Browse Exams Pricing

ExamsAZ-500Questions

AZ-500 Exam Questions

626 real AZ-500 exam questions with expert-verified answers and explanations. Page 2 of 13.

Question #55Monitor and maintain Azure resources - specifically using Azure Monitor components (Activity Log and Log Analytics Logs) to audit resource changes and query VM security telemetry. Relevant to AZ-104 Domain: Monitor and Back Up Azure Resources.
Drag and Drop Question You have an Azure subscription that contains 100 virtual machines. Azure Diagnostics is enabled on all the virtual machines. You are planning the monitoring...
Azure MonitorActivity LogLog AnalyticsAzure Diagnostics
Question #56Implement and manage application access and permissions in Azure Active Directory (Manage identities and governance / Identity and Access Management)
Drag and Drop Question Your company has an Azure Active Directory (Azure AD) tenant named contoso.com. The company is developing an application named App1. App1 will run as a servi...
Azure AD App RegistrationMicrosoft Graph PermissionsApplication vs Delegated PermissionsService Principal / Daemon Apps
Question #58
Hotspot Question You need to create an Azure key vault. The solution must ensure that any object deleted from the key vault be retained for 90 days. How should you complete the com...
Question #59Implement and manage identity and access / Configure security for storage and key management (AZ-104 / SC-900 / AZ-500 - Managing Azure Automation and Key Vault integration)
Drag and Drop Question You have an Azure subscription named Sub1 that contains an Azure Storage account named Contosostorage1 and an Azure key vault named Contosokeyvault1. You pla...
Azure AutomationKey VaultStorage Account Key RotationRunbook Prerequisites
Question #61Secure compute, storage, and databases
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure StorageShared Access Signatures (SAS)Azure Resource LocksAccess Revocation
Question #62Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure PolicyPolicy ScopingAzure GovernanceMicrosoft Defender for Cloud
Question #63Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure PolicyManagement GroupsPolicy AssignmentAzure Governance
Question #64Secure identity and access
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure HDInsightAzure AD Domain ServicesHybrid IdentityAuthentication
Question #65Secure identity and access
Your network contains an Active Directory forest named contoso.com. You have an Azure Directory (Azure AD) tenant named contoso.com. You plan to configure synchronization by using...
Azure AD ConnectIdentity SynchronizationAzure AD RolesActive Directory Groups
Question #66Secure compute, storage, and databases
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure VM extensionsMicrosoft AntimalwareVirtual machine securityEndpoint protection
Question #67Secure compute, storage, and databases
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure VM securityMicrosoft AntimalwareVM extensionsSecurity deployment
Question #68Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
From Azure Security Center, you create a custom alert rule. You need to configure which users will receive an email message when the alert is triggered. What should you do?
Microsoft Defender for CloudAzure Monitor Action GroupsSecurity AlertsNotifications
Question #69Secure identity and access
You have an Azure subscription that contains a virtual machine named VM1. You create an Azure key vault that has the following configurations: Name: Vault5 Region: West US Resource...
Azure Key VaultAccess PoliciesAzure Disk EncryptionAzure Backup
Question #70Secure identity and access
You have an Azure subscription named Sub1 that contains the resources shown in the following table. You need to ensure that you can provide VM1 with secure access to a database on...
Managed IdentitiesAzure Active DirectoryService-to-service authenticationAzure SQL Database security
Question #71Manage identity and access - specifically implementing and configuring Azure Active Directory Privileged Identity Management (PIM) to secure and govern privileged access to Azure AD roles (AZ-500 / SC-300 domain).
Drag and Drop Question You create an Azure subscription with Azure AD Premium P2. You need to ensure that you can use Azure Active Directory (Azure AD) Privileged Identity Manageme...
Azure AD Privileged Identity ManagementPIM OnboardingAzure AD RolesMulti-Factor Authentication
Question #72Monitor and maintain Azure resources - Configure and manage Azure Monitor alerts, action groups, and action rules including suppression scopes
Hotspot Question You have an Azure subscription that contains the resources shown in the following table. VM1 and VM2 are stopped. You create an alert rule that has the following s...
Azure Monitor AlertsAction RulesAlert SuppressionAdministrative Operations
Question #73Monitor and maintain Azure resources - specifically configuring Log Analytics workspaces and controlling the scope of monitoring solutions to manage data collection and costs.
Drag and Drop Question You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1. You have 500 Azure virtual machines that run Windows Ser...
Azure MonitorLog AnalyticsSolution TargetingUpdate Management
Question #74Implement and manage data protection / Configure security for storage - specifically enabling encryption for Azure IaaS virtual machine disks using Azure Disk Encryption and Azure Key Vault (AZ-104 / AZ-500 Security domain)
Drag and Drop Question You have an Azure subscription named Sub1. Sub1 contains an Azure virtual machine named VM1 that runs Windows Server 2016. You need to encrypt VM1 disks by u...
Azure Disk EncryptionAzure Key VaultVirtual Machine SecurityPowerShell for Azure
Question #75Secure networking
Case Study 2 - Contoso, Ltd Overview Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. The company hosts its...
Azure FirewallNetwork securityVirtual NetworkSubnet configuration
Question #76Secure networking
Case Study 2 - Contoso, Ltd Overview Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York. The company hosts its...
Network connectivityNSG rulesVirtual networksTroubleshooting
Question #77Secure identity and access
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure AD Application ProxyHDInsight authenticationHybrid identityOn-premises AD integration
Question #78Secure compute, storage, and databases
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure StorageShared Access SignaturesAccess KeysRevocation
Question #79Secure identity and access
You have a hybrid configuration of Azure Active Directory (Azure AD). You have an Azure SQL Database instance that is configured to support Azure AD authentication. Database develo...
Azure AD AuthenticationAzure SQL DatabaseHybrid IdentitySSMS
Question #80Secure identity and access
You plan to use Azure Resource Manager templates to perform multiple deployments of identically configured Azure virtual machines. The password for the administrator account of eac...
ARM TemplatesAzure Key VaultSecrets ManagementDynamic Deployments
Question #81Secure identity and access
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com. An administrator named Admin1 has access to the follo...
Azure SubscriptionsAzure AD IdentitySubscription ManagementAccount Ownership
Question #82Secure identity and access
Your company plans to create separate subscriptions for each department. Each subscription will be associated to the same Azure Active Directory (Azure AD) tenant. You need to conf...
Azure BlueprintsRole AssignmentsSubscription GovernanceConsistent Configuration
Question #83Secure networking
You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all net...
Azure NetworkingUser-Defined Routes (UDR)Network Virtual Appliances (NVA)Traffic Routing
Question #84Secure networking
You have an Azure subscription that contains the virtual networks shown in the following table. The subscription contains the virtual machines shown in the following table. On NIC1...
Application Security Groups (ASG)Network Security Groups (NSG)Azure Virtual NetworkingNetwork Interfaces
Question #85Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
You have 15 Azure virtual machines in a resource group named RG1. All virtual machines run identical applications. You need to prevent unauthorized applications and malware from ru...
Microsoft Defender for CloudVirtual Machine securityAdaptive application controlsMalware prevention
Question #86Secure compute, storage, and databases
You plan to deploy Azure container instances. You have a containerized application that validates credit cards. The application is comprised of two containers: an application conta...
Azure Container InstancesContainer GroupsContainer NetworkingContainerized Application Deployment
Question #87Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure PolicyPolicy InitiativesPolicy ScopeMulti-subscription Management
Question #88Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
You have an Azure subscription named Sub1 that contains the virtual machines shown in the following table. You need to ensure that the virtual machines in RG1 have the Remote Deskt...
Just-in-Time (JIT) VM accessVirtual machine securityNetwork access controlMicrosoft Defender for Cloud
Question #89Secure networking
You have 10 virtual machines on a single subnet that has a single network security group (NSG). You need to log the network traffic to an Azure Storage account. Which two actions s...
NSG Flow LogsAzure Network WatcherNetwork Traffic LoggingNetwork Security Groups
Question #90Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
You have an Azure subscription that contains the virtual machines shown in the following table. From Azure Security Center, you turn on Auto Provisioning. You deploy the virtual ma...
Microsoft Defender for CloudAuto ProvisioningLog Analytics agentVirtual Machine Security
Question #91Secure compute, storage, and databases
You have an Azure subscription named Sub1 that contains the Azure key vaults shown in the following table: In Sub1, you create a virtual machine that has the following configuratio...
Azure Disk EncryptionAzure Key VaultVM SecurityEncryption Key Management
Question #92Secure compute, storage, and databases
You have an Azure web app named webapp1. You need to configure continuous deployment for webapp1 by using an Azure Repo. What should you create first?
Continuous DeploymentAzure DevOpsAzure ReposWeb Apps
Question #93Secure identity and access
Hotspot Question You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. Azure AD Privileged Identity Managemen...
Azure AD PIMMulti-Factor Authentication (MFA)Role activationIdentity security
Question #94Secure identity and access
Hotspot Question You create a new Azure subscription that is associated to a new Azure Active Directory (Azure AD) tenant. You create one active conditional access policy named Por...
Azure AD Conditional AccessConditional Access policiesLocations conditionMFA
Question #95Implement and manage identity and access - specifically configuring and interpreting Azure Active Directory Conditional Access policies including named locations, MFA enforcement, and cloud app targeting (AZ-500 / SC-300 / AZ-104)
Hotspot Question You have a network security group (NSG) bound to an Azure subnet. You run Get-AzureRmNetworkSecurityRuleConfig and receive the output shown in the following exhibi...
Azure Conditional AccessMulti-Factor AuthenticationNamed LocationsAzure AD Identity Protection
Question #96Secure networking
Hotspot Question You create resources in an Azure subscription as shown in the following table. VNET1 contains two subnets named Subnet1 and Subnet2. Subnet1 has a network ID of 10...
Network Security GroupsNSG rulesVirtual NetworkSubnet security
Question #97Secure compute, storage, and databases
Hotspot Question You have an Azure subscription that contains an Azure key vault named Vault1. On January 1, 2019, Vault1 stores the following secrets. Which can each secret be use...
Azure Key VaultSecrets managementSecret lifecycleApplication security
Question #100Secure compute, storage, and databases
You are securing access to the resources in an Azure subscription. A new company policy states that all the Azure virtual machines in the subscription must use managed disks. You n...
Question #101Secure identity and access
You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry. You need to use automatically generated service principal for the AKS cluster t...
AKS authenticationACR integrationAzure RBACManaged Identities
Question #102Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some q...
Azure PolicyManagement GroupsMicrosoft Defender for CloudCentralized Policy Management
Question #103Secure compute, storage, and databases
You have the Azure virtual machines shown in the following table. For which virtual machine can you enable Update Management?
Update ManagementAzure AutomationVirtual MachinesPatch Management
Question #104Secure identity and access
You have an Azure subscription that contains a user named User1 and an Azure Container Registry named ConReg1. You enable content trust for ContReg1. You need to ensure that User1...
Azure Container Registry (ACR)Content TrustRole-Based Access Control (RBAC)Least Privilege
Question #105Secure compute, storage, and databases
You are troubleshooting a security issue for an Azure Storage account. You enable the diagnostic logs for the storage account. What should you use to retrieve the diagnostics logs?
Azure StorageDiagnostic LogsAzCopyLog Retrieval
Question #106Secure compute, storage, and databases
You have an Azure Storage account named storage1 that has a container named container1. You need to prevent the blobs in container1 from being modified. What should you do?
Azure StorageImmutability PolicyWORMData Protection
Question #107Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
You company has an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to create several security alerts by using Azure Monitor. You need to prepare the Azure subs...
Question #108Secure identity and access
You company has an Azure subscription named Sub1. Sub1 contains an Azure web app named WebApp1 that uses Azure Application Insights. WebApp1 requires users to authenticate by using...
Azure Application InsightsMulti-step web testsUnattended testingOAuth 2.0 client secrets

PreviousPage 2 of 13Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.