Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Microsoft AZ-500 Questions Answers

Page: 4 / 12
Total 425 questions

Microsoft Azure Security Technologies Questions and Answers

Question 13

You have an Azure subscription named Sub1. Sub1 contains a virtual network named VNet1 that contains one subnet named Subnet1.

Subnet1 contains an Azure virtual machine named VM1 that runs Ubuntu Server 20.04.

You create a service endpoint for Microsoft. Storage in Subnet1.

You need to ensure that when you deploy Docker containers to VM1, the containers can access Azure Storage resources by using the service endpoint.

What should you do on VM1 before you deploy the container?

Options:

A.

Create an application security group and a network security group (NSG).

B.

Install the container network interface (CNI) plug-in.

C.

Edit the docker-compose.ym1 file.

Question 14

You have an Azure subscription that contains an Azure key vault named Vault1.

In Vault1, you create a secret named Secret1.

An application developer registers an application in Azure Active Directory (Azure AD).

You need to ensure that the application can use Secret1.

What should you do?

Options:

A.

In Azure AD, create a role.

B.

In Azure Key Vault, create a key.

C.

In Azure Key Vault, create an access policy.

D.

In Azure AD, enable Azure AD Application Proxy.

Question 15

You have an Azure subscription that contains a storage account and an Azure web app named App1.

App1 connects to an Azure Cosmos DB database named Cosmos1 that uses a private endpoint named Endpoint1. Endpoint1 has the default settings.

You need to validate the name resolution to Cosmos1.

Which DNS zone should you use?

Options:

A.

Endpoint1. Privatelink,blob,core,windows,net

B.

Endpoint1. Privatelink,database,azure,com

C.

Endpoint1. Privatelink,azurewebsites,net

D.

Endpoint1. Privatelink,documents,azure,com

Question 16

You have an Azure subscription that contains a storage account named storage1 and a virtual machine named VM1.

VM1 is connected to a virtual network named VNet1 that contains one subnet and uses Azure DNS.

You need to ensure that VM1 connects to storage1 by using a private IP address. The solution must minimize administrative effort.

What should you do?

Options:

A.

For storage1, disable public network access.

B.

Create an Azure Private DNS zone.

C.

On VNet1. create a new subnet.

D.

For storage1, create a new private endpoint.

Page: 4 / 12
Total 425 questions