Valid AZ-500 Dumps shared by PassLeader for Helping Passing AZ-500 Exam! PassLeader now offer the newest AZ-500 VCE dumps and AZ-500 PDF dumps, the PassLeader AZ-500 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader AZ-500 dumps with VCE and PDF here: https://www.passleader.com/az-500.html (278 Q&As Dumps –> 306 Q&As Dumps –> 367 Q&As Dumps –> 438 Q&As Dumps –> 531 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader AZ-500 dumps from Cloud Storage: https://drive.google.com/open?id=1CnqNGckypCByp19q05gCYQD-Qai7gnHt
NEW QUESTION 269
You are troubleshooting a security issue for an Azure Storage account. You enable the diagnostic logs for the storage account. What should you use to retrieve the diagnostics logs?
A. Azure Security Center
B. Azure Monitor
C. the Security Admin Center
D. Azure Storage Explorer
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-portal
NEW QUESTION 270
You have an Azure subscription that contains the resources shown in the following table:
You plan to enable Azure Defender for the subscription. Which resources can be protected by using Azure Defender?
A. VM1, VNET1, storage1, and Vault1.
B. VM1, VNET1, and storage1 only.
C. VM1, storage1, and Vault1 only.
D. VM1 and VNET1 only.
E. VM1 and storage1 only.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/security-center/azure-defender
NEW QUESTION 271
You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group (NSG) named NSG1. ServerAdmins can access the virtual machines by using RDP. You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access. What should you configure?
A. an Azure policy assigned to RG1
B. a just in time (JIT) VM access policy in Azure Security Center
C. an Azure Active Directory (Azure AD) Privileged Identity Management (PIM) role assignment
D. an Azure Bastion host on VNET1
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/security-center/just-in-time-explained
NEW QUESTION 272
You have a web app named WebApp1. You create a web application firewall (WAF) policy named WAF1. You need to protect WebApp1 by using WAF1. What should you do first?
A. Deploy an Azure Front Door.
B. Add an extension to WebApp1.
C. Deploy Azure Firewall.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-door
NEW QUESTION 273
You have an Azure subscription that contains an Azure SQL database named sql1. You plan to audit sql1. You need to configure the audit log destination. The solution must meet the following requirements:
– Support querying events by using the Kusto query language.
– Minimize administrative effort.
What should you configure?
A. an event hub
B. a storage account
C. a Log Analytics workspace
Answer: C
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-log-analytics-wizard
NEW QUESTION 274
Hotspot
You have a management group named Group1 that contains an Azure subscription named sub1. Sub1 has a subscription ID of 11111111-1234-1234-1234-1111111111. You need to create a custom Azure role-based access control (RBAC) role that will delegate permissions to manage the tags on all the objects in Group1. What should you include in the role definition of Role1? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
Assigning a custom RBAC role as the Management Group level is currently in preview only. So, for now the answer to the assignable scope is the subscription level.
https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal#step-5-assignable-scopes
NEW QUESTION 275
Drag and Drop
You have an Azure subscription that contains the following resources:
– A network virtual appliance (NVA) that runs non-Microsoft firewall software and routes all outbound traffic from the virtual machines to the internet.
– An Azure function that contains a script to manage the firewall rules of the NVA.
– Azure Security Center standard tier enabled for all virtual machines.
– An Azure Sentinel workspace.
– 30 virtual machines.
You need to ensure that when a high-priority alert is generated in Security Center for a virtual machine, an incident is created in Azure Sentinel and then a script is initiated to configure a firewall rule for the NVA. How should you configure Azure Sentinel to meet the requirements? (To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Explanation:
https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts
https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center
NEW QUESTION 276
……
Get the newest PassLeader AZ-500 VCE dumps here: https://www.passleader.com/az-500.html (278 Q&As Dumps –> 306 Q&As Dumps –> 367 Q&As Dumps –> 438 Q&As Dumps –> 531 Q&As Dumps)
And, DOWNLOAD the newest PassLeader AZ-500 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=1CnqNGckypCByp19q05gCYQD-Qai7gnHt