Free az-500 Exam Dumps

Question 26

- (Exam Topic 4)
You are evaluating the security of the network communication between the virtual machines in Sub2. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
AZ-500 dumps exhibit
Solution:
Q1: No { and it should not be allowed as only TCP 80 is allowed from the "Internet" service tag
Q2: Yes {as it should be for VMs in the same local subnet pinging each other on private IP and no NSG configured}
Q3: Yes {VM5 is in subnet where 1st rule of NSG allows any traffic from any source to the destination}

Does this meet the goal?

Correct Answer:A

Question 27

- (Exam Topic 4)
You need to prevent administrators from performing accidental changes to the Homepage app service plan. To complete this task, sign in to the Azure portal.
Solution:
You need to configure a ‘lock’ for the app service plan. A read-only lock ensures that no one can make changes to the app service plan without first deleting the lock.
AZ-500 dumps exhibit In the Azure portal, type App Service Plans in the search box, select App Service Plans from the search results then select Homepage. Alternatively, browse to App Service Plans in the left navigation pane.
AZ-500 dumps exhibit In the properties of the app service plan, click on Locks.
AZ-500 dumps exhibit Click the Add button to add a new lock.
AZ-500 dumps exhibit Enter a name in the Lock name field. It doesn’t matter what name you provide for the exam.
AZ-500 dumps exhibit For the Lock type, select Read-only.
AZ-500 dumps exhibit Click OK to save the changes.

Does this meet the goal?

Correct Answer:A

Question 28

- (Exam Topic 4)
You have an Azure subscription that contains a web app named App1 and an Azure key vault named Vault1. You need to configure App1 to store and access the secrets in Vault1.
How should you configure App1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-500 dumps exhibit
Solution:
Reference:
https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet

Does this meet the goal?

Correct Answer:A

Question 29

- (Exam Topic 4)
You have three on-premises servers named Server1, Server2, and Server3 that run Windows Server1 and Server2 and located on the Internal network. Server3 is located on the premises network. All servers have
access to Azure.
From Azure Sentinel, you install a Windows firewall data connector.
You need to collect Microsoft Defender Firewall data from the servers for Azure Sentinel. What should you do?

Correct Answer:C

Reference:
https://docs.microsoft.com/en-us/azure/sentinel/connect-windows-firewall

Question 30

- (Exam Topic 4)
You have an Azure subscription that contains the following resources:
AZ-500 dumps exhibit A network virtual appliance (NVA) that runs non-Microsoft firewall software and routes all outbound traffic from the virtual machines to the internet
AZ-500 dumps exhibit An Azure function that contains a script to manage the firewall rules of the NVA
AZ-500 dumps exhibit Azure Security Center standard tier enabled for all virtual machines
AZ-500 dumps exhibit An Azure Sentinel workspace
AZ-500 dumps exhibit 30 virtual machines
You need to ensure that when a high-priority alert is generated in Security Center for a virtual machine, an incident is created in Azure Sentinel and then a script is initiated to configure a firewall rule for the NVA.
How should you configure Azure Sentinel to meet the requirements? To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
AZ-500 dumps exhibit
Solution:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center

Does this meet the goal?

Correct Answer:A