Free Microsoft AZ-500 Exam Questions

Your network contains an on-premises Active Directory domain named corp.contoso.com. You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com. You sync all on-premises identities to Azure AD. You need to prevent users who have a givenName attribute that starts with TEST from being synced to Azure AD. The solution must minimize administrative effort. What should you use?

You have an Azure subscription that contains a storage account and an Azure web app named App1.App1 connects to an Azure Cosmos DB database named Cosmos1 that uses a private endpoint namedEndpoint1. Endpoint1 has the default settings.You need to validate the name resolution to Cosmos1.Which DNS zone should you use?

You have an Azure subscription that contains an Azure Blob storage account named blob1.

You need to configure attribute-based access control (ABAC) for blob1.

Which attributes can you use in access conditions?

You are configuring and securing a network environment. You deploy an Azure virtual machine named VM1 that is configured to analyze network traffic. You need to ensure that all network traffic is routed through VM1. What should you configure? 

You have a Azure subscription.You enable Azure Active Directory (Azure AD) Privileged identify (PIM).Your company’s security policy for administrator accounts has the following conditions:* The accounts must use multi-factor authentication (MFA).* The account must use 20-character complex passwords.* The passwords must be changed every 180 days.* The account must be managed by using PIM.You receive alerts about administrator who have not changed their password during the last 90 days.You need to minimize the number of generated alerts.Which PIM alert should you modify?