Practice Free AZ-500 Exam Online Questions
You have a hybrid configuration of Azure Active Directory (Azure AD). You have an Azure SQL Database instance that is configured to support Azure AD authentication.
Database developers must connect to the database instance and authenticate by using their on-premises Active Directory account.
You need to ensure that developers can connect to the instance by using Microsoft SQL Server Management Studio. The solution must minimize authentication prompts.
Which authentication method should you recommend?
- A . Active Directory – Password
- B . Active Directory – Universal with MFA support
- C . SQL Server Authentication
- D . Active Directory – Integrated
You have a web app hosted on an on-premises server that is accessed by using a URL of https://www.contoso.com. You plan to migrate the web app to Azure. You will continue to use https://www.contoso.com. You need to enable HTTPS for the Azure web app.
What should you do first?
- A . Export the public key from the on-premises server and save the key as a P7b file.
- B . Export the private key from the on-premises server and save the key as a PFX file that is encrypted by using TripleDES.
- C . Export the public key from the on-premises server and save the key as a CER file.
- D . Export the private key from the on-premises server and save the key as a PFX file that is encrypted by using AES256.
Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.
After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.
You have an Azure subscription that contains the resources shown in the following table.
You have the users shown in the following table.
You create an Azure SQL managed instance named SQL1 and enable Microsoft Entra-only authentication. You need to ensure that both User1 and User2 are set as the Microsoft Entra admin for SQL1.
Solution: You set MM as the Microsoft Entra admin for SQL1.
Does this meet the goal?
- A . Yes
- B . No
HOTSPOT
You have an Azure subscription that contains an Azure firewall named AzFW1. AzFW1 has a firewall policy named FWPolicy1.
You need to add rule collections to FWPolicy1 to meet the following requirements:
• Allow traffic based on the FQDN of the destination.
• Allow TCP traffic.
Which types of rule collections should you add for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that contains an Azure firewall named AzFW1. AzFW1 has a firewall policy named FWPolicy1.
You need to add rule collections to FWPolicy1 to meet the following requirements:
• Allow traffic based on the FQDN of the destination.
• Allow TCP traffic.
Which types of rule collections should you add for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that uses Microsoft Defender for Cloud.
You plan to use the Secure Score Over Time workbook.
You need to configure the Continuous export settings for the Defender for Cloud data.
Which two settings should you configure? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure Container Registry named ContReg1 that contains a container image named image1.
You enable content trust for ContReg1.
After content trust is enabled, you push two images to ContReg1 as shown in the following table.
Which images are trusted images?
- A . image1 and image2 only
- B . image2 only
- C . image1, image2, and image3
You have an Azure subscription named Sub1 that contains the resources shown in the following table.
You need to ensure that you can provide VM1 with secure access to a database on SQL1 by using a contained database user.
What should you do?
- A . Enable a managed service identity on VM1.
- B . Create a secret in KV1.
- C . Configure a service endpoint on SQL1.
- D . Create a key in KV1.
You company has an Azure subscription named Sub1. Sub1 contains an Azure web app named WebApp1 that uses Azure Application Insights. WebApp1 requires users to authenticate by using OAuth 2.0 client secrets.
Developers at the company plan to create a multi-step web test app that preforms synthetic transactions emulating user traffic to Web App1.
You need to ensure that web tests can run unattended.
What should you do first?
- A . In Microsoft Visual Studio, modify the .webtest file.
- B . Upload the .webtest file to Application Insights.
- C . Register the web test app in Azure AD.
- D . Add a plug-in to the web test app.
HOTSPOT
You have an Azure subscription named Sub1 and use Microsoft Defender for Cloud. Sub1 contains a user named User1 and a resource group named RG1. RG1 contains a Log Analytics workspace named Workspace1.
You need to ensure that User1 can modify Azure Logic Apps workflows triggered in response to security incidents. The solution must follow the principle of least privilege.
Which role should you assign to User1. and to which resource should you assign the role? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
