Home Vendors New Files TQB Simulator Upload Files
Cisco Microsoft VMware Oracle Checkpoint IBM Exin RedHat ECCouncil PMI

Download Microsoft.AZ-500.TestInside.2020-03-13.71q.tqb

Vendor: Microsoft
Exam Code: AZ-500
Exam Name: Microsoft Azure Security Technologies
Date: Mar 13, 2020
File Size: 3 MB
Download Exam
Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
You need to meet the identity and access requirements for Group1. 
What should you do?
  1. Add a membership rule to Group1.
  2. Delete Group1. Create a new group named Group1 that has a membership type of Office 365. Add users and devices to the group.
  3. Modify the membership rule of Group1.
  4. Change the membership type of Group1 to Assigned. Create two groups that have dynamic memberships. Add the new groups to Group1.
Correct answer: B
Explanation:
Incorrect Answers:A, C: You can create a dynamic group for devices or for users, but you can't create a rule that contains both users and devices.D: For assigned group you can only add individual members.Scenario: Litware identifies the following identity and access requirements: All San Francisco users and their devices must be members of Group1.The tenant currently contain this group:    References:https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membershiphttps://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal
Incorrect Answers:
A, C: You can create a dynamic group for devices or for users, but you can't create a rule that contains both users and devices.
D: For assigned group you can only add individual members.
Scenario: 
Litware identifies the following identity and access requirements: All San Francisco users and their devices must be members of Group1.
The tenant currently contain this group:
  
References:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal
Question 2
You need to ensure that User2 can implement PIM.
What should you do first?
  1. Assign User2 the Global administrator role.
  2. Configure authentication methods for contoso.com.
  3. Configure the identity secure score for contoso.com.
  4. Enable multi-factor authentication (MFA) for User2.
Correct answer: A
Explanation:
To start using PIM in your directory, you must first enable PIM. 1. Sign in to the Azure portal as a Global Administrator of your directory. You must be a Global Administrator with an organizational account (for example, @yourdomain.com), not a Microsoft account (for example, @outlook.com), to enable PIM for a directory. Scenario: Technical requirements include: Enable Azure AD Privileged Identity Management (PIM) for contoso.comReferences:https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-getting-started
To start using PIM in your directory, you must first enable PIM. 
1. Sign in to the Azure portal as a Global Administrator of your directory. 
You must be a Global Administrator with an organizational account (for example, @yourdomain.com), not a Microsoft account (for example, @outlook.com), to enable PIM for a directory. 
Scenario: Technical requirements include: Enable Azure AD Privileged Identity Management (PIM) for contoso.com
References:
https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-getting-started
Question 3
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
You have an Azure Subscription named Sub1. 
You have an Azure Storage account named Sa1 in a resource group named RG1. 
Users and applications access the blob service and the file service in Sa1 by using several shared access signatures (SASs) and stored access policies. 
You discover that unauthorized users accessed both the file service and the blob service. 
You need to revoke all access to Sa1. 
Solution: You generate new SASs.
Does this meet the goal?
  1. Yes
  2. No
Correct answer: B
Explanation:
Instead you should create a new stored access policy. To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it. References:https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy
Instead you should create a new stored access policy. 
To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it. 
References:
https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy
CONNECT US
EXAM SIMULATOR

How to Open TQB Files?

Use Taurus Exam Simulator to open TQB files

Taurus Exam Simulator


Taurus Exam Simulator for Windows/macOS/Linus

Download

We does not sell or support this software
Taurus Exam Studio
Enjoy a 20% discount on Taurus Exam Studio!

You now have the chance to acquire Exam Studio at a discounted rate of 20%.

Get Now!
-->