Balancers
  • D App Services
Explanation Key Vault manages keys for encryption, while SSL secures data in transit; others are not directly related to encryption.
Q45

You are configuring an Azure Firewall rule. What happens when the rule is set to deny for specific IP addresses?

  • A Traffic is blocked from those IPs
  • B Only incoming traffic is blocked
  • C Only outgoing traffic is denied
  • D No effect on traffic
Explanation A deny rule blocks all traffic from specified IPs; others misinterpret the rule's effect.
Q46

Which Azure service provides advanced threat protection for Azure resources?

  • A Azure Security Center
  • B Azure Functions
  • C Azure Storage
  • D Azure Logic Apps
Explanation Azure Security Center provides security management for Azure resources, unlike the other services listed.
Q47

A company needs to prevent SQL injection attacks on its Azure databases. What should they implement?

  • A Application Gateway WAF
  • B Azure Backup
  • C Azure Load Balancer
  • D Azure Monitor
Explanation Application Gateway WAF inspects and protects against SQL injection attacks, while the other options do not offer this functionality.
Q48

What happens when Azure AD Identity Protection detects a sign-in risk?

  • A User is automatically logged out
  • B User account is disabled
  • C Security policies may trigger an MFA challenge
  • D User credentials are changed
Explanation When a sign-in risk is detected, security policies may enforce additional authentication like MFA, unlike the other options.
Q49

Which Azure service provides identity management based on cloud and on-premises resources?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Blob Storage
  • D Azure Virtual Network
Explanation Azure Active Directory enables comprehensive identity management, unlike the other options which focus on storage or networking.
Q50

A company needs to enhance its security postures for Azure SQL Database. Which feature should they implement to monitor and alert on database threats?

  • A Advanced Threat Protection
  • B Azure Firewall
  • C Azure Policy
  • D Application Gateway
Explanation Advanced Threat Protection specifically focuses on detecting database threats, whereas others do not provide the same targeted monitoring.