AZ-500 Test 1
To determine whether the underlined segment is correct, you must consider it.
You've been given the duty of creating separate subscriptions for each section of your organization. The subscriptions, on the other hand, will be tied to a single Azure Active Directory (Azure AD) tenant.
Make certain that each subscription has the same role assignments.
You use Azure Active Directory Privileged Identity Management (PIM).
If the underlined portion is correct, select 'No adjustment necessary.' Select the accurate choice if the underlined part is incorrect.
Explanation:
Privileged Role Administrators can also create permanent admin role assignments using the Azure AD Privileged Identity Management (PIM) service.
You've been given the duty of arranging an access review to be assigned to a new set of reviews. You must also ensure that the reviews are accessible to resource owners.
Create an access review program and an access review control to get started.
The Reviewers must now be configured.
Which of the following should Reviewers be assigned to?
Explanation:
Select one or more persons to review all of the users in scope in the Reviewers section. Alternatively, you can have the members review their own access. If the resource is a group, you can request a review from the group's owners.
A subscription to Azure was recently created by your firm.
You've been given the duty of ensuring that a specific user may use Azure AD Privileged Identity Management (PIM).
Which of the following should you assign the user's role?
Explanation:
You must first enable PIM in your directory before you can use it.
1. Log in to the Azure portal as the directory's Global Administrator.
To activate PIM for a directory, you must be a Global Administrator with an organizational account (for example, @yourdomain.com), not a Microsoft account (for example, @outlook.com).
Scenario: The following are technical requirements: For contoso.com, enable Azure AD Privileged Identity Management (PIM).
You've been given the task of implementing conditional access controls for your company's Azure Active Directory (Azure AD).
The procedure entails determining the risk events and levels.
Which of the following is the risk level that should be set for sign-ins that come from IP addresses that have been associated with suspicious activity?
The correct answer:
Medium
A subscription to Azure was recently created by your firm. As a result, you've been given the duty of ensuring that you can secure Azure AD roles using Azure Active
Directory (Azure AD) Privileged Identity Management (PIM).
Which one of the following should you do first?
The correct answer:
Privileged Identity Management in Azure Active Directory (Azure AD) is something you should agree to (PIM)
Your organization has a single domain, weylandindustries.com, in its Active Directory forest. They also have a tenant with the same name in Azure Active Directory (Azure AD).
After you've synced all of your on-premises identities to Azure AD, you'll see that users with a givenName attribute that starts with LAB shouldn't be allowed to sync.
Which of the following is the best course of action for you?
The correct answer:
To develop an attribute-based filtering rule, you should utilize the Synchronization Rules Editor.
Sales, Marketing, and Research are the three departments that make up your company. You've formed a Resource Group for the Sales team called RGSales, and you've installed various Azure services for the Sales department in RGSales.
All employees of the Sales team should have Contributor access to RGSales, according to your administrator. Anyone who joins the Sales team in the future must have access to the RGSales resource group.
What should you do to limit administrative tasks to a bare minimum in order to meet the requirement?
The correct answer:
Add an Azure AD group and a rule to define group membership to the contributor role.
You have a container named container1 in your Azure Storage account storageaccount1. You must keep the blobs in container1 from being changed.
What are your options?
The correct answer:
Add an access policy to container1.
Your customer intends to use Azure to deploy virtual machines (VMs). The VMs are anticipated to exchange data from your customer's on-premise data center applications. The security between the Azure environment and the on-premise data center is a worry for your customer. Express route connectivity is something your network engineers are aiming to implement.
For end-to-end encryption, which encryption mechanism should you use?
The correct answer:
IPsec
