Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 147

Q71

A company needs to restrict access to a storage account to only specific IP ranges. What should they configure?

  • A Firewall rules
  • B User roles
  • C Network Security Groups
  • D Service endpoints
Explanation Firewall rules allow specific IP range restrictions, while other options do not primarily serve this purpose.
Q72

What happens when you enable Microsoft Defender for Cloud on a resource group?

  • A All existing alerts are deleted
  • B Security recommendations are provided
  • C Costs increase immediately
  • D Access to all users is revoked
Explanation Enabling Microsoft Defender for Cloud provides security recommendations; the other options wrongly suggest adverse effects.
Q73

Which Azure service provides an integrated development environment for building applications?

  • A Azure DevOps
  • B Azure Functions
  • C Azure App Service
  • D Azure Blob Storage
Explanation Azure DevOps provides tools for collaboration and application development, unlike the other options which serve different purposes.
Q74

A company needs to ensure sensitive data is encrypted both in transit and at rest in Azure. What should they implement?

  • A Network Security Groups
  • B Azure Disk Encryption
  • C Azure Key Vault
  • D Azure Firewall
Explanation Azure Disk Encryption directly encrypts data at rest, while the other options focus on protection and access control.
Q75

What happens when an Azure Security Center security policy is set to 'Audit'?

  • A Non-compliance resources are blocked.
  • B Resources will be automatically remediated.
  • C Alerts are generated for non-compliance.
  • D Policies have no effect.
Explanation The 'Audit' setting allows monitoring by generating alerts, whereas blocking or auto-remediation occurs under stricter policies.
Q76

Which service provides a central point for access management?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Functions
  • D Azure Virtual Machines
Explanation Azure Active Directory is designed for identity and access management, while the others are service offerings with different functionalities.
Q77

A company needs to ensure continuous compliance with data protection regulations. What should they implement?

  • A Azure Policy
  • B Azure Backup
  • C Azure Monitor
  • D Azure Archive Storage
Explanation Azure Policy allows enforcement of compliance rules, while the others support data recovery or monitoring functions but not compliance management.
Q78

What happens when a user is added to an Azure role that grants access to resources?

  • A Access is granted immediately
  • B Access is scheduled
  • C Access requires verification
  • D Access is logged only
Explanation Access is granted immediately when the role assignment is applied, while the others incorrectly suggest delays or conditions.
Q79

Which Azure service provides unified monitoring and management for resources?

  • A Azure Monitor
  • B Azure Functions
  • C Azure Blob Storage
  • D Azure SQL Database
Explanation Azure Monitor provides comprehensive resource monitoring, whereas the others serve different functions.
Q80

A company needs to simulate a cyber-attack for training. Which Azure service should they use?

  • A Azure Sentinel
  • B Azure Security Center
  • C Azure DDoS Protection
  • D Microsoft Defender for Cloud
Explanation Azure Security Center offers secure assessments and simulations, unlike the others which have different focuses.