FREE Microsoft Azure Security Engineer Certification Questions and Answers

Question 1

To determine whether it is accurate, you must take into account the underlined portion.
You are in charge of making a unique subscription for every section of your business. The subscriptions will, however, all be connected to a single Azure Active tenant for Azure Active Directory.
Make sure that the roles assigned to each subscription are the same.
You use Privileged Identity Management (PIM) for Azure AD.
In the event that the underlined part is accurate, choose ""No adjustment required."" Choose the accurate answer if the underlined portion is accurate.

Accepted Answer

No adjustment required

Answer

Azure DevOps

Answer

Azure Blueprints

Answer

Conditional access policies

Question 2

The Azure subscription for your business includes a virtual network with a single subnet set up.
For the subnet, which has an Azure virtual machine with Ubuntu Server 18.04 installed, you have defined a service endpoint.
To install Docker containers on the virtual computer, you are getting ready. The containers must be able to use Azure Storage resources and Azure via the service endpoint, SQL databases.
Before deploying containers, a task must be completed on the virtual machine.
Installing the container network interface (CNI) plug-in is the solution.
Is the aim being met by the solution?

Accepted Answer

Yes

Answer

No

Answer

Maybe

Question 3

To install Azure virtual machines, you use Azure Resource Manager templates.
You are responsible for making sure that when instances of the virtual machines are provisioned, Windows features that are not in use are immediately deactivated.
Which of the subsequent actions ought you to perform?

Accepted Answer

You should make use of Azure Automation State Configuration.

Answer

You should make use of Azure Blueprints.

Answer

You should make use of Azure DevOps.

Answer

You should make use of network security groups (NSG).

Question 4

Azure virtual machines running Windows Server 2016 are part of your company's Azure subscription.
You are advised that a specific antimalware virtual machine extension must be deployed on every virtual machine. To accomplish this, you are creating the essential code for a policy.
Which of the following effects is a need for your code?

Accepted Answer

DeployIfNotExists

Answer

Modify

Answer

Disabled

Answer

AuditIfNotExists

Question 5

Azure Active Directory (Azure AD) is used by your organisation in a hybrid configuration. All users use hybrid Windows 10 devices that are connected to Azure AD.
You are in charge of a SQL Azure database that supports Azure AD authentication.
You must ensure that Microsoft SQL Server Management Studio (SSMS) can connect to the SQL database for database developers. Additionally, you must ensure that the developers authenticate using their on-premises Active Directory accounts. Your plan should provide for a minimal amount of authentication prompts.
Which of the following authentication techniques ought to be employed by developers?

Accepted Answer

Active Directory integrated authentication.

Answer

Azure Multi-Factor authentication.

Answer

Azure AD token.

Answer

None of the above

Question 6

A cluster for the Azure Kubernetes Service (AKS) is being created by you. An Azure resource must be reachable by the Azure Kubernetes Service (AKS) cluster.
Registry for containers.
The auto-generated service principal should be used to ensure that the Azure Kubernetes Service (AKS) cluster authenticates to the Azure Container Registry.
Solution: You establish a role assignment in Azure Active Directory (Azure AD).
Is the aim being met by the solution?

Accepted Answer

Yes

Answer

No

Answer

Maybe

Question 7

To determine whether it is accurate, you must take into account the underlined portion.
In your testing environment, you've set up an Azure Kubernetes Service (AKS) cluster.
The cluster is now being deployed to the production environment as you speak.
You should replace HTTP application routing after stopping it with an application routing solution that enables TLS termination and reverse proxy for AKS services via a single IP address.
An AKS Ingress controller must be made.
In the event that the underlined part is accurate, choose "No adjustment required." Choose the accurate answer if the underlined portion is accurate.

Accepted Answer

No adjustment required

Answer

a network security group

Answer

an application security group

Answer

an Azure Basic Load Balancer