Passquestion has cracked the latest Microsoft AZ-500 Practice Test Questions, which is important in your exam preparation.Passquestion Microsoft AZ-500 Practice Test Questions can not only let you pass the exam easily, also can help you learn more knowledge about Microsoft Azure Security Technologies exam. Passquestion covers all aspects of skills in the exam, by it, you can apparently improve your abilities and use these skills at work.

Exam AZ-500: Microsoft Azure Security Technologies

AZ-500 Microsoft Azure Security Technologies certification exam tests and validates a candidates expertise at implementing security controls, and maintaining security, and identity, access and protections within Microsoft Azure. If you take the AZ-500 Microsoft Azure Security Technologies exam you will earn the Microsoft certified: Azure Security Enginer Associate certification.

Candidates for this exam are Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access, and protects data, applications, and networks. Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

Skills Measured From AZ-500: Microsoft Azure Security Technologies

Manage identity and access (20-25%)
Implement platform protection (35-40%)
Manage security operations (15-20%)
Secure data and applications (30-35%)

Download Microsoft Azure AZ-500 Free Demo To Practice:

You need to meet the identity and access requirements for Group1.
What should you do?
A. Add a membership rule to Group1.
B. Delete Group1. Create a new group named Group1 that has a membership type of Office 365. Add users and devices to the group.
C. Modify the membership rule of Group1.
D. Change the membership type of Group1 to Assigned. Create two groups that have dynamic memberships. Add the new groups to Group1.
Answer: B

You need to ensure that User2 can implement PIM.
What should you do first?
A. Assign User2 the Global administrator role.
B. Configure authentication methods for contoso.com.
C. Configure the identity secure score for contoso.com.
D. Enable multi-factor authentication (MFA) for User2.
Answer: A

Your network contains an on-premises Active Directory domain named corp.contoso.com.
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
You sync all on-premises identities to Azure AD.
You need to prevent users who have a givenName attribute that starts with TEST from being synced to Azure AD. The solution must minimize administrative effort.
What should you use?
A. Synchronization Rules Editor
B. Web Service Configuration Tool
C. the Azure AD Connect wizard
D. Active Directory Users and Computers
Answer: A

Your company plans to create separate subscriptions for each department. Each subscription will be associated to the same Azure Active Directory (Azure AD) tenant.
You need to configure each subscription to have the same role assignments.
What should you use?
A. Azure Security Center
B. Azure Blueprints
C. Azure AD Privileged Identity Management (PIM)
D. Azure Policy
Answer: C

You have an Azure subscription. You create an Azure web app named Contoso1812 that uses an S1 App service plan. You create a DNS record for www.contoso.com that points to the IP address of Contoso1812. You need to ensure that users can access Contoso1812 by using the https://www.contoso.com URL.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Turn on the system-assigned managed identity for Contoso1812.
B. Add a hostname to Contoso1812.
C. Scale out the App Service plan of Contoso1812.
D. Add a deployment slot to Contoso1812.
E. Scale up the App Service plan of Contoso1812.
Answer: BE