az-500 questions part III Flashcards
You have a virtual network named demonetwork defined as part of your subscription. The network contains a subnet and a service endpoint. The virtual network contains an Azure virtual machine named demovmA. The virtual machine runs Ubuntu Server 18.04. You are going to deploy docker contains the virtual machine. You need to allow the docker contains to access Azure storage and Azure SQL databases by using the service endpoint. Which of the following would you need to implement for this requirement?
The container network interface plug-in allows docker containers to get an IP address from the underlying subnet in the virtual network. The containers can then use the endpoint to access the Azure based resources.
what is the right sequence for enable soft delete and enable purge protection
first enable soft delete and than enable purge protection
A company has an Azure AD tenant. The company is going to deploy an application that is going to run as a service on an Azure virtual machine. The Azure virtual machine will be running Windows Server 2016. The application will need to authenticate to the Azure AD directory and be able to use Microsoft Graph to read directory data.
You need to ensure the minimum permissions are assigned to the application.
Which of the following would you implement for this requirement? Choose 3 answers from the options given below
You first need to create an application registration.
Then you need to add the application permission
And then finally grant the required permissions.
workspaceID and workspace KEY
workspaceID and workspace KEY
Which of the following users can upload images to the repository?
Users who have the “AcrPush” and “Contributor” role will be able to push images to the registry
You have an application deployed to the Azure Web App service.
You upload a certificate to the web application
You have to ensure that the web application can access the certificate.
You have to configure an application setting that would allow the application to access the certificate.
Which of the following users can modify the access permissions of the resource group?
Only the Owner role can modify the access permissions of the resource group
You have a web application named productionapp. You want to protect the web application by using a web application firewall policy. Which of the following would you need to create first?
With Azure Front Door, you can also use the Web Application Firewall feature.
You need to disable HTTP application routing. You need to implement application routing that would provide reverse proxy and TLS termination for the cluster using a single IP address. Which of the following would you implement for this requirement?
An ingress controller is a piece of software that provides reverse proxy, configurable traffic routing, and TLS termination for Kubernetes services. Kubernetes ingress resources are used to configure the ingress rules and routes for individual Kubernetes services. Using an ingress controller and ingress rules, a single IP address can be used to route traffic to multiple services in a Kubernetes cluster.
You plan to use Azure Sentinel to create an analytic rule that will detect suspicious threats and automate responses.
Which components are required for the rule to detect suspicious threats?
You need to write a Kusto language query to detect the threat.
backup secrets?
The backups of Secrets will be encrypted to Azure Key Vault and can only be restored in Azure Key Vault within the same Subscription.
