Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Palo Alto Networks
Salesforce
SAP
All Vendors
  1. Home
  2. Microsoft
  3. AZ-500

Microsoft AZ-500 Exam (page: 5)
Microsoft Azure Security Technologies
Updated on: 28-Jul-2025

Viewing Page 5 of 103
AZ-500 PDF 503 Questions

Your company has an Azure subscription that includes two virtual machines, named VirMac1 and VirMac2, which both have a status of Stopped (Deallocated).
The virtual machines belong to different resource groups, named ResGroup1 and ResGroup2.
You have also created two Azure policies that are both configured with the virtualMachines resource type. The policy configured for ResGroup1 has a policy definition of Not allowed resource types, while the policy configured for ResGroup2 has a policy definition of Allowed resource types.
You then create a Read-only resource lock on VirMac1, as well as a Read-only resource lock on ResGroup2.
Which of the following is TRUE with regards to the scenario? (Choose all that apply.)

  1. You will be able to start VirMac1.
  2. You will NOT be able to start VirMac1.
  3. You will be able to create a virtual machine in ResGroup2.
  4. You will NOT be able to create a virtual machine in ResGroup2.

Answer(s): B,D

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/governance/blueprints/concepts/resource-locking



You have been tasked with delegate administrative access to your company's Azure key vault.
You have to make sure that a specific user can set advanced access policies for the key vault. You also have to make sure that access is assigned based on the principle of least privilege.
Which of the following options should you use to achieve your goal?

  1. Azure Information Protection
  2. RBAC
  3. Azure AD Privileged Identity Management (PIM)
  4. Azure DevOps

Answer(s): B

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault



You have been tasked with delegate administrative access to your company's Azure key vault.
You have to make sure that a specific user is able to add and delete certificates in the key vault. You also have to make sure that access is assigned based on the principle of least privilege.
Which of the following options should you use to achieve your goal?

  1. A key vault access policy
  2. Azure policy
  3. Azure AD Privileged Identity Management (PIM)
  4. Azure DevOps

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault



You have an Azure virtual machine that runs Windows Server R2.
You plan to deploy and configure an Azure Key vault, and enable Azure Disk Encryption for the virtual machine.
Which of the following is TRUE with regards to Azure Disk Encryption for a Windows VM?

  1. It is supported for basic tier VMs.
  2. It is supported for standard tier VMs.
  3. It is supported for VMs configured with software-based RAID systems.
  4. It is supported for VMs configured with Storage Spaces Direct (S2D).

Answer(s): B

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-windows



You have an Azure virtual machine that runs Ubuntu 16.04-DAILY-LTS.
You plan to deploy and configure an Azure Key vault, and enable Azure Disk Encryption for the virtual machine.
Which of the following is TRUE with regards to Azure Disk Encryption for a Linux VM?

  1. It is NOT supported for basic tier VMs.
  2. It is NOT supported for standard tier VMs.
  3. OS drive encryption for Linux virtual machine scale sets is supported.
  4. Custom image encryption is supported.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/disk-encryption-linux



Viewing Page 5 of 103



Share your comments for Microsoft AZ-500 exam with other users:

Moreece 5/15/2023 8:44:00 AM

just passed the az-500 exam this last friday. most of the questions in this exam dumps are in the exam. i bought the full version and noticed some of the questions which were answered wrong in the free version are all corrected in the full version. this site is good but i wish the had it in an interactive version like a test engine simulator.
Anonymous


Qasim 6/11/2022 9:43:00 AM

just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
Anonymous


deally 1/19/2024 3:41:00 PM

knowable questions
UNITED STATES


labuschanka 11/16/2023 6:06:00 PM

i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000
Anonymous