Win IT Exam with Last Dumps 2025

Microsoft AZ-500 Exam

Page 21/45
Viewing Questions 201 210 out of 443 Questions
46.67%

Question 201
You have an Azure Kubernetes Service (AKS) cluster that will connect to an Azure Container Registry.
You need to use the automatically generated service principal for the AKS cluster to authenticate to the Azure Container Registry.
What should you create?



Reference:
https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal

Question 202
You have an Azure subscription that contains two virtual machines named VM1 and VM2 that run Windows Server 2019.
You are implementing Update Management in Azure Automation.
You plan to create a new update deployment named Update1.
You need to ensure that Update1 meets the following requirements:
- Automatically applies updates to VM1 and VM2.
- Automatically adds any new Windows Server 2019 virtual machines to Update1.
What should you include in Update1?



Reference:
https://docs.microsoft.com/en-us/azure/automation/update-management/configure-groups

Question 203
You have the Azure virtual machines shown in the following table.
AZ-500_203Q.png related to the Microsoft AZ-500 Exam
For which virtual machines can you enable Update Management?



References:
https://docs.microsoft.com/en-us/azure/automation/automation-update-management?toc=%2Fazure%2Fautomation%2Ftoc.json

Question 204
DRAG DROP -
You have an Azure subscription named Sub1.
You have an Azure Active Directory (Azure AD) group named Group1 that contains all the members of your IT team.
You need to ensure that the members of Group1 can stop, start, and restart the Azure virtual machines in Sub1. The solution must use the principle of least privilege.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
AZ-500_204Q.png related to the Microsoft AZ-500 Exam
Image AZ-500_204R.png related to the Microsoft AZ-500 Exam



References:
https://www.petri.com/cloud-security-create-custom-rbac-role-microsoft-azure

Question 205
DRAG DROP -
You have an Azure subscription that contains the following resources:
A virtual network named VNET1 that contains two subnets named Subnet1 and Subnet2.
- A virtual machine named VM1 that has only a private IP address and connects to Subnet1.
You need to ensure that Remote Desktop connections can be established to VM1 from the internet.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange then in the correct order.
Select and Place:
AZ-500_205Q.png related to the Microsoft AZ-500 Exam
Image AZ-500_205R.png related to the Microsoft AZ-500 Exam





Question 206
HOTSPOT -
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD). The tenant contains the users shown in the following table.
AZ-500_206Q_1.jpg related to the Microsoft AZ-500 Exam
You have an Azure key vault named Vault1 that has Purge protection set to Disable. Vault1 contains the access policies shown in the following table.
AZ-500_206Q_2.jpg related to the Microsoft AZ-500 Exam
You create role assignments for Vault1 as shown in the following table.
AZ-500_206Q_3.jpg related to the Microsoft AZ-500 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_206Q_4.jpg related to the Microsoft AZ-500 Exam
Image AZ-500_206R.jpg related to the Microsoft AZ-500 Exam



Box 1: No -
Resource Policy Contributor or Security Administrator is required.
User1 is Security Administrator only with the no specific permission granted to Vault1.
The Security Admin can view and update permissions for Security Center. Same permissions as the Security Reader role and can also update the security policy and dismiss alerts and recommendations.
However:
AZ-500_206E.png related to the Microsoft AZ-500 Exam
Box 2: Yes -
User2 is a Network Contributor, with Select All Key, Secret & Certificate permissions, and Key Vault Reader.
The Network Contributor role lets you manage networks, but not access to them.
Box 3: Yes -
User3 is a Key Vault Contributor and a User Access Administrator for Vault.
The Key Vault Contributor role allows you to manage key vaults, but does not allow you to assign roles in Azure RBAC, and does not allow you to access secrets, keys, or certificates.
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#network-contributor
https://charbelnemnom.com/enable-purge-protection-key-vault-azure-policy/

Question 207
HOTSPOT
-
You have an Azure subscription that contains the virtual machines shown in the following table.
AZ-500_207Q_1.png related to the Microsoft AZ-500 Exam
VNET1, VNET2, and VNET3 are peered with each other.
You perform the following actions:
• Create two application security groups named ASG1 and ASG2 in the West US region.
• Add the network interface of VM1 to ASG1.
The network interfaces of which virtual machines can you add to ASG1 and ASG2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-500_207Q_2.png related to the Microsoft AZ-500 Exam
Image AZ-500_207R.png related to the Microsoft AZ-500 Exam




Question 208
You have an Azure subscription that contains an Azure key vault.
You need to configure the maximum number of days for which new keys are valid. The solution must minimize administrative effort.
What should you use?




Question 209
You have an Azure subscription that contains an Azure Data Lake Storage Gen2 account named storage1.
You deploy an Azure Synapse Analytics workspace named synapsews1 to a managed virtual network.
You need to enable access from synapsews1 to storage1.
What should you configure?




Question 210
HOTSPOT -
You have an Azure subscription that contains the resources shown in the following table.
AZ-500_210Q_1.png related to the Microsoft AZ-500 Exam
Transparent Data Encryption (TDE) is disabled on SQL1.
You assign policies to the resource groups as shown in the following table.
AZ-500_210Q_2.png related to the Microsoft AZ-500 Exam
You plan to deploy Azure SQL databases by using an Azure Resource Manager (ARM) template. The databases will be configured as shown in the following table.
AZ-500_210Q_3.png related to the Microsoft AZ-500 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_210Q_4.png related to the Microsoft AZ-500 Exam
Image AZ-500_210R.png related to the Microsoft AZ-500 Exam



Reference:
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects