Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Microsoft
  3. AZ-500

Microsoft AZ-500 Exam (page: 10)
Microsoft Azure Security Technologies
Updated on: 27-Feb-2026

Viewing Page 10 of 65
AZ-500 PDF 505 Questions

HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
From Azure AD Privileged Identity Management (PIM), you configure the settings for the Security Administrator role as shown in the following exhibit.
From PIM, you assign the Security Administrator role to the following groups:
-Group1: Active assignment type, permanently assigned
-Group2: Eligible assignment type, permanently eligible
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:


  1. See Explanation section for answer.

Answer(s): A

Explanation:


Box 1: No
User1 is a member of Group1. Group1: Active assignment type, permanently assigned
Box 2: Yes
Active Type: A role assignment that doesn't require a user to perform any action to use the role. Users assigned as active have the privileges assigned to the role
Box 3: No
User3 is member of Group1 and Group2.
Group1: Active assignment type, permanently assigned
Group2: Eligible assignment type, permanently eligible


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/privileged-identity-management/pim-resource-roles-configure-role-settings



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
Your company has an Azure subscription named Subscription1 that contains the users shown in the following table.
The company is sold to a new owner.
The company needs to transfer ownership of Subscription1.
Which user can transfer the ownership and which tool should the user use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Box 1; User2
Billing Administrator
Select Transfer billing ownership for the subscription that you want to transfer.
Enter the email address of a user who's a billing administrator of the account that will be the new owner for the subscription.
Box 2: Azure Account Center
Azure Account Center can be used.


Reference:

https://docs.microsoft.com/en-us/azure/billing/billing-subscription-transfer#transfer-billing-ownership-of-an-azure-subscription



SIMULATION
The developers at your company plan to create a web app named App12345678 and to publish the app to https://www.contoso.com.
You need to perform the following tasks:
-Ensure that App12345678 is registered to Azure Active Directory (Azure AD).
-Generate a password for App12345678.
To complete this task, sign in to the Azure portal.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

Step 1: Register the Application
1. Sign in to your Azure Account through the Azure portal.
2. Select Azure Active Directory.
3. Select App registrations.
4. Select New registration.
5. Name the application 12345678. Select a supported account type, which determines who can use the application. Under Redirect URI, select Web for the type of application you want to create. Enter the URI: https://www.contoso.com , where the access token is sent to.

6. Click Register
Step 2: Create a new application secret
If you choose not to use a certificate, you can create a new application secret.
7. Select Certificates & secrets.
8. Select Client secrets -> New client secret.
9. Provide a description of the secret, and a duration. When done, select Add.
After saving the client secret, the value of the client secret is displayed. Copy this value because you aren't able to retrieve the key later. You provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal



SIMULATION
You need to create a new Azure Active Directory (Azure AD) directory named 12345678.onmicrosoft.com and a user named User1 in the new directory.
To complete this task, sign in to the Azure portal.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

Step 1: Create an Azure Active Directory tenant
1. Browse to the Azure portal and sign in with an account that has an Azure subscription.
2. Select the plus icon (+) and search for Azure Active Directory.

3. Select Azure Active Directory in the search results.

4. Select Create.
5. Provide an Organization name and an Initial domain name (12345678). Then select Create. Your directory is created.

6. After directory creation is complete, select the information box to manage your new directory.
Next, you're going to add tenant users.
Step 2: Create an Azure Active Directory tenant user
7. In the Azure portal, make sure you are on the Azure Active Directory fly out.

8. Under Manage, select Users.

9. Select All users and then select + New user.
10. Provide a Name and User name (user1) for the regular user tenant. You can also show the temporary password. When you're done, select Create.
Name: user1
User name: user1@12345678.onmicrosoft.com


Reference:

https://docs.microsoft.com/en-us/power-bi/developer/create-an-azure-active-directory-tenant



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
-Assignments: Include Group1, exclude Group2
-Conditions: Sign-in risk level: Medium and above
-Access: Allow access, Require multi-factor authentication
You need to identify what occurs when the users sign in to Azure AD.
What should you identify for each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



References:
http://www.rebeladmin.com/2018/09/step-step-guide-configure-risk-based-azure-conditional-access-policies/ https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks


Reference:

References:
http://www.rebeladmin.com/2018/09/step-step-guide-configure-risk-based-azure-conditional-access-policies/ https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
In Azure AD Privileged Identity Management (PIM), the Role settings for the Contributor role are configured as shown in the exhibit. (Click the Exhibit tab.)
You assign users the Contributor role on May 1, 2019 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:



  1. See Explanation section for answer.

Answer(s): A

Explanation:



References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource-roles-assign-roles


Reference:

References:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-resource-roles-assign-roles



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You work at a company named Contoso, Ltd. that has the offices shown in the following table.
Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com. All contoso.com users have Azure Multi-Factor Authentication (MFA) enabled. The tenant contains the users shown in the following table.
The multi-factor authentication settings for contoso.com are configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:



  1. See Explanation section for answer.

Answer(s): A

Explanation:



You have an Azure subscription.
You configure the subscription to use a different Azure Active Directory (Azure AD) tenant.
What are two possible effects of the change? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  1. Role assignments at the subscription level are lost.
  2. Virtual machine managed identities are lost.
  3. Virtual machine disk snapshots are lost.
  4. Existing Azure resources are deleted.

Answer(s): A,B

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory



Viewing Page 10 of 65



Share your comments for Microsoft AZ-500 exam with other users:

Moreece 5/15/2023 8:44:00 AM

just passed the az-500 exam this last friday. most of the questions in this exam dumps are in the exam. i bought the full version and noticed some of the questions which were answered wrong in the free version are all corrected in the full version. this site is good but i wish the had it in an interactive version like a test engine simulator.
Anonymous


Qasim 6/11/2022 9:43:00 AM

just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
Anonymous


deally 1/19/2024 3:41:00 PM

knowable questions
UNITED STATES


labuschanka 11/16/2023 6:06:00 PM

i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000
Anonymous