AZ-500 Test 2
You have numerous virtual machines under your Azure subscription.
You need to find out who the individual was who deleted a virtual machine three weeks ago.
In Azure Monitor, what should you use?
Explanation:
The Azure Activity log is a platform log that gives you information about subscription-level occurrences. When a resource is updated or a virtual machine is started, information from the activity log is recorded. The Activity log can be seen via the Azure portal, or entries can be retrieved using PowerShell and the CLI.
You've set up Azure to host mission-critical apps. To gain access to Azure resources, your security administrator advised that you build an approval process. Your legal team needs to see an audit of who accessed an Azure resource when, how, and why.
Which option should you investigate in order to meet these criteria?
Explanation:
Privileged Identity Management (PIM) is an Azure Active Directory (Azure AD) service that lets you manage, regulate, and monitor access to critical resources in your company. Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 and Microsoft Intune are examples of these resources.
You are the administrator of the PreparationLabs.com Azure Directory (Azure AD) tenancy. To grant access, you've set the User-risk policy's control to "Require Password Change."
External users have been granted access to your tenant's applications by your organization. Azure AD identity protection detected an external user named User1 as a dangerous user. What will the ramifications be for User1?
The correct answer:
User1 will be blocked
You have a subscription to Azure that includes 100 virtual machines. All of the virtual machines have Azure Diagnostics turned on.
The security events of a virtual machine running Windows Server 2016 must be queried.
In Azure Monitor, what should you use?
The correct answer:
Logs
You've created an Azure Active Directory (AAD) app called PreparationLabs with delegated permissions for Users. ReadWrite.All.
Admin1 logged into the PreparationLabs program as a User Administrator.
Is it possible for Admin1 to change the AAD profiles of all users in the organization?
The correct answer:
correct
You've created an Azure Active Directory (AAD) app called PreparationLabs with delegated permissions for Users. ReadWrite.All.
The PreparationLabs application was accessed by a user named User1.
Is it possible for User1 to update the AAD profiles of all users in the organization?
The correct answer:
incorrect
You're attempting to resolve a security issue with an Azure Storage account. You archive Azure Storage Analytics logs to a storage account after enabling Azure Storage Analytics logs.
What method should you employ to obtain the diagnostics logs?
Explanation:
Azure Storage Explorer is a graphical user interface (GUI) tool with a number of capabilities to make your development life easier. Connecting to and managing numerous storage accounts is simple. This program allows you to connect any device to your Azure storage account.
You have a tenant for Azure Active Directory (Azure AD).
Non-privileged Azure AD users should not be able to create service principals in Azure AD.
What should you do in the tenant's Azure Active Directory admin center?
The correct answer:
From the User settings blade, set Restrict access to Azure AD administration portal to Yes
You intend to use JIT VM access. What types of virtual machines are going to be supported?
The correct answer:
VM1 and VM3 only