Microsoft Azure Security Engineer Certification

FREE Microsoft AZ-500 Questions and Answers

0%

You have been tasked with setting up an access review that will be added to a fresh group of reviews.
Additionally, you must guarantee that resource owners may see the reviews.
You begin by developing an access review program and control.
The Reviewers need to be configured immediately.
Which option should you choose for Reviewers?

Correct! Wrong!

Select one or more reviewers in the Reviewers area to examine each user included in the scope. Alternately, you can decide to let members assess their own access. You can request the group owners to review if the resource is a group.

Your business has an Active Directory forest with just the weylandindustries.com domain. Additionally, they have a tenant with the same name in Azure Active Directory (Azure AD).
The integration of Active Directory with the Azure AD tenancy is your responsibility. You want to introduce Azure AD Connect.
Your integration approach must ensure that user accounts that are synchronized to the Azure AD tenant are affected by password rules and user login limitations, and that the number of required servers is kept to a minimum.
You suggest using seamless SSO and password hash synchronization as a fix.
Is the aim being met by the solution?

Correct! Wrong!

The least amount of effort is required for infrastructure, deployment, and password hash synchronization. Organizations that just require their users to sign in to Office 365, SaaS applications, and other Azure AD-based resources often need to expend this degree of effort. When enabled, password hash synchronization happens every two minutes as part of the Azure AD Connect sync process.

You are responsible for implementing conditional access restrictions for the current Azure Active Directory (Azure AD) of your firm.
Assessing risk occurrences and risk levels is a step in the process.
Which of the following should be specified as the risk level for users whose credentials have been compromised?

Correct! Wrong!

These six types of occurrences are divided into three risk categories: High, Medium, and Low

Your business has an Active Directory forest with just the weylandindustries.com domain. Additionally, they have a tenant with the same name in Azure Active Directory (Azure AD).
You are informed that users with a givenName attribute commencing with LAB should not be permitted to sync to Azure AD once all on-premises identities have been synced to it.
Cloud AD.
Which of the subsequent actions ought you to perform?

Correct! Wrong!

Create attribute-based filtering rules using the Synchronization Rules Editor.

Your business has an Active Directory forest with just the weylandindustries.com domain. Additionally, they have a tenant with the same name in Azure Active Directory (Azure AD).
The integration of Active Directory with the Azure AD tenancy is your responsibility. You want to introduce Azure AD Connect.
Your integration approach must ensure that user accounts that are synchronized to the Azure AD tenant are affected by password rules and user login limitations, and that the number of required servers is kept to a minimum.
You suggest using seamless SSO with password hash synchronization and pass-through authentication. Is the aim being met by the solution?

Correct! Wrong!

You require one or more (we advise three) light-weight agents installed on current servers for pass-through authentication. Your on-premises Active Directory Domain Services, including your on-premises AD domain controllers, must be accessible to these agents. They require access to your domain controllers as well as outward access to the Internet. The agents cannot be deployed in a perimeter network because of this.

Recently, your business started an Azure subscription.
You are responsible for ensuring that a particular user may utilize Azure AD Privileged Identity Management (PIM).
Which of the following roles should you provide the user?

Correct! Wrong!

You must first enable PIM in your directory before you can use it.
1. Become a Global Administrator of your directory and go into the Azure portal.
To activate PIM for a directory, you must be a Global Administrator with an organizational account (for instance, @yourdomain.com), not a Microsoft account (for instance, @outlook.com).
Setting up Azure AD Privileged Identity Management (PIM) for contoso.com is one of the scenario's technical needs.

Your business has an Active Directory forest with just the weylandindustries.com domain. Additionally, they have a tenant with the same name in Azure Active Directory (Azure AD).
The integration of Active Directory with the Azure AD tenancy is your responsibility. You want to introduce Azure AD Connect.
Your integration approach must ensure that user accounts that are synchronized to the Azure AD tenant are affected by password rules and user login limitations, and that the number of required servers is kept to a minimum.
You suggest using Active Directory Federation Services (AD FS) for federation as a solution.
Is the aim being met by the solution?

Correct! Wrong!

A federated authentication system uses an outside, trustworthy system to verify user identities. Some businesses desire to use their hybrid Azure AD identity solution in conjunction with their current federated system investment. The organization employing the federated system is responsible for ensuring that it is implemented securely and has the capacity to handle the authentication load; maintenance and management of the federated system are independent of Azure AD.