Microsoft AZ-500 Übungsprüfungen
Zuletzt aktualisiert am 03.02.2026- Prüfungscode: AZ-500
- Prüfungsname: Microsoft Azure Security Technologies
- Zertifizierungsanbieter: Microsoft
- Zuletzt aktualisiert am: 03.02.2026
You have an Azure SQL Database server named SQL1.
You plan to turn on Advanced Threat Protection for SQL1 to detect all threat detection types.
Which action will Advanced Threat Protection detect as a threat?
- A . A user updates more than 50 percent of the records in a table.
- B . A user attempts to sign as SELECT * from table1.
- C . A user is added to the db_owner database role.
- D . A user deletes more than 100 records from the same table.
HOTSPOT
You have an Azure subscription that contains the virtual networks shown in the following table.
NSG1 and NSG2 both have default rules only.
The subscription contains the virtual machines shown in the following table.
The subscription contains the web apps shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure key vault named KeyVault1 that contains the items shown in the following table.
In KeyVault, the following events occur in sequence:
– Item1 is deleted
– Administrator enables soft delete
– Item2 and Policy1 are deleted.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that is linked to an Azure AD tenant and contains the virtual machines shown in the following table.
The subnets of the virtual networks have the service endpoints shown in the following table.
You create the resources shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
You have an Azure subscription that contains the Azure Log Analytics workspaces shown in the following table.
You create the virtual machines shown in the following table.
You plan to use Azure Sentinel to monitor Windows Defender Firewall on the virtual machines.
Which virtual machines you can connect to Azure Sentinel?
- A . VM1 and VM3 only
- B . VM1 Only
- C . VM1 and VM2 only
- D . VM1, VM2, VM3 and VM4
HOTSPOT
You have a Microsoft Entra tenant named contoso.com.
You collaborate with a partner organization that has a Microsoft Entra tenant named fabrikam.com.
Fabrikam.com has multi-factor authentication (MFA) enabled for all users.
Contoso.com has the Cross-tenant access settings configured as shown in the Cross-tenant access settings exhibit. (Click the Cross-tenant access settings:
Contoso.com has the External collaboration settings configured as shown in the External collaboration settings exhibit. (Click the External collaboration settings tab.)
You create a Conditional Access policy that has the following settings:
• Name: CAPolicy1
• Assignments
o Guest or external users: B2B collaboration guest users
o Target resources
■ Include: All cloud apps o Access controls
■ Grant access
■ Require device to be marked as compliant
■ Require multi-factor authentication
■ Enable policy: On
For each of the following statements, select Yes if the statement is true, otherwise select No. NOTE: Each correct section is worth one point.
Lab Task
use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password. place your cursor in the Enter password box and click on the password below.
Azure Username: User1 [email protected]
Azure Password: GpOAe4@lDg
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 28681041
Task 9
You need to ensure that the rg1lod28681041n1 Azure Storage account is encrypted by using a key stored in the KeyVault28681041 Azure key vault.
DRAG DROP
You have an Azure subscription.
You plan to create two custom roles named Role1 and Role2.
The custom roles will be used to perform the following tasks:
• Members of Role1 will manage application security groups.
• Members of Role2 will manage Azure Bastion.
You need to add permissions to the custom roles.
Which resource provider should you use for each role? To answer, drag the appropriate resource providers to the correct roles. Each resource provider may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content
You need to encrypt storage1 to meet the technical requirements.
Which key vaults can you use?
- A . KeyVault1 only
- B . KeyVault2 and KeyVault3 only
- C . KeyVault1 and KeyVault3 only
- D . KeyVault1 KeyVault2 and KeyVault3
HOTSPOT
You have an Azure Storage account that contains a blob container named container! and a client application named App1. You need to enable App1 access to container1 by using Microsoft Entra authentication.
What should you do? lo answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
