az-500 Free Practice Test

- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant.
You need to prevent nonprivileged Azure AD users from creating service principals in Azure AD. What should you do in the Azure Active Directory admin center of the tenant?

1. A. From the Properties Wade, set Enable Security defaults to Yes.
2. B. From the Properties blade, set Access management fen Azure resources to No
3. C. From the User settings blade, set Users can register applications to No
4. D. From the User settings blade, set Restrict access to Azure AD administration portal to Yes.

Correct Answer: D

- (Exam Topic 4)
Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory Azure (Azure AD) tenant named contoso.com.
The company develops a mobile application named App1. App1 uses the OAuth 2 implicit grant type to acquire Azure AD access tokens.
You need to register App1 in Azure AD.
What information should you obtain from the developer to register the application?

1. A. a redirect URI
2. B. a reply URL
3. C. a key
4. D. an application ID

Correct Answer: A
For Native Applications you need to provide a Redirect URI, which Azure AD will use to return token
responses. References:
https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code

- (Exam Topic 4)
You have an Azure subscription that contains a resource group named RG1. RG1 contains a virtual machine named VM1 that uses Azure Active Directory (Azure AD) authentication.
You have two custom Azure roles named Role1 and Role2 that are scoped to RG1. The permissions for Role1 are shown in the following JSON code.

The permissions for Role2 are shown in the following JSON code.

You assign the roles to the users shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
You are configuring just in time (JIT) VM access to a set of Azure virtual machines.
You need to grant users PowerShell access to the virtual machine by using JIT VM access. What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Solution:
*1. Read permission
*2. 5986
https://docs.microsoft.com/en-us/azure/security-center/just-in-time-explained#what-permissions-are-needed-to-c

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.
Currently, the domain and the tenant are not integrated.
You need to ensure that User1 can access share1 by using his domain credentials.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Solution:
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-compliance-dashboard

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A