Exam AZ-500: Microsoft Azure Security Technologies
Exam Number: AZ-500 | Length of test: 120 mins |
Exam Name: Microsoft Azure Security Technologies | Number of questions in the actual exam: 40-60 |
Format: PDF, VPLUS | Passing Score: 700/1000 |
Total Questions: 439 $30 Premium PDF file 2 months updates Last updated: November-2024 |
Total Questions: 439 FREE Premium VPLUS file Last updated: November-2024 |
Download practice test questions – AZ-500 exam topic
Title | Size | Hits | Download |
---|---|---|---|
Microsoft.AZ-500.vNov-2024.by.Dien.122q | 15.93 MB | 38 | Download |
Microsoft.AZ-500.vNov-2024.by.Dien.122q | 16.01 MB | 24 | Download |
Microsoft.AZ-500.vJun-2024.by.Any.158q | 21.40 MB | 112 | Download |
Microsoft.AZ-500.vFeb-2024.by.Yasi.126q | 17.73 MB | 96 | Download |
Microsoft.AZ-500.vDec-2023.by.Lazyo.168q | 21.22 MB | 76 | Download |
Study guide for Exam AZ-500: Microsoft Azure Security Technologies
Audience profile
As the Azure security engineer, you implement, manage, and monitor security for resources in Azure, multi-cloud, and hybrid environments as part of an end-to-end infrastructure. You recommend security components and configurations to protect the following:
- Identity and access
- Data
- Applications
- Networks
Your responsibilities as an Azure security engineer include:
- Managing the security posture.
- Identifying and remediating vulnerabilities.
- Performing threat modelling.
- Implementing threat protection.
You may also participate in responding to security incidents. As an Azure security engineer, you work with architects, administrators, and developers to plan and implement solutions that meet security and compliance requirements.
You should have:
- Practical experience in administration of Microsoft Azure and hybrid environments.
- Strong familiarity with compute, network, and storage in Azure and Microsoft Entra ID.
Skills at a glance
Manage identity and access (25–30%)
- Manage Microsoft Entra identities
- Manage Microsoft Entra authentication
- Manage Microsoft Entra authorization
- Manage Microsoft Entra application access
Secure networking (20–25%)
- Plan and implement security for virtual networks
- Plan and implement security for private access to Azure resources
- Plan and implement security for public access to Azure resources
Secure compute, storage, and databases (20–25%)
- Plan and implement advanced security for compute
- Plan and implement security for storage
- Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
Manage security operations (25–30%)
- Plan, implement, and manage governance for security
- Manage security posture by using Microsoft Defender for Cloud
- Configure and manage threat protection by using Microsoft Defender for Cloud
- Configure and manage security monitoring and automation solutions
Some new questions:
Q
You have an Azure subscription that contains an Azure key vault named Vault1 and a virtual machine named VM1. VM1 has the Key Vault VM extension installed.
For Vault1, you rotate the keys, secrets, and certificates.
What will be updated automatically on VM1?
A. the keys only
B. the secrets only
C. the certificates only
D. the keys and secrets only
E. the secrets and certificates only
F. the keys, secrets, and certificates
Q
You have a Microsoft Entra tenant that uses Microsoft Entra Permissions Management and contains the accounts shown in the following table:
Which accounts will be listed as assigned to highly privileged roles on the Azure AD insights tab in the Entra Permissions Management portal?
A. Admin1 only
B. Admin2 and Admin3 only
C. Admin2 and Admin4 only
D. Admin1. Admin2, and Admin3 only
E. Admin2. Admin3, and Admin4 only
F. Admin1. Admin2, Admin3. and Admin4
Q
HOTSPOT
You have a Microsoft Entra tenant that contains the users shown in the following table.
You configure a Conditional Access policy that has the following settings:
* Name: CAPolicy1
* Assignments
o Users or workload identities: Group1
o Target resources: All cloud apps
* Access controls
o Grant access: Require multifactor authentication
From Microsoft Authenticator settings for the tenant, the Enable and Target settings are configured as shown in the Enable and Target exhibit. (Click the Enable and Target tab.)
From Microsoft Authenticator settings for the tenant, the Configure settings are configured as shown in the Configure exhibit. (Click the Configure tab.)
Q
You have an Azure subscription that contains an Azure Kubernetes Service (AKS) cluster named AKS1.
You have an Azure container registry that stores container images that were deployed by using Azure DevOps Microsoft-hosted agents.
You need to ensure that administrators can access AKS1 only from specific networks. The solution must minimize administrative effort.
What should you configure for AKS1?
A. an Application Gateway Ingress Controller (AGIC)
B. a private cluster
C. authorized IP address ranges
D. a private endpoint
………….