az-500 Free Practice Test

- (Exam Topic 1)
You need to ensure that users can access VM0. The solution must meet the platform protection requirements.
What should you do?

1. A. Move VM0 to Subnet1.
2. B. On Firewall, configure a network traffic filtering rule.
3. C. Assign RT1 to AzureFirewallSubnet.
4. D. On Firewall, configure a DNAT rule.

Correct Answer: D
https://docs.microsoft.com/en-us/azure/firewall/tutorial-firewall-dnat

- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant and a root management group. You create 10 Azure subscriptions and add the subscriptions to the rout management group.
You need to create an Azure Blueprints definition that will be stored in the root management group. What should you do first?

1. A. Add an Azure Policy definition to the root management group.
2. B. Modify the role-based access control (RBAC) role assignments for the root management group.
3. C. Create a user-assigned identity.
4. D. Create a service principal.

Correct Answer: B
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin

- (Exam Topic 3)
From Azure Security Center, you need to deploy SecPol1. What should you do first?

1. A. Enable Azure Defender.
2. B. Create an Azure Management group.
3. C. Create an initiative.
4. D. Configure continuous export.

Correct Answer: C
Reference:
https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/security-center/custom-security-policies.md https://zimmergren.net/create-custom-security-center-recommendation-with-azure-policy/

- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant.
You need to prevent nonprivileged Azure AD users from creating service principals in Azure AD. What should you do in the Azure Active Directory admin center of the tenant?

1. A. From the Properties Wade, set Enable Security defaults to Yes.
2. B. From the Properties blade, set Access management fen Azure resources to No
3. C. From the User settings blade, set Users can register applications to No
4. D. From the User settings blade, set Restrict access to Azure AD administration portal to Yes.

Correct Answer: D

- (Exam Topic 4)
Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory Azure (Azure AD) tenant named contoso.com.
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?

1. A. a redirect URI
2. B. a reply URL
3. C. a key
4. D. an application ID

Correct Answer: A
For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token
responses. References:
https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code