Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-500

Microsoft AZ-500 Exam
Microsoft Azure Security Technologies (Page 16 )

Updated On: 9-Feb-2026
Page 16 of 103
PDF with 505 Questions

HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
The tenant contains the named locations shown in the following table.
You create the conditional access policies for a cloud app named App1 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:



  1. See Explanation section for answer.

Answer(s): A

Explanation:



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure subscription named Sub 1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.
Each user is assigned an Azure AD Premium P2 license.
You plan to onboard and configure Azure AD Identity Protection.
Which users can onboard Azure AD Identity Protection, remediate users, and configure policies? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
From Azure AD Privileged Identity Management (PIM), you configure the settings for the Security Administrator role as shown in the following exhibit.
From PIM, you assign the Security Administrator role to the following groups:
-Group1: Active assignment type, permanently assigned
-Group2: Eligible assignment type, permanently eligible
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:


  1. See Explanation section for answer.

Answer(s): A

Explanation:


Box 1: No
User1 is a member of Group1. Group1: Active assignment type, permanently assigned
Box 2: Yes
Active Type: A role assignment that doesn't require a user to perform any action to use the role. Users assigned as active have the privileges assigned to the role
Box 3: No
User3 is member of Group1 and Group2.
Group1: Active assignment type, permanently assigned
Group2: Eligible assignment type, permanently eligible


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/privileged-identity-management/pim-resource-roles-configure-role-settings



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
Your company has an Azure subscription named Subscription1 that contains the users shown in the following table.
The company is sold to a new owner.
The company needs to transfer ownership of Subscription1.
Which user can transfer the ownership and which tool should the user use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Box 1; User2
Billing Administrator
Select Transfer billing ownership for the subscription that you want to transfer.
Enter the email address of a user who's a billing administrator of the account that will be the new owner for the subscription.
Box 2: Azure Account Center
Azure Account Center can be used.


Reference:

https://docs.microsoft.com/en-us/azure/billing/billing-subscription-transfer#transfer-billing-ownership-of-an-azure-subscription



SIMULATION
The developers at your company plan to create a web app named App12345678 and to publish the app to https://www.contoso.com.
You need to perform the following tasks:
-Ensure that App12345678 is registered to Azure Active Directory (Azure AD).
-Generate a password for App12345678.
To complete this task, sign in to the Azure portal.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

Step 1: Register the Application
1. Sign in to your Azure Account through the Azure portal.
2. Select Azure Active Directory.
3. Select App registrations.
4. Select New registration.
5. Name the application 12345678. Select a supported account type, which determines who can use the application. Under Redirect URI, select Web for the type of application you want to create. Enter the URI: https://www.contoso.com , where the access token is sent to.

6. Click Register
Step 2: Create a new application secret
If you choose not to use a certificate, you can create a new application secret.
7. Select Certificates & secrets.
8. Select Client secrets -> New client secret.
9. Provide a description of the secret, and a duration. When done, select Add.
After saving the client secret, the value of the client secret is displayed. Copy this value because you aren't able to retrieve the key later. You provide the key value with the application ID to sign in as the application. Store the key value where your application can retrieve it.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal






Post your Comments and Discuss Microsoft AZ-500 exam prep with other Community members:

Join the AZ-500 Discussion