Back

Practice Free AZ-500 Exam Online Questions

Question #141

DRAG DROP

You have an Azure AD tenant that contains the users shown in the following table.

You enable passwordless authentication for the tenant.

Which authentication method can each user use for passwordless authentication? To answer, drag the appropriate authentication methods to the correct users. Each authentication method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #142

You have an Azure web app named webapp1.

You need to configure continuous deployment for webapp1 by using an Azure Repo.

What should you create first?

  • A . an Azure Application Insights service
  • B . an Azure DevOps organization
  • C . an Azure Storage account
  • D . an Azure DevTest Labs lab

Reveal Solution Hide Solution

Correct Answer: B
Question #142

You have an Azure web app named webapp1.

You need to configure continuous deployment for webapp1 by using an Azure Repo.

What should you create first?

  • A . an Azure Application Insights service
  • B . an Azure DevOps organization
  • C . an Azure Storage account
  • D . an Azure DevTest Labs lab

Reveal Solution Hide Solution

Correct Answer: B
Question #144

You have an Azure subscription that contains an Azure App Services web app named WebApp1.

WebApp1 is accessed by users in multiple Azure regions.

You need to secure access to WebApp1.

The solution must meet the following requirements:

* Protect against common web vulnerabilities.

* Optimize the routing of traffic from different regions.

What should you use?

  • A . Azure Application Gateway
  • B . Azure Content Delivery Network (CDN)
  • C . Azure Firewall
  • D . Azure Front Door Premium

Reveal Solution Hide Solution

Correct Answer: D
Question #145

You have an Azure subscription named Subscription1.

You deploy a Linux virtual machine named VM1 to Subscription1.

You need to monitor the metrics and the logs of VM1.

What should you use?

  • A . the AzurePerformanceDiagnostics extension
  • B . Azure HDInsight
  • C . Linux Diagnostic Extension (LAD) 3.0
  • D . Azure Analysis Services

Reveal Solution Hide Solution

Correct Answer: A
Question #146

You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings.

You need to create a custom sensitivity label.

What should you do first?

  • A . Create a custom sensitive information type.
  • B . Elevate access for global administrators in Azure AD.
  • C . Upgrade the pricing tier of the Security Center to Standard.
  • D . Enable integration with Microsoft Cloud App Security.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

First, you need to create a new sensitive information type because you can’t directly modify the default rules.

Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/customize-a-built-in-sensitive-information-type
Question #147

HOTSPOT

You work at a company named Contoso, Ltd. that has the offices shown in the following table.

Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com. All contoso.com users have Azure Multi-Factor Authentication (MFA) enabled.

The tenant contains the users shown in the following table.

The multi-factor settings for contoso.com are configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #148

You have a hybrid configuration of Azure Active Directory (Azure AD). You have an Azure SQL Database instance that is configured to support Azure AD authentication.

Database developers must connect to the database instance and authenticate by using their on-premises Active Directory account.

You need to ensure that developers can connect to the instance by using Microsoft SQL Server Management

Studio. The solution must minimize authentication prompts.

Which authentication method should you recommend?

  • A . Active Directory – Password
  • B . Active Directory – Universal with MFA support
  • C . SQL Server Authentication
  • D . Active Directory – Integrated

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication-configure
Question #149

HOTSPOT

You have an Azure subscription that contains the resources shown in the following table.

An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.

VM5 has just in time (JIT) VM access configured as shown in the following exhibit.

You enable JIT VM access for VM5.

NSG1 has the inbound rules shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #150

You have an Azure Active Din-dory (Azure AD) tenant named contoso.com that contains a user named User1.

You plan to publish several apps in the tenant.

You need to ensure that User1 can grant admin consent for the published apps.

Which two possible user roles can you assign to User! to achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

  • A . Application developer
  • B . Security administrator
  • C . Application administrator
  • D . User administrator
  • E . Cloud application administrator

Reveal Solution Hide Solution

Correct Answer: C, E
C, E

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent