Below is our seventh free AZ-500 Practice Test. This final test in our 8-part series is designed to help you review advanced Azure security topics and assess your readiness for the Microsoft Azure Security Engineer Associate certification. Use it as a final step in your exam preparation journey.
0 of 20 Questions completed
Questions:
You have already completed the quiz before. Hence you can not start it again.
You must sign in or sign up to start the quiz.
You must first complete the following:
Test complete. Results are being recorded.
0 of 20 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0 )
Earned Point(s): 0 of 0 , (0 ) 0 Essay(s) Pending (Possible Point(s): 0 )
Question 1 of 20
Which Shared Access Signatures (SAS) resource token indicates access to the containers and services?
Question 2 of 20
When auditing Azure Storage logs to investigate potential accidental deletions of blobs or containers, which field should you use to identify the method of authentication (such as account key, SAS token, or Microsoft Entra ID) that was used for the request?
Question 3 of 20
You have created a key expiration policy for the access keys that you configured for a highly confidential storage account. The policy is basically a reminder that enables you to rotate your account access keys. How can you monitor the storage accounts for key expiration policy violations?
Question 4 of 20
You are configuring access to Azure files. You disable encryption in transit for an Azure storage account. Which method of access doesn’t require encryption in transit and is allowed to pass through without interruption?
Question 5 of 20
Arrange the steps in the correct sequence to access Azure Blob Storage using the REST API. (Drag & Drop).
Reorder
Get the account name and account key
Move "Get the account name and account key" down
Move "Get the account name and account key" up
Reorder
Send the request
Move "Send the request" down
Move "Send the request" up
Reorder
Construct the request URL
Move "Construct the request URL" down
Move "Construct the request URL" up
Reorder
Authenticate the request
Move "Authenticate the request" down
Move "Authenticate the request" up
Question 6 of 20
You’re storing TBs of structured data for web-scale applications. After instantiating a TableService Client in NODE.JS RUNTIME, which argument should you use for passing account-name and account-key as arguments?
Question 7 of 20
You dequeue a message from an Azure Storage queue using the Azure portal. Which statement correctly describes what happens when a message is dequeued?
Question 8 of 20
When enabling blob versioning, you configure the ‘Delete versions after’ option. This setting automatically creates a rule in the lifecycle management policy of the storage account. What happens to the ‘Delete versions after’ option once the rule is added?
Question 9 of 20
When configuring Bring Your Own Key (BYOK), you set up Azure Key Vault to host your keys. Which Azure Key Vault feature allows recovery of deleted vaults and content if a key or secret is accidentally deleted?
Question 10 of 20
John is creating an Azure workspace with double encryption enabled at the infrastructure level using the Azure CLI. Which field must be included in the encryption property and set to true?
Question 11 of 20
When configuring an application to securely access Azure Data Lake Storage Gen2 (ADLS Gen2) without hard-coding any secrets, which authentication method should be used?
Question 12 of 20
In Microsoft Defender for Cloud, the built-in policy based on the Microsoft Cloud Security Benchmark (MCSB) requires auditing to be enabled on SQL servers. Which of the following actions is not covered by this policy?
Question 13 of 20
Arrange the Microsoft Purview setup steps in the correct order to manage the lineage and provenance of your data. (Drag & Drop)
Reorder
Review and create your account
Move "Review and create your account" down
Move "Review and create your account" up
Reorder
Setup authentication
Move "Setup authentication" down
Move "Setup authentication" up
Reorder
Create a new Purview account
Move "Create a new Purview account" down
Move "Create a new Purview account" up
Reorder
Configure your account
Move "Configure your account" down
Move "Configure your account" up
Question 14 of 20
You’re using Microsoft Purview to track the data movements and transformation stages. Which of the following two data processing systems can be used to transform data from the landing zone to the Curated zone using notebooks and job definitions?
Question 15 of 20
In Microsoft Purview, if public endpoints are restricted on your Azure data sources, which setup is required to scan them using Private Link?
Question 16 of 20
You’re configuring dynamic data masking for an Azure SQL database. Which permission is required on a table for users to view the table data and retrieve unmasked data from the columns for which the data masking is defined?
Question 17 of 20
John is configuring Transparent Data Encryption (TDE) on a SQL Server. After enabling TDE, he altered the protection of the associated certificate from being encrypted by the database master key to being encrypted by a password. Following a server restart, the database became inaccessible. What is the root cause of this issue?
Question 18 of 20
In SQL Server’s Always Encrypted feature, cryptographic operations are performed on the client side, ensuring that keys are never exposed to the Database Engine. Which of the following statements correctly distinguishes the roles and storage locations of the keys used in Always Encrypted?
Question 19 of 20
You are using Azure Policy with built-in definitions to audit storage accounts that are not encrypted. You now want to enforce this policy by assigning it to your resources. How should you apply the policy assignment?
Question 20 of 20
Jane has created an Azure Blueprint for her application in the Azure portal. What happens when she assigns the blueprint to one or more subscriptions and tracks its deployment?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Current
Correct
Incorrect
