Microsoft Azure Security Technologies
Updated 17-Apr-2026
You have an Azure subscription that is associated with an Azure Active Directory (Azure AD) tenant.When a developer attempts to register an app named App1 in the tenant, the developer receives the error message shown in the following exhibit.You need to ensure that the developer can register App1 in the tenant.What should you do for the tenant?
Answer(s): D
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-how-applications-are-added
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant and a user named User1.The App registrations settings for the tenant are configured as shown in the following exhibit.You plan to deploy an app named App1.You need to ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.Which role should you assign to User1?
https://docs.microsoft.com/en-us/azure/active-directory/roles/delegate-by-task
You have the Azure virtual machines shown in the following table.Each virtual machine has a single network interface.You add the network interface of VM1 to an application security group named ASG1.You need to identify the network interfaces of which virtual machines you can add to ASG1.What should you identify?
Answer(s): B
https://docs.microsoft.com/en-us/azure/virtual-network/application-security-groups
SIMULATION You need to create a new Azure Active Directory (Azure AD) directory named 12345678.onmicrosoft.com. The new directory must contain a user named user12345678 who is configured to sign in by using Azure Multi-Factor Authentication (MFA).
Answer(s): A
To create a new Azure AD tenant:1. Browse to the Azure portal and sign in with an account that has an Azure subscription.2. Select the plus icon (+) and search for Azure Active Directory.3. Select Azure Active Directory in the search results.4. Select Create.5. Provide an Organization name (12345678) and an Initial domain name (12345678). Then select Create. This will create the directory named12345678.onmicrosoft.com.6. After directory creation is complete, select the information box to manage your new directory.To create the user:1. In the Azure portal, make sure you are on the Azure Active Directory fly out.If not, select the Azure Active Directory icon from the left services navigation.2. Under Manage, select Users.3. Select All users and then select + New user.4. Provide a Name and User name (user12345678) for the user. When you're done, select Create.To enable MFA:1. In the Azure portal, make sure you are on the Azure Active Directory fly out.If not, select the Azure Active Directory icon from the left services navigation.2. Under Manage, select Users.3. Click on the Multi-Factor Authentication link.4. Tick the checkbox next to the user's name and click the Enable link.
https://docs.microsoft.com/en-us/power-bi/developer/create-an-azure-active-directory-tenant
You have an Azure subscription named Subcription1 that contains an Azure Active Directory (Azure AD) tenant named contoso.com and a resource group namedRG1.You create a custom role named Role1 for contoso.com.Where you can use Role1 for permission delegation?
You have an Azure subscription.You enable Azure Active Directory (Azure AD) Privileged Identity Management (PIM).Your company's security policy for administrator accounts has the following conditions:-The accounts must use multi-factor authentication (MFA).-The accounts must use 20-character complex passwords.-The passwords must be changed every 180 days.-The accounts must be managed by using PIM.You receive multiple alerts about administrators who have not changed their password during the last 90 days.You need to minimize the number of generated alerts.Which PIM alert should you modify?
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-configure-security-alerts?tabs=new
Your network contains an on-premises Active Directory domain named adatum.com that syncs to Azure Active Directory (Azure AD). Azure AD Connect is installed on a domain member server named Server1.You need to ensure that a domain administrator for the adatum.com domain can modify the synchronization options. The solution must use the principle of least privilege.Which Azure AD role should you assign to the domain administrator?
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions
You have an Azure subscription that contains the users shown in the following table.Which users can enable Azure AD Privileged Identity Management (PIM)?
For Azure AD roles in PIM, only a user who is in the Privileged Role Administrator or Global Administrator role can manage assignments for other administrators.Global Administrators, Security Administrators, Global Readers, and Security Readers can also view assignments to Azure AD roles in PIM.
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan
Share your comments for Microsoft AZ-500 exam with other users:
Moreece 5/15/2023 8:44:00 AM
just passed the az-500 exam this last friday. most of the questions in this exam dumps are in the exam. i bought the full version and noticed some of the questions which were answered wrong in the free version are all corrected in the full version. this site is good but i wish the had it in an interactive version like a test engine simulator.
Qasim 6/11/2022 9:43:00 AM
just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
deally 1/19/2024 3:41:00 PM
knowable questions
labuschanka 11/16/2023 6:06:00 PM
i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000