Win IT Exam with Last Dumps 2025

Microsoft AZ-500 Exam

Page 23/45
Viewing Questions 221 230 out of 443 Questions
51.11%

Question 221
SIMULATION -
You need to collect all the audit failure data from the security log of a virtual machine named VM1 to an Azure Storage account.
To complete this task, sign in to the Azure portal.
This task might take several minutes to complete You can perform other tasks while the task completes.



Step 1: Create a workspace -
Azure Monitor can collect data directly from your Azure virtual machines into a Log Analytics workspace for detailed analysis and correlation.
1. In the Azure portal, select All services. In the list of resources, type Log Analytics. As you begin typing, the list filters based on your input. Select Log Analytics workspaces.
AZ-500_221E_1.png related to the Microsoft AZ-500 Exam
2. Select Create, and then select choices for the following items:
AZ-500_221E_2.png related to the Microsoft AZ-500 Exam
3. After providing the required information on the Log Analytics workspace pane, select OK.
While the information is verified and the workspace is created, you can track its progress under Notifications from the menu.
Step 2: Enable the Log Analytics VM Extension
Installing the Log Analytics VM extension for Windows and Linux allows Azure Monitor to collect data from your Azure VMs.
1. In the Azure portal, select All services found in the upper left-hand corner. In the list of resources, type Log Analytics. As you begin typing, the list filters based on your input. Select Log Analytics workspaces.
2. In your list of Log Analytics workspaces, select DefaultWorkspace (the name you created in step 1).
3. On the left-hand menu, under Workspace Data Sources, select Virtual machines.
4. In the list of Virtual machines, select a virtual machine you want to install the agent on. Notice that the Log Analytics connection status for the VM indicates that it is Not connected.
5. In the details for your virtual machine, select Connect. The agent is automatically installed and configured for your Log Analytics workspace. This process takes a few minutes, during which time the Status shows Connecting.
After you install and connect the agent, the Log Analytics connection status will be updated with This workspace.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-azurevm

Question 222
You have 10 virtual machines on a single subnet that has a single network security group (NSG).
You need to log the network traffic to an Azure Storage account.
What should you do?



A network security group (NSG) enables you to filter inbound traffic to, and outbound traffic from, a virtual machine (VM). You can log network traffic that flows through an NSG with Network Watcher's NSG flow log capability. Steps include:
- Create a VM with a network security group
- Enable Network Watcher and register the Microsoft.Insights provider
- Enable a traffic flow log for an NSG, using Network Watcher's NSG flow log capability
- Download logged data
-View logged data
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal

Question 223
You have an Azure subscription that contains the virtual machines shown in the following table.
AZ-500_223Q_1.png related to the Microsoft AZ-500 Exam
From Azure Security Center, you turn on Auto Provisioning.
You deploy the virtual machines shown in the following table.
AZ-500_223Q_2.png related to the Microsoft AZ-500 Exam
On which virtual machines is the Log Analytics Agent installed?



When automatic provisioning is On, Security Center provisions the Log Analytics Agent on all supported Azure VMs and any new ones that are created.
Supported Operating systems include: Ubuntu 14.04 LTS (x86/x64), 16.04 LTS (x86/x64), and 18.04 LTS (x64) and Windows Server 2008 R2, 2012, 2012 R2, 2016, version 1709 and 1803
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection

Question 224
HOTSPOT -
You plan to use Azure Log Analytics to collect logs from 200 servers that run Windows Server 2016.
You need to automate the deployment of the Microsoft Monitoring Agent to all the servers by using an Azure Resource Manager template.
How should you complete the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_224Q.jpg related to the Microsoft AZ-500 Exam
Image AZ-500_224R.jpg related to the Microsoft AZ-500 Exam



Reference:
https://blogs.technet.microsoft.com/manageabilityguys/2015/11/19/enabling-the-microsoft-monitoring-agent-in-windows-json-templates/

Question 225
HOTSPOT -
You have an Azure subscription that contains the alerts shown in the following exhibit.
AZ-500_225Q_1.jpg related to the Microsoft AZ-500 Exam
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_225Q_2.png related to the Microsoft AZ-500 Exam
Image AZ-500_225R.png related to the Microsoft AZ-500 Exam



References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-overview


Question 226
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings.
You need to create a custom sensitivity label.
What should you do?



First, you need to create a new sensitive information type because you can't directly modify the default rules.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/customize-a-built-in-sensitive-information-type

Question 227
HOTSPOT -
You have the hierarchy of Azure resources shown in the following exhibit.
AZ-500_227Q_1.png related to the Microsoft AZ-500 Exam
You create the Azure Blueprints definitions shown in the following table.
AZ-500_227Q_2.png related to the Microsoft AZ-500 Exam
To which objects can you assign Blueprint1 and Blueprint2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_227Q_3.png related to the Microsoft AZ-500 Exam
Image AZ-500_227R.png related to the Microsoft AZ-500 Exam



Blueprints can only be assigned to subscriptions.

Question 228
You have an Azure subscription that contains the Azure Log Analytics workspaces shown in the following table.
AZ-500_228Q_1.png related to the Microsoft AZ-500 Exam
You create the virtual machines shown in the following table.
AZ-500_228Q_2.png related to the Microsoft AZ-500 Exam
You plan to use Azure Sentinel to monitor Windows Defender Firewall on the virtual machines.
Which virtual machines you can connect to Azure Sentinel?



Reference:
https://docs.microsoft.com/en-us/azure/sentinel/connect-windows-firewall

Question 229
HOTSPOT -
You have an Azure subscription that contains a user named Admin1 and a resource group named RG1.
In Azure Monitor, you create the alert rules shown in the following table.
AZ-500_229Q_1.png related to the Microsoft AZ-500 Exam
Admin1 performs the following actions on RG1:
- Adds a virtual network named VNET1
- Adds a Delete lock named Lock1
Which rules will trigger an alert as a result of the actions of Admin1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-500_229Q_2.jpg related to the Microsoft AZ-500 Exam
Image AZ-500_229R.jpg related to the Microsoft AZ-500 Exam




Question 230
You have an Azure subscription that contains 100 virtual machines and has Azure Defender enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.