Latest az-500 Practice Tests

Premium

az-500 Dumps - Full Mock Test

Microsoft Azure Security Technologies

377 Questions
120 MINUTES
2025-04-20 Updated

Full Access

QUESTION 71

- (Exam Topic 4)
You have an Azure subscription that contains two virtual machines named VM1 and VM2 that run Windows Server 2019.
You are implementing Update Management in Azure Automation. You plan to create a new update deployment named Update1.
You need to ensure that Update! meets the following requirements:
• Automatically applies updates to VM1 and VM2.
• Automatically adds any new Windows Server 2019 virtual machines to Update1. What should you include in Update1?

A. a security group that has a Membership type of Dynamic Device
B. a security group that has a Membership type of Assigned
C. a Kusto query language query
D. a dynamic group query

Correct Answer: D

QUESTION 72

- (Exam Topic 4)
You have an Azure subscription name Sub1 that contains an Azure Policy definition named Policy1. Policy1 has the following settings:
AZ-500 dumps exhibit Definition location: Tenant Root Group
Category: Monitoring
You need to ensure that resources that are noncompliant with Policy1 are listed in the Azure Security Center dashboard.
What should you do first?

A. Change the Category of Policy1 to Security Center.
B. Add Policy1 to a custom initiative.
C. Change the Definition location of Policy1 to Sub1.
D. Assign Policy1 to Sub1.

Correct Answer: D
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/overview

QUESTION 73

- (Exam Topic 4)
HOTSPOT
You suspect that users are attempting to sign in to resources to which they have no access.
You need to create an Azure Log Analytics query to identify failed user sign-in attempts from the last three days. The results must only show users who had more than five failed sign-in attempts.
How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
AZ-500 dumps exhibit
Solution:
The following example identifies user accounts that failed to log in more than five times in the last day, and when they last attempted to log in.
let timeframe = 1d; SecurityEvent
| where TimeGenerated > ago(1d)
| where AccountType == 'User' and EventID == 4625 // 4625 - failed log in
| summarize failed_login_attempts=count(), latest_failed_login=arg_max(TimeGenerated, Account) by Account
| where failed_login_attempts > 5
| project-away Account1 References:
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/examples

Does this meet the goal?

A. Yes
B. No

Correct Answer: A

QUESTION 74

- (Exam Topic 4)
You have an Azure subscription that contains a blob container named cont1. Cont1 has the access policies shown in the following exhibit.
AZ-500 dumps exhibit
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

Solution:

Does this meet the goal?

A. Yes
B. No

Correct Answer: A

QUESTION 75

- (Exam Topic 4)
You have the Azure resource shown in the following table.
AZ-500 dumps exhibit
You need to meet the following requirements:
* Internet-facing virtual machines must be protected by using network security groups (NSGs).
* All the virtual machines must have disk encryption enabled.
What is the minimum number of security that you should create in Azure Security Center?

A. 1
B. 2
C. 3
D. 4

Correct Answer: D