Practice Free AZ-500 Exam Online Questions
You need to meet the technical requirements for the finance department users.
Which CAPolicy1 settings should you modify?
- A . Cloud apps or actions
- B . Conditions
- C . Grant
- D . Session
You have an Azure key vault named Vault1 that stores the resources shown in the following table.
Which resources support the creation of a rotation policy?
- A . Key 1 only
- B . Cert1 only
- C . Key1 and Secret1 only
- D . Key1 and Cert1 only
- E . Secret1 and Cert1 only
- F . Key1, Secret1, and Cert1
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant.
From the Azure portal, you register an enterprise application.
Which additional resource will be created in Azure AD?
- A . a service principal
- B . an X.509 certificate
- C . a managed identity
- D . a user account
You have an Azure subscription that contains the users shown in the following table.
Which users can enable Azure AD Privileged Identity Management (PIM)?
- A . User2 and User3 only
- B . User1 and User2 only
- C . User2 only
- D . User1 only
You have the Azure virtual machines shown in the following table.
Each virtual machine has a single network interface.
You add the network interface of VM1 to an application security group named ASG1.
You need to identify the network interfaces of which virtual machines you can add to ASG1.
What should you identify?
- A . VM2 only
- B . VM2, VM3, VM4, and VM5
- C . VM2, VM3, and VM5 only
- D . Vm2 and Vm3 only
You have the Azure virtual machines shown in the following table.
Each virtual machine has a single network interface.
You add the network interface of VM1 to an application security group named ASG1.
You need to identify the network interfaces of which virtual machines you can add to ASG1.
What should you identify?
- A . VM2 only
- B . VM2, VM3, VM4, and VM5
- C . VM2, VM3, and VM5 only
- D . Vm2 and Vm3 only
You have an Azure subscription that contains an app named App1.
App1 has the app registration shown in the following table.
You need to ensure that App1 can read all user calendars and create appointments. The solution must use the principle of least privilege.
What should you do?
- A . Add a new Delegated API permission for Microsoft.Graph Calendars.ReadWrite.
- B . Add a new Application API permission for Microsoft.Graph Calendars.ReadWrite.
- C . Select Grant admin consent.
- D . Add a new Delegated API permission for Microsoft.Graph Calendars.ReadWrite.Shared.
You are testing an Azure Kubernetes Service (AKS) cluster.
The cluster is configured as shown in the exhibit. (Click the Exhibit tab.)
You plan to deploy the cluster to production. You disable HTTP application routing.
You need to implement application routing that will provide reverse proxy and TLS termination for AKS services by using a single IP address.
What should you do?
- A . Create an AKS Ingress controller.
- B . Install the container network interface (CNI) plug-in.
- C . Create an Azure Standard Load Balancer.
- D . Create an Azure Basic Load Balancer.
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
You create and enforce an Azure AD Identity Protection user risk policy that has the following settings:
– Assignment: Include Group1, Exclude Group2
– Conditions: Sign-in risk of Medium and above
– Access: Allow access, Require password change
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You need to ensure that User1 can create and manage administrative units. The solution must use the principle of least privilege.
Which role should you assign to User1?
- A . Privileged role administrator
- B . Helpdesk administrator
- C . Global administrator
- D . Security administrator