Free Microsoft AZ-500 Exam Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You use Azure Security Center for the centralized policy management of three Azure subscriptions. You use several policy definitions to manage the security of the subscriptions. You need to deploy the policy definitions as a group to all three subscriptions. Solution: You create a policy definition and assignments that are scoped to resource groups. Does this meet the goal?

You notice some unauthorized traffic in your Azure environment and want to understand the flow of traffic through your Network Security Group (NSG). Which Azure feature should you use to diagnose this?

Your company has an Azure Container Registry.

You have been tasked with assigning a user a role that allows for the downloading of images from the Azure Container Registry. The role assigned should not require more privileges than necessary.

Which of the following is the role you should assign?

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You need to configure diagnostic settings for contoso.com. The solution must meet the following requirements:

✑ Retain logs for two years.

✑ Query logs by using the Kusto query language.

✑ Minimize administrative effort.

Where should you store the logs?

When integrating third-party applications with Entra ID, which feature ensures users do not need to remember additional passwords and reduces the number of prompts during authentication?