Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Microsoft AZ-500 Practice Exam with Questions & Answers | Set: 2

Questions 11

You have an Azure subscription that contains an Azure web app named 1 and a virtual machine named VM1. VM1 runs Microsoft SQL Server and is connected to a virtual network named VNet1. App1, VM1, and Vent are in the US Central Azure region.

You need to ensure that App1 can connect to VM1. The solution must minimize costs.

Options:
A.

NAT gateway integration

B.

Azure Front Door

C.

regional virtual network integration

D.

gateway-required virtual network integration

E.

Azure Application Gateway integration

Microsoft AZ-500 Premium Access
Questions 12

You have an Azure subscription named Sub 1 that is associated to an Azure AD Tenant named contoso.com. The tenant contains the users shown in the following table.

AZ-500 Question 12

Each user is assigned an Azure AD Premium P2 license.

You plan to onboard and configure Azure AD Identity Protection.

Which users can onboard Azure AD Identity Protection, remediate users, and configure policies? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

AZ-500 Question 12

Options:
Questions 13

You have an Azure subscription that contains a user named User1 and an Azure Container Registry named ConReg1.

You enable content trust for ContReg1.

You need to ensure that User1 can create trusted images in ContReg1. The solution must use the principle of least privilege.

Which two roles should you assign to User1? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:
A.

AcrQuarantineReader

B.

Contributor

C.

AcrPush

D.

AcrImageSigner

E.

AcrQuarantineWriter

Questions 14

You have an Azure subscription named Subscription1 that contains a resource group named RG1 and a user named User1. User1 is assigned the Owner role for RG1.

You create an Azure Blueprints definition named Blueprint1 that includes a resource group named RG2 as shown in the following exhibit.

AZ-500 Question 14

You assign Blueprint1 to Subscription1 by using the following settings:

    Lock assignment: Read Only

    Managed Identity: System assigned

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

AZ-500 Question 14

Options:
Questions 15

You have an Azure subscription that contains the virtual networks shown in the following table.

AZ-500 Question 15

The subscription contains the virtual machines shown in the following table.

AZ-500 Question 15

On NIC1, you configure an application security group named ASG1.

On which other network interfaces can you configure ASG1?

Options:
A.

NIC2 only

B.

NIC2, NIC3, NIC4, and NIC5

C.

NIC2 and NIC3 only

D.

NIC2, NIC3, and NIC4 only

Questions 16

You have an Azure subscription that contains an Azure Blob storage account bolb1.

You need to configure attribute-based access control (ABAC) for blob1.

Which attributes can you use in access conditions?

Options:
A.

blob index tags only

B.

blob index tags and container names only

C.

file extensions and container names only

D.

blob index tags, file extensions, and container names

Questions 17

You need to ensure that User2 can implement PIM.

What should you do first?

Options:
A.

Assign User2 the Global administrator role.

B.

Configure authentication methods for contoso.com.

C.

Configure the identity secure score for contoso.com.

D.

Enable multi-factor authentication (MFA) for User2.

Questions 18

You are evaluating the effect of the application security groups on the network communication between the virtual machines in Sub2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

AZ-500 Question 18

Options:
Questions 19

: 2 HOTSPOT

Which virtual networks in Sub1 can User2 modify and delete in their current state? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

AZ-500 Question 19

Options:
Questions 20

You need to meet the technical requirements for VNetwork1.

What should you do first?

Options:
A.

Create a new subnet on VNetwork1.

B.

Remove the NSGs from Subnet11 and Subnet13.

C.

Associate an NSG to Subnet12.

D.

Configure DDoS protection for VNetwork1.

Exam Code: AZ-500
Certification Provider: Microsoft
Exam Name: Microsoft Azure Security Technologies
Last Update: Jul 10, 2025
Questions: 460

Microsoft Related Exams

DP-203 - Data Engineering on Microsoft Azure
MS-203 - Microsoft 365 Messaging
MS-721 - Collaboration Communications Systems Engineer
MB-700 - Microsoft Dynamics 365: Finance and Operations Apps Solution Architect
AI-900 - Microsoft Azure AI Fundamentals
MO-101 - Microsoft Word Expert (Word and Word 2019)
77-728 - Excel 2016 Expert: Interpreting Data for Insights
MO-210 - Microsoft Excel (Microsoft 365 Apps)
PL-200 - Microsoft Power Platform Functional Consultant
MB-800 - Microsoft Dynamics 365 Business Central Functional Consultant
AZ-305 - Designing Microsoft Azure Infrastructure Solutions
AZ-204 - Developing Solutions for Microsoft Azure
MO-200 - Microsoft Excel (Excel and Excel 2019)
SC-200 - Microsoft Security Operations Analyst
MB-335 - Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert
Microsoft Free Access
Get Microsoft Full Access

Microsoft Free Exams
Microsoft Free Exams
Prepare effectively for Microsoft certification exams with free study resources and practice tests from Examstrack.