Manage security operations

0% Completo

0/0 Etapas

Simulado 1 de 0

Manage security operations

Time limit: 0

Simulado Summary

0 of 23 Questões completed

Perguntas:

Information

Você já concluiu o simulado antes. Portanto, você não pode reiniciá-lo.

Simulado is loading…

You must sign in or sign up to start the simulado.

Você precisa primeiro terminar os seguintes:

Resultados

Simulado concluído. Os resultados estão sendo registrados.

Resultados

0 of 23 Questões answered correctly

Seu tempo:

Time has elapsed

You have reached 0 of 0 point(s), (0)

Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)

Categories

AZ-500 Manage security operations 0%

Current
Review
Answered
Correto
Incorreto

Questão 1 of 23

1. Question
You have an Azure subscription named Sub1.

In Azure Security Center, you have a security playbook named Play1. Play1 is configured to send an email message to a user named User1.

You need to modify Play1 to send email messages to a distribution group named Alerts.

What should you use to modify Play1?
- Azure DevOps
- Azure Application Insights
- Azure Monitor
- Azure Logic Apps Designer
Correto

Incorreto
Questão 2 of 23

2. Question
You create a new Azure subscription.

You need to ensure that you can create custom alert rules in Azure Security Center.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.
- Onboard Azure Active Directory (Azure AD) Identity Protection.
- Create an Azure Storage account.
- Implement Azure Advisor recommendations.
- Create an Azure Log Analytics workspace.
- Upgrade the pricing tier of Security Center to Standard.
Correto

Incorreto
Questão 3 of 23

3. Question
You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1.

You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers connect to LAW1. LAW1 is configured to collect security-related performance counters from the connected servers.

You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:

Alert rules must support dimensions.

The time it takes to generate an alert must be minimized.

Alert notifications must be generated only once when the alert is generated and once when the alert is resolved.

Which signal type should you use when you create the alert rules?
- Log
- Log (Saved Query)
- Metric
- Activity Log
Correto

Incorreto
Questão 4 of 23

4. Question
You have an Azure subscription named Sub1 that contains the virtual machines shown in the following table.

Name Resource grouop

VM1 RG1

VM2 RG2

VM3 RG1

VM4 RG2

You need to ensure that the virtual machines in RG1 have the Remote Desktop port closed until an authorized user requests access.

What should you configure?
- Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
- an application security group
- Azure Active Directory (Azure AD) conditional access
- just in time (JIT) VM access
Correto

Incorreto
Questão 5 of 23

5. Question
You are troubleshooting a security issue for an Azure Storage account.

You enable the diagnostic logs for the storage account.

What should you use to retrieve the diagnostics logs?
- Azure Storage Explorer
- SQL query editor in Azure
- File Explorer in Windows
- Azure Security Center
Correto

Incorreto
Questão 6 of 23

6. Question
You have an Azure Storage account named storage1 that has a container named container1.

You need to prevent the blobs in container1 from being modified.

What should you do?
- From container1, change the access level.
- From container1, add an access policy.
- From container1, modify the Access Control (IAM) settings.
- From storage1, enable soft delete for blobs.
Correto

Incorreto
Questão 7 of 23

7. Question
You company has an Azure Active Directory (Azure AD) tenant named contoso.com.

You plan to create several security alerts by using Azure Monitor.

You need to prepare the Azure subscription for the alerts.

What should you create first?
- An Azure Storage account
- an Azure Log Analytics workspace
- an Azure event hub
- an Azure Automation account
Correto

Incorreto
Questão 8 of 23

8. Question
You company has an Azure subscription named Sub1. Sub1 contains an Azure web app named WebApp1 that uses Azure Application Insights. WebApp1 requires users to authenticate by using OAuth 2.0 client secrets.

Developers at the company plan to create a multi-step web test app that preforms synthetic transactions emulating user traffic to Web App1.

You need to ensure that web tests can run unattended.

What should you do first?
- In Microsoft Visual Studio, modify the .webtest file.
- Upload the .webtest file to Application Insights.
- Register the web test app in Azure AD.
- Add a plug-in to the web test app.
Correto

Incorreto
Questão 9 of 23

9. Question
You have an Azure subscription named Subscription1.

You deploy a Linux virtual machine named VM1 to Subscription1.

You need to monitor the metrics and the logs of VM1.

What should you use?
- the AzurePerformanceDiagnostics extension
- Azure HDInsight
- Linux Diagnostic Extension (LAD) 3.0
- Azure Analysis Services
Correto

Incorreto
Questão 10 of 23

10. Question
You onboard Azure Sentinel. You connect Azure Sentinel to Azure Security Center.

You need to automate the mitigation of incidents in Azure Sentinel. The solution must minimize administrative effort.

What should you create?
- an alert rule
- a playbook
- a function app
- a runbook
Correto

Incorreto
Questão 11 of 23

11. Question
You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You need to configure diagnostic settings for contoso.com. The solution must meet the following requirements:
- Retain logs for two years.
- Query logs by using the Kusto query language.
- Minimize administrative effort.
Where should you store the logs?
- an Azure event hub
- an Azure Log Analytics workspace
- an Azure Storage account
Correto

Incorreto
Questão 12 of 23

12. Question
You are troubleshooting a security issue for an Azure Storage account.

You enable the diagnostic logs for the storage account.

What should you use to retrieve the diagnostics logs?
- the Security & Compliance admin center
- Azure Security Center
- Azure Cosmos DB explorer
- AzCopy
Correto

Incorreto
Questão 13 of 23

13. Question
You have an Azure subscription that contains the virtual machines shown in the following table.

Name Operating system

VM1 Windows Server 2016

VM2 Ubuntu Server 18.04 LTS

From Azure Security Center, you turn on Auto Provisioning.

You deploy the virtual machines shown in the following table.

Name Operating system

VM3 Windows Server 2016

VM4 Ubuntu Server 18.04 LTS

On which virtual machines is the Microsoft Monitoring Agent installed?
- VM3 only
- VM1 and VM3 only
- VM3 and VM4 only
- VM1, VM2, VM3, and VM4
Correto

Incorreto
Questão 14 of 23

14. Question
You have 10 virtual machines on a single subnet that has a single network security group (NSG).

You need to log the network traffic to an Azure Storage account.

What should you do?
- Install the Network Performance Monitor solution.
- Create an Azure Log Analytics workspace.
- Enable diagnostic logging for the NSG.
- Enable NSG flow logs.
Correto

Incorreto
Questão 15 of 23

15. Question
You have an Azure subscription that contains the virtual machines shown in the following table.

Name Operating system

VM1 Windows Server 2016

VM2 Ubuntu Server 18.04 LTS

From Azure Security Center, you turn on Auto Provisioning.

You deploy the virtual machines shown in the following table.

Name Operating system

VM3 Windows Server 2016

VM4 Ubuntu Server 18.04 LTS

On which virtual machines is the Log Analytics Agent installed?
- VM3 only
- VM1 and VM3 only
- VM3 and VM4 only
- VM1, VM2, VM3, and VM4
Correto

Incorreto
Questão 16 of 23

16. Question
You have an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

You are assigned the Global administrator role for the tenant. You are responsible for managing Azure Security Center settings.

You need to create a custom sensitivity label.

What should you do?
- Create a custom sensitive information type.
- Elevate access for global administrators in Azure AD.
- Upgrade the pricing tier of the Security Center to Standard.
- Enable integration with Microsoft Cloud App Security.
Correto

Incorreto

Questão 17 of 23

17. Question

You have an Azure subscription that contains the Azure Log Analytics workspaces shown in the following table.

Name	Location	Description
Workspace1	East US	Used by Azure Sentinel
Workspace2	West US	Not applicable

You create the virtual machines shown in the following table.

Name	Location	Operating system	Connected to
VM1	East US	Windows Server 2019	None
VM2	East US	Windows Server 2019	Workspace2
VM3	West US	Windows Server 2019	None
VM4	West US	Windows Server 2019	Workspace2

You plan to use Azure Sentinel to monitor Windows Defender Firewall on the virtual machines.

Which virtual machines you can connect to Azure Sentinel?

VM1 only
VM1 and VM3 only
VM1, VM2, VM3, and VM4
VM1 and VM2 only

Correto

Incorreto

Questão 18 of 23

18. Question
You have an Azure subscription that contains 100 virtual machines and has Azure Security Center Standard tier enabled.

You plan to perform a vulnerability scan of each virtual machine.

You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.

Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.
- the user-assigned managed identity
- the workspace ID
- the Azure Active Directory (Azure AD) ID
- the Key Vault managed storage account key
- the system-assigned managed identity
- the primary shared key
Correto

Incorreto
Questão 19 of 23

19. Question
You have an Azure subscription that contains a user named Admin1 and a virtual machine named VM1. VM1 runs Windows Server 2019 and was deployed by using an Azure Resource Manager template. VM1 is the member of a backend pool of a public Azure Basic Load Balancer.

Admin1 reports that VM1 is listed as Unsupported on the Just in time VM access blade of Azure Security Center.

You need to ensure that Admin1 can enable just in time (JIT) VM access for VM1.

What should you do?
- Create and configure a network security group (NSG).
- Create and configure an additional public IP address for VM1.
- Replace the Basic Load Balancer with an Azure Standard Load Balancer.
- Assign an Azure Active Directory Premium Plan 1 license to Admin1.
Correto

Incorreto
Questão 20 of 23

20. Question
You have an Azure Active Directory (Azure AD) tenant and a root management group.

You create 10 Azure subscriptions and add the subscriptions to the root management group.

You need to create an Azure Blueprints definition that will be stored in the root management group.

What should you do first?
- Modify the role-based access control (RBAC) role assignments for the root management group.
- Add an Azure Policy definition to the root management group.
- Create a user assigned identity.
- Create a service principal.
Correto

Incorreto
Questão 21 of 23

21. Question
You have three on-premises servers named Server1, Server2, and Server3 that run Windows. Server1 and Server2 and located on the Internal network. Server3 is located on the premises network. All servers have access to Azure.

From Azure Sentinel, you install a Windows firewall data connector.

You need to collect Microsoft Defender Firewall data from the servers for Azure Sentinel.

What should you do?
- Create an event subscription from Server1, Server2 and Server3
- Install the On-premises data gateway on each server.
- Install the Microsoft Agent on each server.
- Install the Microsoft Agent on Server1 and Server2 install the on-premises data gateway on Server3.
Correto

Incorreto
Questão 22 of 23

22. Question
You have an Azure subscription that contains several Azure SQL databases and an Azure Sentinel workspace.

You need to create a saved query in the workspace to find events reported by Advanced Threat Protection for Azure SQL Database.

What should you do?
- From Azure CLI run the Get-AzOperationalInsightsworkspace cmdlet.
- From the Azure SQL Database query editor, create a Transact-SQL query.
- From the Azure Sentinel workspace, create a Kusto Query Language query.
- From Microsoft SQL Server Management Studio (SSMS), create a Transact-SQL query.
Correto

Incorreto
Questão 23 of 23

23. Question
You are collecting events from Azure virtual machines to an Azure Log Analytics workspace.

You plan to create alerts based on the collected events.

You need to identify which Azure services can be used to create the alerts.

Which two services should you identify? Each correct answer presents a complete solution

NOTE: Each correct selection is worth one point.
- Azure Monitor
- Azure Security Center
- Azure Analytics Services
- Azure Sentinel
- Azure Advisor
Correto

Incorreto

Name	Resource grouop
VM1	RG1
VM2	RG2
VM3	RG1
VM4	RG2