Free Microsoft AZ-500 Exam Questions

Become Microsoft Certified with updated AZ-500 exam questions and correct answers

Page: 1 / 99

Total 495 Questions | Updated On: Feb 19, 2026

Add To Cart

Question 1

You have an Azure subscription that contains an Azure SQL database named DB1 in the East US Azure region.

You create the storage accounts shown in the following table.

You plan to enable auditing for DB1.

Which storage accounts can you use as the auditing destination for DB1?

A : storage1 and storage4 only

B : storage1 only

C : storage1, storage2, storage3, and storage4

D : storage1, storage2, and storage3 only

E : storage2 and storage3 only

Answer: D

Question 2

You're tasked with enhancing the database security in your organization's Azure environment. To achieve this, you decide to utilize Microsoft Defender for Cloud capabilities specific to Azure SQL Database. Which of the following actions would be most appropriate to ensure the security of your Azure SQL Database?

A : Enable Microsoft Defender for Azure SQL Database to detect potential vulnerabilities and threats

B : Implement workflow automation to automate DevOps processes

C : Configure Microsoft Defender for Containers to protect your SQL container deployments

D : Activate Microsoft Defender for App Service to monitor your database-hosted web apps

Answer: A

Question 3

You have an Azure subscription that contains an Azure SQL database named sql1.

You plan to audit sql1.

You need to configure the audit log destination. The solution must meet the following requirements:

✑ Support querying events by using the Kusto query language.

✑ Minimize administrative effort.

What should you configure?

A : an event hub

B : a storage account

C : a Log Analytics workspace

Answer: C

Question 4

Your company wants to ensure that administrators can securely and seamlessly RDP and SSH to their Azure virtual machines directly from the Azure portal. Which Azure service should be implemented to achieve this?

A : Azure Kubernetes Service (AKS)

B : Azure Bastion

C : Azure Disk Encryption (ADE)

D : Azure API Management

Answer: B

Question 5

You have a Microsoft 365 tenant that uses an Azure Active Directory (Azure AD) tenant. The Azure AD tenant syncs to an on-premises Active Directory domain by using an instance of Azure AD Connect.

You create a new Azure subscription.

You discover that the synced on-premises user accounts cannot be assigned roles in the new subscription.

You need to ensure that you can assign Azure and Microsoft 365 roles to the synced Azure AD user accounts.

What should you do fist?

A : Configure the Azure AD tenant used by the new subscription to use pass-through authentication.

B : Configure the Azure AD tenant used by the new subscription to use federated authentication.

C : Change the Azure AD tenant used by the new subscription.

D : Configure a second instance of Azure AD Connect.

Answer: C

Page: 1 / 99

Total 495 Questions | Updated On: Feb 19, 2026

Add To Cart