Welcome to AZ-500 Practice Test 1. This free practice test is designed to help you prepare for the Microsoft Azure Security Engineer Associate certification. You’ll answer realistic, exam-style questions that cover key topics like identity and access management, platform protection, data security, and more. Use this test to assess your knowledge and get a feel for the AZ-500 exam format.
0 of 20 Questions completed
Questions:
You have already completed the quiz before. Hence you can not start it again.
You must sign in or sign up to start the quiz.
You must first complete the following:
Test complete. Results are being recorded.
0 of 20 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0 )
Earned Point(s): 0 of 0 , (0 ) 0 Essay(s) Pending (Possible Point(s): 0 )
Question 1 of 20
Julie is setting up a Windows 10 virtual machine in the Azure portal. How can she enable a system-assigned managed identity during the VM creation process?
Question 2 of 20
John configures rules that assign permissions based on the job title within the company’s Azure AD instance. Which dynamic rule-based permissions can you create for the company’s Human Resource (HR) analysts that provide them access to the resources they need based on their job titles?
Question 3 of 20
After a user successfully signs in, Azure AD creates a(n) ____________ that confirms their identity and defines what resources they can access, along with the actions they’re allowed to perform on those resources. (FILL IN THE BLANK)
Question 4 of 20
You’re assigned to configure secure logins for consumers who sign in to your application to sell used items. Which Azure AD external identity use case should you follow to achieve the objective?
Question 5 of 20
Your company aims to streamline its relationships with third-party vendors and suppliers. You have been tasked with creating external identities for vendors and suppliers to access the company’s procurement area in the Azure portal. Which external identity should you create so they can access the procurement portal within the Azure AD?
Question 6 of 20
In Privileged Identity Management (PIM), which term refers to a role assignment with a ‘Duration’ that limits when a user is eligible to activate the role to a specific start and end date?
Question 7 of 20
To enable automatic enrollment, what steps are required to prepare Privileged Identity Management (PIM) for Azure AD roles? (Choose two).
Question 8 of 20
When configuring automated detection and remediation, which two risk policies generate an automated response to risk detection in an environment, allowing users to self-remediate when a risk is identified? (Choose two.)
Question 9 of 20
Which user role for accessing Azure AD identity protection is not appropriate for configuring alerts or changing policies?
Question 10 of 20
To set up a Microsoft Entra Verified ID, you need permission from the Authentication Policy Administrator to set up the directory. What additional requirements are required to set up Microsoft Entra Verified ID?
Question 11 of 20
When risk policies are triggered in Azure AD Identity Protection, which statement accurately reflects the role of multifactor authentication (MFA) in the user remediation process?
Question 12 of 20
Nick is setting up multi-factor authentication for Azure AD. He has already configured a password and security questions for sign-in. He wants to add a retinal scan because this is for a C-suite user group. What type of authentication method does a retinal scan represent?
Question 13 of 20
Which passwordless authentication in Azure AD enables users to use biometric and PIN credentials linked to their PCs, preventing anyone other than the system’s owner from logging into the system?
Question 14 of 20
A financial security company stores a substantial amount of sensitive data on its Azure Active Directory (Azure AD) instance. They want a strong authentication system that doesn’t use passwords. Which authentication type uses a hardware device to handle authentication using a security key?
Question 15 of 20
An application is granted the user.readwrite.all delegated permissions linked to a signed-in user. Why is it limited to only editing the user profile of the signed-in person?
Question 16 of 20
How does Azure AD provide real-time identity protection to all tenant accounts?
Question 17 of 20
When an app in Azure AD requests delegated permissions via an OAuth 2.0 authorization request, which of the following statements accurately describes what happens? (Choose two).
Question 18 of 20
ABC company wants its suppliers to access resources on their Azure AD instances. However, the company’s API has the potential to access a large amount of data at one time for a client. Which Azure API management tools can limit the rate at which a single client can request data from the resources?
Question 19 of 20
You are connecting an application for single sign-on via SAML. Which of the following is NOT included in the service principal object?
Question 20 of 20
You’re configuring an Azure role for Role-Based Access Control (RBAC). Which of the following pages allows you to access specific Azure resources in this role?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Current
Correct
Incorrect
