Free az-500 Exam Braindumps

- (Exam Topic 4)
You have an Azure subscription that uses Microsoft Sentinel.
You need to create a Microsoft Sentinel notebook that will use the Guided Investigation - Anomaly Lookup template.
What should you create first?

1. A. an analytics rule
2. B. a Log Analytics workspace
3. C. an Azure Machine Learning workspace
4. D. a hunting query

Correct Answer: A

- (Exam Topic 4)
You have an Azure subscription that contains a resource group named RG1 and the network security groups (NSGs) shown in the following table.

You create the Azure policy shown in the following exhibit.

You assign the policy to RG1.
What will occur if you assign the policy to NSG1 and NSG2?

1. A. Flow logs will be enabled for NSG1 and NSG2.
2. B. Flow logs will be enabled for NSG2 only.
3. C. Flow logs will be disabled for NSG1 and NSG2.
4. D. Flow logs will be enabled for NSG1 only.

Correct Answer: B

- (Exam Topic 4)
You have an Azure subscription that contains 100 virtual machines and has Azure Security Center Standard tier enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

1. A. the user-assigned managed identity
2. B. the workspace ID
3. C. the Azure Active Directory (Azure AD) ID
4. D. the Key Vault managed storage account key
5. E. the system-assigned managed identity
6. F. the primary shared key

Correct Answer: AC

- (Exam Topic 4)
You need to configure a Microsoft SQL server named Web11597200 only to accept connections from the Subnet0 subnet on the VNET01 virtual network.
To complete this task, sign in to the Azure portal.
Solution:
You need to allow access to Azure services and configure a virtual network rule for the SQL Server.
In the Azure portal, type SQL Server in the search box, select SQL Server from the search results then select the server named web11597200. Alternatively, browse to SQL Server in the left navigation pane.
In the properties of the SQL Server, click Firewalls and virtual networks.
In the Virtual networks section, click on Add existing. This will open the Create/Update virtual network rule window.
Give the rule a name such as Allow_VNET01-Subnet0 (it doesn’t matter what name you enter for the exam).
In the Virtual network box, select VNET01.
In the Subnet name box, select Subnet0.
Click the OK button to save the rule.
Back in the Firewall / Virtual Networks window, set the Allow access to Azure services option to On.

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
You have an Azure resource group that contains 100 virtual machines.
You have an initiative named Initiative1 that contains multiple policy definitions. Initiative1 is assigned to the resource group.
You need to identify which resources do NOT match the policy definitions.
What should you do?

1. A. From Azure Security Center, view the Regulatory compliance assessment.
2. B. From the Policy blade of the Azure Active Directory admin center, select Compliance.
3. C. From Azure Security Center, view the Secure Score.
4. D. From the Policy blade of the Azure Active Directory admin center, select Assignments.

Correct Answer: A
Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/how-to/get-compliance-data#portal