Download Microsoft.AZ-500.ExamLabs.2019-07-31.36q.tqb

Download Exam

File Info

Exam Microsoft Azure Security Technologies
Number AZ-500
File Name Microsoft.AZ-500.ExamLabs.2019-07-31.36q.tqb
Size 2 MB
Posted Jul 31, 2019
Download Microsoft.AZ-500.ExamLabs.2019-07-31.36q.tqb

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

You need to meet the identity and access requirements for Group1. 
What should you do?


  1. Add a membership rule to Group1.
  2. Delete Group1. Create a new group named Group1 that has a membership type of Office 365. Add users and devices to the group.
  3. Modify the membership rule of Group1.
  4. Change the membership type of Group1 to Assigned. Create two groups that have dynamic memberships. Add the new groups to Group1.
Correct answer: B
Explanation:
Incorrect Answers:A, C: You can create a dynamic group for devices or for users, but you can't create a rule that contains both users and devices.D: For assigned group you can only add individual members.Scenario: Litware identifies the following identity and access requirements: All San Francisco users and their devices must be members of Group1.The tenant currently contain this group:    References:https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membershiphttps://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal
Incorrect Answers:
A, C: You can create a dynamic group for devices or for users, but you can't create a rule that contains both users and devices.
D: For assigned group you can only add individual members.
Scenario: 
Litware identifies the following identity and access requirements: All San Francisco users and their devices must be members of Group1.
The tenant currently contain this group:
  
References:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal



Question 2

You need to ensure that User2 can implement PIM.
What should you do first?


  1. Assign User2 the Global administrator role.
  2. Configure authentication methods for contoso.com.
  3. Configure the identity secure score for contoso.com.
  4. Enable multi-factor authentication (MFA) for User2.
Correct answer: A
Explanation:
To start using PIM in your directory, you must first enable PIM. 1. Sign in to the Azure portal as a Global Administrator of your directory. You must be a Global Administrator with an organizational account (for example, @yourdomain.com), not a Microsoft account (for example, @outlook.com), to enable PIM for a directory. Scenario: Technical requirements include: Enable Azure AD Privileged Identity Management (PIM) for contoso.comReferences:https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-getting-started
To start using PIM in your directory, you must first enable PIM. 
1. Sign in to the Azure portal as a Global Administrator of your directory. 
You must be a Global Administrator with an organizational account (for example, @yourdomain.com), not a Microsoft account (for example, @outlook.com), to enable PIM for a directory. 
Scenario: Technical requirements include: Enable Azure AD Privileged Identity Management (PIM) for contoso.com
References:
https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-getting-started



Question 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. 
You have an Azure Subscription named Sub1. 
You have an Azure Storage account named Sa1 in a resource group named RG1. 
Users and applications access the blob service and the file service in Sa1 by using several shared access signatures (SASs) and stored access policies. 
You discover that unauthorized users accessed both the file service and the blob service. 
You need to revoke all access to Sa1. 
Solution: You generate new SASs.
Does this meet the goal?


  1. Yes
  2. No
Correct answer: B
Explanation:
Instead you should create a new stored access policy. To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it. References:https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy
Instead you should create a new stored access policy. 
To revoke a stored access policy, you can either delete it, or rename it by changing the signed identifier. Changing the signed identifier breaks the associations between any existing signatures and the stored access policy. Deleting or renaming the stored access policy immediately affects all of the shared access signatures associated with it. 
References:
https://docs.microsoft.com/en-us/rest/api/storageservices/Establishing-a-Stored-Access-Policy









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files