AZ-500 Exam Question 46

You have an Azure subscription that contains an Azure key vault and an Azure SQL database named SQL1.
You generate a key named Key1.
You need to enable Transparent Data Encryption (TDE) for SQL1 by using Key1.
Which two settings should you modify for Key1? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

AZ-500 Exam Question 47

Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.
The company develops an application named App1. App1 is registered in Azure AD.
You need to ensure that App1 can access secrets in Azure Key Vault on behalf of the application users.
What should you configure?
  • AZ-500 Exam Question 48

    You have a Microsoft Entra tenant that contains the users shown in the following table.

    You configure a Conditional Access policy that has the following settings:
    * Name: CAPolicy1
    * Assignments
    o Users or workload identities: Group1
    o Target resources: All cloud apps
    * Access controls
    o Grant access: Require multifactor authentication
    From Microsoft Authenticator settings for the tenant, the Enable and Target settings are configured as shown in the Enable and Target exhibit. (Click the Enable and Target tab.)

    From Microsoft Authenticator settings for the tenant, the Configure settings are configured as shown in the Configure exhibit. (Click the Configure tab.)

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.
    NOTE: Each correct selection is worth one point.

    AZ-500 Exam Question 49

    You have an Azure subscription that uses Microsoft Defender.
    You enable the CIS Microsoft Azure Foundations Benchmark v2.0.0 built-in to the subscription.
    You need to ensure that when users attempt to assign custom role-based access control (RBAC) roles, they receive a custom error message that includes a link to an internal website. The solution must minimize the impact on other policies.
    What should you configure?
  • AZ-500 Exam Question 50

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
    You have a hybrid configuration of Azure Active Directory (AzureAD).
    You have an Azure HDInsight cluster on a virtual network.
    You plan to allow users to authenticate to the cluster by using their on-premises Active Directory credentials.
    You need to configure the environment to support the planned authentication.
    Solution: You deploy the On-premises data gateway to the on-premises network.
    Does this meet the goal?