Microsoft Azure Security Practice Test Questions

The certification exam of Microsoft-Azure Security Techs investigates and authenticates the expertise of the applicant by executing security-controls; maintain the security, identification, accessibility and safety within Microsoft-Azure. If a person is taking the exam of AZ 500 Microsoft-Azure Security Techs then a person would achieve Microsoft licensed: Azure-Security-Engineer Associate cert. Microsoft-Azure security-engineers are the real applicants for this examination.

However, Microsoft Azure Security exam training is supposed to prepare individuals to execute control system of security, maintenance of security postures, and implementing a fool proof cyber plan. Moreover, keep managing accessibility and identity, and secure the data, apps, as well as networks. These applicants find out and remediate the susceptibilities by utilizing a huge range of tools that measure the security, execute threat security, and also manage the increase of security incidents. Being a security engineer of Microsoft Azure, applicants might be serving as a measure of a big team that is committed to management which is based on cloud and the protection system might be securing hybrid surroundings like the element of end on the substructure.

Microsoft AZ-500 Sample Questions:

Question 1: On the portal of Azure, you’re making configuration of the policy of Azure. You are planning to allocate the policies which are using the Deny effects, Append, Audit-If-Not-Exist, and Deploy-If-Not-Exist.

From these options – which are the best effect that is requiring a manageable identity for making assignment?

  1. Deny
  2. Deploy-If-Not-Exist
  • Append
  1. Audit-If-Not-Exist

Question 2: You’resecuring access to resources in the Azure contribution. A newest organization guiding principle demonstrates that the entire computer-generated machines of Azure in contribution have to be making use of managed disks. Your task is to stop the consumers to create computer-generated machines which are using unmanaged disks. Here what would you suggest?

  1. Azure Service Health
  2. Azure Security Center
  • Azure Policy
  1. Azure Monitor

Question 3: You are creating an Azure-Log-Analytics workspace that is Analytics-1 in the R-G-1 in the region of eastern United States. Which of the following computer-generated machines would be joining up in the Analytics1?

  1. VM-1 and VM-4 only
  2. VM-1, VM-2, VM-3, and VM-4
  • VM-1, VM-2, and VM-3 only
  1. VM-1 only

Question 4: You owe an Azure contribution that is Sub-1. In the Security Center of Azure, you own a security-related playbook which is Play-1. Play-1 is designed to direct electronic mail messages to the consumer known as User-1. Your task is to modifying Play-1 to direct electronic mail messages to the delivery group known as Alerts. What you are going to utilize on account to transform Play-1?

  1. Azure Logic Apps Designer
  2. Azure Monitor
  • Azure Application Insights
  1. Azure DevOps

Question 5: Your organization is using the Azure DevOps. You must suggest a tactic to authenticate whether the coding fulfill the quality standards of an organization as well as coding is reviewing the standards. What you are going to suggest while executing in the Azure DevOps?

  1. branch locking
  2. branch policies
  • branch permissions
  1. branch folders

Question 6: From the Security Center of Azure, you are creating a customize rule of alert. You are required to organize which consumers would get electronic mail messages once the alert gets activated. Here what is your task to do?

  1. From the Security Center, alter the rule of alert
  2. From the Azure Active-Directory (Azure A-D), change the members of Security-Reader role group
  • From the Security-Center, transform the settings of Security policy of Azure contribution
  1. From Azure Monitor, create an action group

Question 7: You’re securing and designing network setting. You deployed an Azure computer-generated machine known as VM-1 which is organized to examine the traffic in the network. You are requiring making sure that the entire traffic in the network ischannelled via VM-1. What you are going to configure?

  1. A security centre
  2. A user-defined route
  • A Network-Security-Group (NSG)
  1. A system route

Question 8: Your organization owns an Azure contribution known as Sub-1. Sub-1 encompasses the website application of an Azure known as Web App-1 – which is using Azure App Insights. Web App-1 is requiring the consumers to validate by make use of O-Auth 2.0 consumers secrets. The designers of the organization are planning to generate a multiple-phase web analysis test application which is performing artificial transactions compete with the consumer traffic towards the Web App-1. Your task is to make sure that web analysis tests would be running unattended. What you are going to do in the most initial phase?

  1. Introduce a plug-in to website test application
  2. In Microsoft-Visual-Studio, alter the .web test file
  • Uploading the .webtest file to the App Insights
  1. Register the website test application in an Azure AD

Question 9: You owe an Azure contribution known as Sub-1 which encompasses an Azure-Log-Analytics workspace known as LAW-1. You own on-premises servers that are a total of hundred and running the Windows-Server of the year of 2012 R-2 along with the Windows-Server of the year 2016. LAW-1 is configuring to get the performance that is related to security from those servers which were previously connected. Your task is to form an alert system that is relying on such data which is gathered by LAW-1.

That resolution should be fulfilling the below-mentioned necessities:

  • Alerting rules should be supporting the dimensions.
  • There should be the least time required to design an alert.
  • Alert warnings should be designed only a single time while the alert is being initiated and another time while the alert gets resolute.

Which type of signal you would utilize while you are creating the rules of alert rules?

  1. Activity-Log
  2. Metric
  • Log (Saved-Query)
  1. Log

Question 10: You are managing a subscription of Azure known as Sub-1 which is presently linked with the Azure A-D tenant known as Sub-1 is containing a main vault known as kv-1 and the 4 system assigned managed characters known as m-1, m-2, m-3, and m-4. The billing manager of a subscription is the kent@companylcom. You are required to transfer Sub-1 as well as the main vault to the newest Azure A-D tenant known as You initiated by moving Sub-1 to the What is your next step then?

  1. Re-register the entire resource providers.
  2. Recreate the managed identity that is system-assigned.
  • Keep updating the billing manager.
  1. Modify the tenant ID of kv-1.


The aim behind this model questioning set is to offering you a wide range of examples along with the knowledge regarding the exam of Microsoft-Azure Security Techs. This model paper would assist you to become acquainted with the level of difficulty as well as its categories on AZ 500 cert test.