Microsoft Azure

Microsoft Azure Security Technologies

AZ-500
Popular

The AZ-500 exam assesses your skills in implementing security controls and threat protection on Azure.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 81–90 of 147

Q81

What happens when an Azure Key Vault is deleted but recovery enabled?

  • A It is permanently deleted immediately.
  • B All secrets become unrecoverable.
  • C It enters a soft-delete state.
  • D Recovery cannot be performed afterward.
Explanation Deleting the Key Vault enters a soft-delete state, allowing recovery, whereas the other options are incorrect scenarios.
Q82

Which Azure service is designed for secure file storage?

  • A Azure Blob Storage
  • B Azure Functions
  • C Azure SQL Database
  • D Azure Cosmos DB
Explanation Azure Blob Storage specifically addresses unstructured data storage and security. The other options serve different primary functions.
Q83

A company needs to limit access to secrets in Azure Key Vault. What should you implement?

  • A Managed Identities
  • B Network Security Groups
  • C Azure Policy
  • D Azure Monitor
Explanation Managed Identities help control access securely to the Key Vault. The other options are related to network access and monitoring.
Q84

What happens when a user enables Azure Disk Encryption but the VM's managed disks are not supported?

  • A Encryption fails and reports an error
  • B Encryption proceeds with reduced performance
  • C VM automatically switches to unmanaged disks
  • D Encryption completes without issues
Explanation If the disks are unsupported, the encryption process fails, and an error is generated. The other options imply incorrect behaviors that do not occur.
Q85

Which service is used for centralized key management in Azure?

  • A Azure Key Vault
  • B Azure Firewall
  • C Azure Monitor
  • D Azure Blob Storage
Explanation Azure Key Vault centralizes key management; others are unrelated.
Q86

A company needs to restrict application access based on user roles. Which Azure feature should they use?

  • A Azure Active Directory
  • B Network Security Groups
  • C Azure Logic Apps
  • D Azure Functions
Explanation Azure Active Directory manages user roles and access; others do not provide role-based access.
Q87

What happens when a user accesses an Azure resource without valid permissions?

  • A Access granted, permission logged
  • B Access denied, error message shown
  • C Permission request sent automatically
  • D Resource accessed without restriction
Explanation Access is denied when permissions are invalid; other options suggest incorrect behavior.
Q88

Which Azure service provides advanced threat protection for VMs?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Advisor
  • D Azure Network Watcher
Explanation Azure Security Center offers comprehensive security management, while others provide different functionalities.
Q89

A company needs to limit user access to Azure resources based on geographic location. What should they implement?

  • A Azure Role-Based Access Control
  • B Azure Policy
  • C Conditional Access
  • D Network Security Groups
Explanation Conditional Access can enforce restrictions based on user location; others do not provide that capability directly.
Q90

You are configuring a virtual network in Azure. What happens when you associate a network security group (NSG) with the subnet?

  • A All internal traffic is blocked
  • B Inbound and outbound rules apply
  • C NSG applies to VMs only
  • D Only inbound rules take effect
Explanation NSG rules apply to both inbound and outbound traffic at the subnet level; the other options misrepresent NSG behavior.