az-500 first set

Question 1

You have an existing AD Connect implementation. You have to prevent users from a certain department to be synchronized to AAD. What tool do you use?

Answer 1

Synchronization Rule Editor on Azure Connect

Question 2

What format is an OpenID Connect token

Answer 2

JWT

Question 3

Which two of the following are objects you can configure to apply AAD PIM to

Answer 3

AAD Roles and Resources

Question 4

What type of column encryption: SQL Server can use the encrypted columns in joins and lookups:

Answer 4

Determetistic

Question 5

What type of column encryption: Not suitable for columns containing boolean data

Answer 5

Determetistic

Question 6

You create a new Azure Key Vault and want to ensure that malicious permanent deletions of key vault items can be recovered for 90 days. What at a minimum would you have to enable on the Key Vault?

Answer 6

Soft-delete and purge protection

Question 7

Which option would you choose to adjust the log data retention settings for this Azure Log Analytics Workspace?

Answer 7

Usage and estimation costs

Question 8

Which of the following are default rules created with a network security group?

Answer 8

Denyallinbound

Question 9

What 2 elements are digital identity?

Answer 9

Credentials + Privileges

Question 10

Wat licensing is needed for PIM

Answer 10

Azure AD Premium P2

Question 11

What is first role assignment in PIM

Answer 11

Security Administrator and Privileged Role Administrator

Question 12

Give examples of secrets mgt in AKV

Answer 12

Tokens, psw, certificants, API keys, SLL/TLS mgt

Question 13

Give examples of key mgt in AKV

Answer 13

Encryption keys, integration with App Services

Question 14

Give examples what you can do in management plane in AKV

Answer 14

Create and delete vaults, authentication, authorization

Question 15

Give examples what you can do in data plane in AKV

Answer 15

manage key/certificates key vault access policies WITHIN the key vualt