Free Microsoft AZ-500 Exam Questions

Become Microsoft Certified with updated AZ-500 exam questions and correct answers

Page:    1 / 99      
Total 495 Questions | Updated On: Feb 19, 2026
Add To Cart
Question 1

You are configuring an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry.

You need to use the auto-generated service principal to authenticate to the Azure Container Registry.

What should you create?


Answer: B
Question 2

You have an Azure subscription that contains a managed identity named Identity1 and the Azure key vaults shown in the following table.


KeyVault1 contains an access policy that grants Identity1 the following key permissions:
 Get
• List
• Wrap
• Unwrap
You need to provide Identity1 with the same permissions for KeyVault2. The solution must use the principle of least privilege.
Which role should you assign to Identity1?


Answer: A
Question 3

You have an Azure subscription that contains an Azure SQL server named SQL1. SQL1 contains an Azure SQL database named DB1.

You need to use Microsoft Defender for Cloud to complete a vulnerability assessment for DB1.

What should you do first?


Answer: D
Question 4

You have an Azure Active Directory (Azure AD) tenant that contains a group named Group1.

You need to ensure that the members of Group1 sign in by using passwordless authentication.

What should you do?


Answer: C
Question 5

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription named Sub1.

You have an Azure Storage account named sa1 in a resource group named RG1.

Users and applications access the blob service and the file service in sa1 by using several shared access signatures (SASs) and stored access policies.

You discover that unauthorized users accessed both the file service and the blob service.

You need to revoke all access to sa1.

Solution: You create a new stored access policy.

Does this meet the goal?


Answer: B
Page:    1 / 99      
Total 495 Questions | Updated On: Feb 19, 2026
Add To Cart

© Copyrights DumpsCertify 2026. All Rights Reserved

We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.