Free AZ-500 Practice Questions with Detailed Explanations (25 Questions)

The AZ-500 (Microsoft Azure Security Technologies) is the primary security certification for Azure professionals. It covers the full Azure security stack: identity hardening with Microsoft Entra ID and PIM, network security with Azure Firewall and Private Endpoints, resource-level security for VMs, storage, and databases, and operational security via Microsoft Defender for Cloud and Microsoft Sentinel.

These 25 questions mirror the real exam's scenario-based format. Each question presents a multi-constraint security scenario — you must identify which specific Azure security feature or configuration satisfies ALL stated requirements. The exam rarely tests simple recall; it tests whether you can apply the right security control in context.

What You'll Get:

✓25 scenario-based security questions across all 4 AZ-500 domains
✓Real exam difficulty — PIM, KQL, encryption distinctions, and CA policy logic
✓Detailed explanations covering why each option is right or wrong
✓Key concept summaries to reinforce the most-tested AZ-500 topics

What These Questions Cover

Identity & Access

PIM, Conditional Access, RBAC, Managed Identities

Network Security

Firewall, NSG, Private Endpoints, JIT, WAF

Compute / Storage / DB

Key Vault, encryption, SQL security, AKS

Defender & Sentinel

Secure Score, analytics rules, KQL, SOAR

📝 Practice Test Instructions

• Each question has ONE best answer — choose the option that satisfies ALL stated requirements
• AZ-500 scenarios often have two plausible answers that differ in one critical way — read carefully
• Note your answers before scrolling to the answer key
• Aim to complete all 25 questions in 30 minutes (real exam: 150 minutes for 40–60 questions)

🔐

Identity & Access Security

Questions 1–6

Privileged Identity Management (PIM)

Your organization requires that the Global Administrator role can only be used temporarily when needed, and must be approved by a second administrator before activation. The role must automatically expire after 4 hours. All activation attempts must be logged for compliance auditing.

Which PIM configuration satisfies ALL these requirements?

A)Configure the Global Administrator role as an eligible assignment with: approval required (designated approver), maximum activation duration of 4 hours, and activation notifications enabled

B)Configure the Global Administrator role as a permanent active assignment with an expiration date

C)Use Azure RBAC to assign Global Administrator with a conditional time-based access policy

D)Create a Conditional Access policy that limits Global Administrator sessions to 4 hours

Conditional Access — Risk-Based Policy

You need to enforce that any sign-in from an anonymous IP address (Tor network) is immediately blocked for all users, including administrators. Sign-ins from compliant managed devices in your corporate office must not be impacted. The policy must apply without requiring IT to update IP address lists manually.

Which Conditional Access configuration achieves this?

A)Create a Named Location for the corporate IP range and block sign-ins from that location

B)Enable Microsoft Entra Identity Protection sign-in risk policy to block high-risk sign-ins

C)Create a Conditional Access policy targeting All Users, with Sign-in risk condition set to High, Grant: Block access

D)Create a Conditional Access policy targeting All Users, with Sign-in risk condition set to High and the Anonymous IP address risk detection specifically, Grant: Block access — exclude Compliant device condition

RBAC Deny Assignments

A resource group contains a storage account. A deny assignment has been configured on the resource group that denies the Microsoft.Storage/storageAccounts/delete action for all principals. A user has been assigned the Owner role at the subscription level. The user attempts to delete the storage account.

What is the outcome?

A)The deletion succeeds because Owner at the subscription level overrides any deny assignment on a child resource group

B)The deletion succeeds because deny assignments only apply to groups, not individual users with Owner role

C)The deletion fails because deny assignments override role assignments, regardless of scope — even Owner cannot bypass an explicit deny

D)The deletion succeeds because the subscription-level Owner role has broader scope than the resource group deny assignment

Managed Identity Selection

You have three Azure Functions in different resource groups that all need to read secrets from the same Azure Key Vault. You want to avoid storing any credentials. If any one of the Functions is deleted and re-created, the other two Functions must continue to work without reconfiguration.

Which managed identity type is most appropriate?

A)System-Assigned Managed Identity on each Azure Function, with Key Vault Secrets User role granted to each identity

B)User-Assigned Managed Identity shared across all three Azure Functions, with Key Vault Secrets User role granted to the shared identity

C)System-Assigned Managed Identity on each Function with Key Vault access policies per function

D)A single service principal with a client secret stored in environment variables of each Function

Identity Protection — Risk Remediation

Microsoft Entra Identity Protection has flagged a user account as high user risk due to leaked credentials found in a third-party breach. The security team wants the user to self-remediate by being required to change their password at next sign-in, without an administrator resetting it manually. MFA is already enabled for all users.

Which Identity Protection configuration enables self-remediation for high-risk users?

A)Configure a User risk policy targeting High risk, Grant: Require password change — this forces a secure password change after MFA verification

B)Configure a Sign-in risk policy that requires MFA for high-risk sign-ins

C)Manually block the user account and send a password reset link via email

D)Configure a Conditional Access policy to block the user until risk is dismissed by an administrator

App Registration Permissions

A backend service needs to read all users' calendar data from Microsoft Graph without any user being signed in — it runs as a background job on a schedule. A web application also needs to read the signed-in user's calendar, only while the user is actively using the app.

Which permission type should each application use?

A)Both should use Delegated permissions

B)Both should use Application permissions with admin consent

C)Background service: Delegated permissions with service account. Web application: Application permissions

D)Background service: Application permissions (no user sign-in required). Web application: Delegated permissions (acts on behalf of signed-in user)

🌐

Secure Networking

Questions 7–12

Azure Firewall Rule Evaluation Order

Your Azure Firewall has three rule collections: (1) A DNAT rule collection that forwards TCP port 443 from a public IP to an internal web server. (2) A Network rule collection that allows HTTPS traffic from 10.0.0.0/8 to all destinations. (3) An Application rule collection that allows access to *.microsoft.com for 10.0.0.0/8. A packet arrives from the internet matching the DNAT rule AND also matches the network allow rule.

In which order does Azure Firewall evaluate rule collection types, and which rule processes the inbound internet packet?

A)Application → Network → DNAT; the Application rule processes it first

B)Network → DNAT → Application; the Network rule processes it first

C)DNAT → Network → Application; the DNAT rule processes and translates the packet — network and application rules are then applied to the translated (post-DNAT) traffic

D)All rule types are evaluated simultaneously; the highest-priority rule wins regardless of type

Private Endpoint vs Service Endpoint

A critical Azure SQL Database must be accessible from an on-premises network connected via ExpressRoute. All traffic must remain on the Microsoft backbone — no public internet routing. The database's public endpoint must be disabled entirely. Traffic from the VNet to the database must be routable from on-premises without additional configuration per on-premises subnet.

Which connectivity option meets ALL requirements?

A)Service Endpoint — extends VNet identity to the SQL Database and removes the need for a public endpoint

B)Private Endpoint — creates a private IP in the VNet that routes via Microsoft backbone, allows public endpoint disablement, and is reachable from on-premises via ExpressRoute with DNS configuration

C)Service Endpoint — is reachable from on-premises via ExpressRoute without DNS changes

D)VNet peering to a hub VNet that contains the SQL Database

NSG Effective Security Rules

A VM's NIC is in subnet-A and has no NSG attached directly to the NIC. Subnet-A has an NSG with an inbound rule: Priority 100, Allow TCP port 443 from Internet. The same NSG has: Priority 200, Deny All inbound. A second NSG is attached to the VNet (at the VNet level). A user cannot reach the VM on port 80. No NSG rules explicitly reference port 80.

Why is port 80 blocked?

A)The Priority 200 Deny All rule in subnet-A's NSG implicitly blocks port 80 because there is no explicit allow rule for it

B)Azure blocks all traffic by default at the VNet level regardless of NSG rules

C)The Allow rule at Priority 100 only allows port 443, and the default DenyAllInbound rule (priority 65500) blocks all other traffic including port 80

D)Port 80 requires a separate Azure Load Balancer rule to pass through NSG evaluation

Just-In-Time VM Access

Your organization has strict security requirements: (1) RDP and SSH access to production VMs must be disabled by default. (2) When an administrator needs access, it must be approved, time-limited (maximum 3 hours), and restricted to their specific IP address. (3) All access requests must be logged. (4) The VMs must remain behind NSGs.

Which Azure feature is specifically designed for this use case?

A)Azure Bastion — provides browser-based RDP/SSH without requiring NSG changes

B)Azure VPN Gateway — restricts access to VPN-connected clients only

C)Azure Firewall DNAT rules — translates public port to internal RDP with time-based ACLs

D)Microsoft Defender for Cloud Just-In-Time (JIT) VM Access — disables RDP/SSH by default via NSG rules, enables time-limited access on request with IP restriction and activity logging

Azure Bastion SKUs

Your security team needs to: (1) Connect to VMs via browser-based RDP and SSH without public IP addresses on VMs. (2) Record and audit all VM sessions for compliance. (3) Allow external contractors to connect using a shareable link without requiring them to have an Azure AD account. (4) Support native client (mstsc.exe) connections.

Which Azure Bastion SKU supports ALL four requirements?

A)Basic SKU — provides browser-based RDP/SSH access

B)Standard SKU — adds session recording, native client support, IP-based connection, and shareable links

C)Basic SKU with host scaling enabled

D)Developer SKU — optimized for development environments

WAF Mode — Detection vs Prevention

You have just deployed Azure Application Gateway with WAF and applied the OWASP 3.2 rule set. You want to begin monitoring which WAF rules would have triggered against your current production traffic, without actually blocking any legitimate user requests. After 2 weeks of data analysis, you plan to switch to active blocking.

Which WAF configuration supports this phased approach?

A)Configure WAF in Detection mode initially — logs all rule matches to Azure Monitor/Log Analytics without blocking traffic. After analysis and exclusion tuning, switch to Prevention mode

B)Configure WAF in Prevention mode from day one — WAF false positives are minimal with the default rule set

C)Configure WAF in Prevention mode with all rules disabled, then enable rules one at a time

D)Use Azure Front Door WAF in Detection mode and Application Gateway WAF in Prevention mode simultaneously

🔒

Secure Compute, Storage & Databases

Questions 13–19

Key Vault Access Model

You have an Azure Key Vault with 50 secrets used by multiple applications. The security team wants to: (1) Grant each application access only to the specific secrets it needs (not all secrets). (2) Audit every secret read event. (3) Ensure that access is granted following the principle of least privilege. (4) Revoke access for a decommissioned application without affecting other applications.

Which Key Vault access model enables secret-level granular permissions?

A)Key Vault access policies — grant each application a specific set of secret operations on the entire vault

B)Key Vault access policies with resource tags to filter which secrets each policy applies to

C)Azure RBAC for Key Vault — assign the Key Vault Secrets User role scoped to individual secret resources (e.g., /subscriptions/.../secrets/secret-name) per application managed identity

D)Create a separate Key Vault per application so each vault contains only that application's secrets

SQL Encryption — TDE vs Always Encrypted vs DDM

A healthcare company stores patient records in Azure SQL Database. Requirements: (1) Database administrators must never be able to read patient medical history in plaintext — even with full DBA access. (2) The application must be able to query records by patient ID (equality lookup). (3) The solution must not require significant application code changes beyond driver configuration.

Which SQL Database security feature satisfies requirement 1 (DBAs cannot read data) while allowing equality queries?

A)Transparent Data Encryption (TDE) — encrypts the database files at rest, preventing DBAs from reading raw data files

B)Dynamic Data Masking (DDM) — masks the medical history column in query results for non-privileged users

C)Azure SQL row-level security — restricts rows accessible per user, preventing DBAs from querying patient data

D)Always Encrypted with Deterministic encryption — client-side encryption where DBAs only see ciphertext, while the application can perform equality lookups using a column encryption key stored outside the database

Always Encrypted — Deterministic vs Randomized

Your application uses Always Encrypted on an Azure SQL Database. Column A stores Social Security Numbers (SSN) — the app needs to search by exact SSN match (WHERE SSN = @value). Column B stores medical notes — the app never queries or filters on this column, only stores and retrieves the full value.

Which encryption type should be used for each column?

A)Column A: Randomized. Column B: Deterministic

B)Column A: Deterministic (supports equality queries). Column B: Randomized (stronger security for data that is never searched/filtered)

C)Both columns: Deterministic encryption — most secure option for all data types

D)Both columns: Randomized encryption — supports both queries and non-queries

Disk Encryption — ADE vs SSE with CMK

A company has two requirements for Azure VM disks: (1) For finance VMs: disk encryption must use a customer-managed key stored in their own Azure Key Vault — the company must control key rotation and be able to revoke access. The encrypted disks must be readable by anyone with VM access. (2) For compliance VMs: encryption must extend inside the OS (BitLocker/DM-Crypt) so the disk image itself is encrypted even if extracted from Azure.

Which encryption approach should be used for each requirement?

A)Finance VMs: Server-Side Encryption (SSE) with customer-managed key in Azure Key Vault. Compliance VMs: Azure Disk Encryption (ADE) using BitLocker/DM-Crypt inside the OS

B)Finance VMs: Azure Disk Encryption (ADE). Compliance VMs: Server-Side Encryption (SSE) with customer-managed key

C)Both: Azure Disk Encryption (ADE) with a Key Vault — no distinction needed

D)Finance VMs: Platform-managed key (PMK). Compliance VMs: Customer-managed key (CMK)

Storage Account Security — SAS Tokens

An Azure storage account hosts blob files. You need to grant a third-party vendor read-only access to blobs in a specific container for the next 7 days. The access must be revocable before expiry if the vendor relationship ends early. You cannot create an Entra ID account for the vendor.

Which SAS token type supports revocation before the expiry date?

A)Account SAS — grants access at the account level and can be revoked by rotating the storage account key

B)Service SAS signed with the storage account key — access is valid until the SAS expiry date and cannot be revoked without rotating the account key (which breaks all SAS tokens signed with it)

C)There is no SAS token type that supports early revocation without disrupting other access

D)User Delegation SAS — signed with an Entra ID user credential and tied to a Stored Access Policy that can be deleted to immediately revoke the SAS without impacting other tokens

AKS Security — Workload Identity

An application running in Azure Kubernetes Service (AKS) needs to read secrets from Azure Key Vault. The security team forbids storing any credentials (service principal secrets, certificates) in Kubernetes secrets or environment variables. The solution must support pod-level identity — different pods should use different identities with different Key Vault access.

Which AKS identity approach meets these requirements without stored credentials?

A)Create a shared service principal and store its client secret in a Kubernetes secret mounted as a volume

B)Use a single User-Assigned Managed Identity assigned to the AKS node pool — all pods on that node share the same identity

C)Use AKS Workload Identity — federates pod service accounts with Azure Managed Identities using OIDC. Each pod gets its own managed identity with distinct Key Vault RBAC roles — no stored credentials

D)Use AAD Pod Identity (deprecated) with pod identity bindings per namespace

Defender for Servers Plans

Your organization wants to enable Microsoft Defender for Servers on production VMs. Requirements: (1) Agentless scanning for OS vulnerabilities and malware without installing agents. (2) Adaptive application controls to identify unusual process execution. (3) File Integrity Monitoring (FIM). (4) Just-In-Time VM access. Which Defender for Servers plan provides ALL four capabilities?

Which plan is required?

A)Defender for Servers Plan 1 — includes all listed features at lower cost

B)Defender for Servers Plan 2 — includes agentless scanning, adaptive application controls, File Integrity Monitoring, and JIT VM access; Plan 1 provides only JIT and Defender for Endpoint integration

C)Microsoft Defender for Cloud free tier — security recommendations without paid plans

D)Defender for Endpoint P2 standalone — covers all server security features without Defender for Servers

🛡️

Defender for Cloud & Microsoft Sentinel

Questions 20–25

Defender for Cloud — Secure Score

Your Defender for Cloud Secure Score is 45/100. The recommendations panel shows 3 items: (1) "Enable MFA for accounts with Owner permissions" — affects 15% of your score. (2) "Remediate vulnerabilities in container images" — affects 8%. (3) "Encrypt data in transit" — affects 3%. The security team can act on only ONE recommendation this sprint.

Which recommendation should be prioritized to achieve the largest single Secure Score improvement?

A)"Enable MFA for accounts with Owner permissions" — affects 15% of the score, the largest single improvement available

B)"Remediate vulnerabilities in container images" — container security is the highest-risk area

C)"Encrypt data in transit" — fastest to implement and demonstrates quick wins

D)All three should be done simultaneously — partial completion of recommendations does not improve Secure Score

Sentinel Analytics Rule Types

Your SOC team needs to configure Microsoft Sentinel analytics rules for the following scenarios: (1) Alert when a user logs in from two geographically impossible locations within 1 hour — requires correlating multiple sign-in events. (2) Alert within seconds when a specific high-severity event ID appears in Windows Security logs. (3) Detect anomalous patterns in user behavior that deviate from their established baseline over 14 days.

Which analytics rule type should be used for each scenario?

A)All three: Scheduled Query rules with different query intervals

B)Scenario 1: NRT rule. Scenario 2: Anomaly rule. Scenario 3: Scheduled Query

C)Scenario 1: Fusion rule. Scenario 2: Scheduled Query. Scenario 3: Microsoft Security incident creation rule

D)Scenario 1: Scheduled Query (correlates events over time with KQL). Scenario 2: Near-Real-Time (NRT) rule (seconds-level detection). Scenario 3: Anomaly rule (uses ML-based baseline deviation detection)

KQL Query Interpretation

Your SOC team is reviewing the following Sentinel hunting query: SigninLogs | where TimeGenerated > ago(7d) | where ResultType != "0" | summarize FailedAttempts = count(), IPAddresses = make_set(IPAddress) by UserPrincipalName | where FailedAttempts > 10 | sort by FailedAttempts desc

What does this KQL query detect?

A)Users who signed in successfully from more than 10 different IP addresses in the past 7 days

B)IP addresses that attempted to sign in to more than 10 different user accounts in the past 7 days

C)Users with more than 10 failed sign-in attempts in the past 7 days, showing all source IP addresses used, sorted by most failures first

D)All sign-in events from the past 7 days, filtered to show only the top 10 highest-risk users

Sentinel Automation — Playbooks vs Automation Rules

Your Sentinel workspace receives 500+ incidents per day. You need to: (1) For ALL P3 (low) severity incidents: automatically change the status to "Closed" with closing classification "Benign Positive" and add a tag "Auto-Closed" — no Logic App execution needed. (2) For ALL P1 (high) severity incidents involving a specific entity type: trigger an Azure Logic App that sends a Teams message to the SOC channel and blocks the IP in Azure Firewall.

Which Sentinel automation approach should be used for each requirement?

A)Requirement 1: Automation Rule (can close incidents, change severity, add tags without Logic Apps). Requirement 2: Automation Rule that triggers a Playbook (Logic App) for complex multi-step responses

B)Both requirements: Playbooks (Logic Apps) — Sentinel automation always requires Logic Apps

C)Requirement 1: Scheduled Analytics Rule. Requirement 2: Automation Rule

D)Both requirements: Automation Rules — Logic Apps are not integrated with Sentinel automation

Defender for Cloud Plans — Scope

Your Azure environment includes: (1) 50 Azure VMs running web applications. (2) 10 Azure SQL Databases. (3) 5 Azure Storage accounts containing sensitive customer data. (4) An AKS cluster with 20 containerized microservices. You want Microsoft Defender for Cloud to provide threat detection, vulnerability assessment, and advanced threat protection for each workload type.

Which combination of Defender for Cloud plans covers ALL four workload types?

A)Enable Defender for Cloud Enhanced Security Features (single toggle) — covers all workloads automatically

B)Defender for Servers Plan 2 — covers all Azure workloads including SQL, storage, and containers

C)Enable separately: Defender for Servers Plan 2 (VMs), Defender for Azure SQL (databases), Defender for Storage (storage accounts), and Defender for Containers (AKS) — each plan is workload-specific

D)Microsoft Sentinel with all data connectors enabled — Sentinel replaces the need for individual Defender plans

Sentinel UEBA — Entity Behavior Analytics

An Azure AD administrator account has been behaving unusually: logging in at 3 AM (normally works 9–5), accessing 200 files in SharePoint within 10 minutes (normally accesses 5–10 files per day), and downloading data to an external device. No specific rule has triggered, but the behavior is anomalous compared to the user's baseline.

Which Microsoft Sentinel feature is specifically designed to detect this type of behavioral anomaly without pre-written detection rules?

A)Microsoft Sentinel Fusion rules — correlate low-fidelity alerts from multiple sources into high-fidelity incidents

B)Microsoft Sentinel UEBA (User and Entity Behavior Analytics) — builds behavioral baselines per user/entity using ML, then scores deviations and surfaces anomalous activities as investigation insights or anomaly alerts

C)Microsoft Sentinel Scheduled Query rules — custom KQL queries that run on a schedule to detect specific patterns

D)Microsoft Defender for Identity — on-premises identity threat detection for Active Directory environments

✋ Stop Here Before Scrolling!

Have you answered all 25 questions? Complete the test before checking the answers below.

Pro tip: AZ-500 questions often have two very similar answers — look for the one that satisfies EVERY requirement, not just most of them

📝 Answer Key with Detailed Explanations

Review each explanation carefully — even for questions you got right

Quick Answer Reference

Q10

Q11

Q12

Q13

Q14

Q15

Q16

Q17

Q18

Q19

Q20

Q21

Q22

Q23

Q24

Q25

Question 1: Privileged Identity Management (PIM)

✓ Correct Answer: A) Eligible assignment with approval, 4-hour duration, notifications

Why this is correct:

PIM eligible assignments require users to activate the role on demand. The role settings for Global Administrator can be configured to: require approval from a designated approver before activation, set a maximum activation duration (e.g., 4 hours) after which the role automatically deactivates, and send email notifications on activation. All activation events are logged in the PIM audit log automatically.

Why other answers are incorrect:

B: Permanent active assignments are always active — they defeat the purpose of just-enough-access. An expiration date ends the assignment permanently, not each activation session.

C: Azure RBAC does not have time-limited session activation — time-based RBAC is handled by PIM, not RBAC conditions alone.

D: Conditional Access controls session lifetime for authentication but does not control activation and deactivation of privileged role assignments.

💡 Key Concept:

PIM eligible vs active: Eligible = user must activate on demand (must pass MFA/approval/justification). Active = role is always assigned. Key settings per role: require MFA on activation, require justification, require approval, maximum activation duration (1–24 hours). All activations are audited.

Question 2: Conditional Access — Risk-Based Policy

✓ Correct Answer: D) CA policy blocking High risk + Anonymous IP, excluding Compliant device

Why this is correct:

Combining the sign-in risk condition (High, which includes anonymous IP addresses) with a Compliant device exclusion ensures corporate office users on managed devices are not impacted. The sign-in risk condition uses Identity Protection's real-time signals — no manual IP list maintenance required. The exclusion for compliant devices means fully managed corporate endpoints bypass the block even if they trigger a high-risk signal.

Why other answers are incorrect:

A: Named Locations require manually maintaining IP address ranges — anonymous IPs (Tor) rotate constantly and cannot be manually listed.

B: Identity Protection sign-in risk policy is simpler but lacks the granularity of Conditional Access (e.g., device exclusions). Conditional Access gives more control.

C: Option C is close but missing the compliant device exclusion — this would block corporate office users who also happen to trigger a risk signal.

💡 Key Concept:

Conditional Access policy evaluation: ALL matching conditions must be true for the policy to apply. Exclusions remove specific users/groups/devices from the policy scope. Multiple CA policies can match — each applies independently, and the most restrictive result wins (Block beats any Grant control).

Question 3: RBAC Deny Assignments

✓ Correct Answer: C) Deletion fails — deny assignments override all role assignments at any scope

Why this is correct:

Azure RBAC deny assignments explicitly deny specified actions regardless of any role assignments that would otherwise allow them. A deny assignment at ANY scope (including a child resource group) overrides a role assignment at a broader scope (including subscription-level Owner). There is no RBAC role — not even Owner or Global Administrator — that can bypass an active deny assignment. The user cannot delete the storage account.

Why other answers are incorrect:

A: This is a common misconception — broader scope role assignments do NOT override narrower scope deny assignments.

B: Deny assignments apply to all principals, including individual users — there is no Owner exemption.

D: Scope hierarchy for role assignments (subscription > resource group > resource) does NOT apply to deny assignment overrides. Deny always wins.

💡 Key Concept:

Deny assignment rules: Deny overrides allow at ANY scope. Cannot be created by users — only Azure and blueprint assignments create them. Can be applied to groups, users, or all principals (with specific exclusions). To remove a deny assignment, the artifact that created it (e.g., a Blueprint assignment) must be removed.

Question 4: Managed Identity Selection

✓ Correct Answer: B) User-Assigned Managed Identity shared across all three Functions

Why this is correct:

User-Assigned Managed Identities are standalone Azure resources — their lifecycle is independent of any specific compute resource. If a Function is deleted and recreated, it simply needs to be reassigned the same User-Assigned Managed Identity. The Key Vault RBAC role assignment stays on the identity, not the Function. All three Functions share the same identity and the same Key Vault access without any reconfiguration.

Why other answers are incorrect:

A: System-Assigned Managed Identities are tied to the resource lifecycle — when the Function is deleted, its system-assigned identity is deleted. The new Function gets a new identity that must be re-granted Key Vault access.

C: Same problem as A — system-assigned identity is deleted with the Function.

D: Storing credentials in environment variables is exactly what managed identities are designed to replace.

💡 Key Concept:

System-Assigned MI: created and deleted with the resource, 1:1 relationship. User-Assigned MI: standalone resource, assigned to 1+ resources, survives resource recreation. Use User-Assigned when: multiple resources share the same identity, you need identity continuity across resource recreation, or for pre-authorizing before resource creation.

Question 5: Identity Protection — Risk Remediation

✓ Correct Answer: A) User risk policy targeting High risk with Require password change

Why this is correct:

The User risk policy in Identity Protection allows configuring self-remediation: when a user is flagged as high risk, they are prompted to complete MFA and then required to change their password. This is a self-service flow — no administrator manual intervention required. The user's risk level is automatically cleared after successful password change. This is specifically the self-remediation pathway Identity Protection is designed for.

Why other answers are incorrect:

B: A sign-in risk policy requires MFA for high-risk sign-ins but does not force a password change — it does not remediate the compromised credential that caused the high user risk.

C: Manual blocking requires administrator action — not self-service remediation.

D: Blocking without self-remediation path requires an admin to unblock the account — defeats the self-service requirement.

💡 Key Concept:

Identity Protection risk policies: Sign-in risk policy = responds to risky sign-in events (require MFA or block). User risk policy = responds to compromised user accounts (require password change or block). Self-remediation: user MFA + password change clears user risk automatically. Manual remediation: admin dismisses risk in portal.

Question 6: App Registration Permissions

✓ Correct Answer: D) Background service: Application permissions. Web app: Delegated permissions

Why this is correct:

Application permissions allow an app to call Microsoft Graph as itself (no user context) — perfect for background services and daemons. Admin consent is required once. Delegated permissions allow an app to call Graph on behalf of a signed-in user — the app's access is limited to what the user is also allowed to access. The web app acts on behalf of the current user, so delegated is correct.

Why other answers are incorrect:

A: Delegated permissions require a signed-in user — a background job with no user session cannot use delegated permissions.

B: Using a service account with delegated permissions is an anti-pattern — the service account's credentials must be stored securely, and it bypasses the user consent model.

C: Application permissions for the web app would give it access to ALL users' calendars, not just the signed-in user's — violates least privilege.

💡 Key Concept:

Permission types: Delegated = app acts on behalf of user (user + app must have permission). Application = app acts as itself (app permission only, requires admin consent). Application permissions for tenant-wide data access (multi-user data). Delegated for user-specific data access. Never use a service account to simulate user delegated permissions.

Question 7: Azure Firewall Rule Evaluation Order

✓ Correct Answer: C) DNAT → Network → Application; DNAT processes the inbound internet packet

Why this is correct:

Azure Firewall evaluates rule types in strict order: DNAT rules are checked first. If a DNAT rule matches, the packet is translated and forwarded. Network rules are then evaluated for the translated traffic. Application rules are evaluated last. For inbound internet traffic matching a DNAT rule, the DNAT rule processes it — translating the destination IP/port. The translated traffic then traverses Network and Application rules before reaching the internal destination.

Why other answers are incorrect:

A: Application rules are evaluated LAST, not first. The order is DNAT → Network → Application.

B: Network rules are evaluated second (after DNAT), not first.

D: Azure Firewall has a strict sequential evaluation order — rules are NOT evaluated simultaneously. Rule collection priorities within each type determine which specific rule matches within that type.

💡 Key Concept:

Azure Firewall rule evaluation: DNAT (translate inbound) → Network (IP/port/protocol) → Application (FQDN/HTTP/HTTPS). Within each type, rule collection priority (lower number = higher priority) determines evaluation order. DNAT rules automatically create a corresponding network allow rule for the translated traffic. No explicit network rule needed for DNAT traffic.

Question 8: Private Endpoint vs Service Endpoint

✓ Correct Answer: B) Private Endpoint — private IP, public endpoint disable, reachable from on-premises

Why this is correct:

Private Endpoints create a network interface with a private IP address in your VNet. Traffic to the SQL Database uses this private IP via the Azure backbone — never the public internet. Public endpoint access can be explicitly disabled on the SQL Server. Traffic from on-premises reaches the private endpoint via ExpressRoute using the private IP, with private DNS zone configuration for name resolution. Service Endpoints do NOT disable the public endpoint and are NOT routable from on-premises via ExpressRoute.

Why other answers are incorrect:

A: Service Endpoints extend VNet identity to the PaaS service but the public endpoint remains active (just restricted to VNet traffic). Traffic from on-premises via ExpressRoute cannot use Service Endpoints unless specifically configured with VNet service endpoint policies per subnet.

C: Service Endpoints are NOT reachable from on-premises without additional Private Endpoint workarounds.

D: VNet peering doesn't apply here — the SQL Database is a PaaS service, not in a VNet.

💡 Key Concept:

Private Endpoint vs Service Endpoint: Private Endpoint = private IP in VNet, fully private (public endpoint can be disabled), on-premises accessible, DNS required. Service Endpoint = keeps public endpoint but restricts to selected VNets, NOT accessible from on-premises via ExpressRoute, no DNS changes. For compliance requiring fully private access: always Private Endpoint.

Question 9: NSG Effective Security Rules

✓ Correct Answer: C) Default DenyAllInbound rule (priority 65500) blocks port 80

Why this is correct:

Every NSG has a default inbound rule "DenyAllInBound" at priority 65500. This implicit deny rule blocks all traffic not explicitly allowed by higher-priority rules. The subnet NSG has an Allow rule for port 443 (priority 100) and an explicit Deny All (priority 200). Port 80 has no allow rule. Because the explicit Deny All (priority 200) runs before the default Deny All (65500), both would block port 80 — but the explicit rule at 200 hits first. Either way, port 80 is blocked by the first matching deny rule.

Why other answers are incorrect:

A: Partially correct in effect but imprecise — the explicit Deny All at priority 200 runs before the default deny at 65500, but both block port 80.

B: NSG rules are evaluated independently per NSG — there is no VNet-level blocking separate from NSG rules. VNets apply NSGs at subnet and NIC levels.

D: Load Balancer rules do not interact with NSG evaluation — NSGs and Load Balancers are independent.

💡 Key Concept:

NSG rule evaluation: Rules evaluated by priority (lowest number first). First matching rule wins — evaluation stops. Allow 100 (port 443) → Deny All 200 → Default Deny All 65500. Port 80 hits no allow rule before the Deny All at priority 200. Remember: default rules exist at 65000 (AllowVNetInBound, AllowAzureLoadBalancerInBound) and 65500 (DenyAllInBound).

Question 10: Just-In-Time VM Access

✓ Correct Answer: D) Microsoft Defender for Cloud Just-In-Time (JIT) VM Access

Why this is correct:

JIT VM Access is purpose-built for this requirement. It configures NSG rules to deny RDP/SSH by default. When an administrator requests access, Defender for Cloud opens the NSG port for their specific IP address for the requested duration (configurable maximum). The request is logged in Activity Log and Defender for Cloud audit log. The NSG remains the enforcement mechanism — no VPN or additional infrastructure required.

Why other answers are incorrect:

A: Azure Bastion provides a secure browser-based connection method but does not inherently require approval workflows, IP restriction, or time limits — it's an access method, not an approval gate. Bastion does not disable NSG rules.

B: VPN Gateway restricts access to VPN clients but doesn't provide per-request approval, time limits, or per-request IP restriction.

C: Azure Firewall DNAT rules are static configurations — they don't support dynamic, time-limited access with approval workflows.

💡 Key Concept:

JIT VM Access workflow: Defender for Cloud creates "deny" NSG rules for management ports (RDP/SSH/WinRM). Administrator requests access → specifies duration and source IP → (optional) approval required → Defender for Cloud temporarily opens NSG rule → port auto-closes after duration expires. All requests logged.

Question 11: Azure Bastion SKUs

✓ Correct Answer: B) Standard SKU

Why this is correct:

Azure Bastion Standard SKU includes: browser-based RDP/SSH without public IPs (all SKUs), session recording for compliance audit, native client (mstsc.exe) support via the native client connection feature, and shareable links that allow external users to connect via a time-limited URL without an Azure AD account. Basic SKU provides only browser-based access without these advanced features.

Why other answers are incorrect:

A: Basic SKU provides browser-based RDP/SSH but does NOT include session recording, native client connections, or shareable links.

C: Basic SKU with host scaling increases connection capacity but does not add Premium features like session recording.

D: Developer SKU is a single-VM, no-scale-unit tier for individual VM access — not for enterprise use with compliance recording requirements.

💡 Key Concept:

Bastion SKU comparison: Basic = browser-based RDP/SSH, no public IP on VMs. Standard = adds shareable links, native client support, IP-based connection (no AAD needed), session recording (Premium add-on or Premium SKU), Azure VMSS support. Premium = adds session recording as included feature. Choose Standard for enterprise scenarios with advanced access requirements.

Question 12: WAF Mode — Detection vs Prevention

✓ Correct Answer: A) Detection mode first, then switch to Prevention mode after tuning

Why this is correct:

WAF Detection mode logs all rule matches to Azure Diagnostics/Log Analytics without blocking any traffic. This allows the security team to analyze which OWASP rules trigger on legitimate traffic (false positives), create appropriate exclusions for those specific parameters/fields, and validate that blocking mode won't disrupt the application. After tuning, switching to Prevention mode actively blocks and logs matching requests.

Why other answers are incorrect:

B: Deploying in Prevention mode without prior tuning risks blocking legitimate user traffic — OWASP rule sets can trigger on benign application behavior (e.g., large JSON payloads, special characters in form fields).

C: Starting in Prevention mode with all rules disabled then enabling them one-at-a-time is a valid but more complex approach — Detection mode across all rules simultaneously is faster and provides a complete view of potential false positives.

D: Using different modes on different WAF instances creates inconsistent behavior and doesn't provide the analysis-then-enforce workflow needed.

💡 Key Concept:

WAF deployment best practice: Phase 1: Detection mode (log, don't block) → analyze Log Analytics for rule hits → identify false positives → configure exclusions for specific request parameters/headers. Phase 2: Switch to Prevention mode with exclusions in place. Monitor for new false positives continuously. Use WAF Policy instead of per-resource WAF for centralized management.

Question 13: Key Vault Access Model

✓ Correct Answer: C) Azure RBAC for Key Vault with secret-level scope

Why this is correct:

Azure Key Vault supports RBAC assignments scoped to individual secrets (e.g., at the /secrets/secret-name resource level). This means you can grant Application A the Key Vault Secrets User role only on "database-password" and Application B only on "api-key" — all within the same vault. When the decommissioned application's managed identity is removed, only its RBAC assignment is removed. Other applications are unaffected. Diagnostic logging on the vault captures all access events.

Why other answers are incorrect:

A: Key Vault access policies (the older model) are vault-level — you cannot scope an access policy to a specific secret. An application with "Get" permission on secrets can get ANY secret in the vault.

B: Access policies do not support resource tag filtering — tags on Key Vault secrets do not restrict which policy applies.

D: Creating a separate vault per application is a valid approach for very strict isolation but adds operational overhead (50 vaults for 50 apps) and doesn't meet the single-vault requirement.

💡 Key Concept:

Key Vault RBAC vs Access Policies: RBAC = Azure standard model, supports scoping to individual key/secret/certificate, integrates with Entra ID PIM, supports deny assignments. Access Policies = legacy model, vault-level only, cannot scope to individual secrets. Microsoft recommends RBAC model for all new Key Vault deployments.

Question 14: SQL Encryption — TDE vs Always Encrypted vs DDM

✓ Correct Answer: D) Always Encrypted with Deterministic encryption

Why this is correct:

Always Encrypted uses client-side encryption — the encryption/decryption happens in the application driver, not on the SQL Server. The database engine and DBAs only ever see ciphertext. Even with full DBA access (db_owner, sysadmin), the medical history is unreadable in the database. Deterministic encryption encrypts the same plaintext value to the same ciphertext consistently — this allows equality queries (WHERE column = @value). The Column Encryption Key (CEK) and Column Master Key (CMK) are stored outside the database (e.g., in Azure Key Vault or Windows Certificate Store).

Why other answers are incorrect:

A: TDE encrypts data files at rest (preventing someone from stealing the .mdf file and reading it with another SQL Server). TDE is completely transparent to authenticated SQL connections — DBAs with query access can read all data in plaintext.

B: DDM masks data in query results for non-privileged users. However, users with db_owner, db_datareader at elevated privilege level, or users granted UNMASK permission can see plaintext. DBAs bypass DDM entirely.

C: Row-level security restricts which rows a user can see but does not encrypt data — DBAs with elevated permissions bypass RLS.

💡 Key Concept:

Encryption comparison: TDE = protects at-rest file storage (stolen backup unreadable). DBAs see plaintext. Always Encrypted = client-side, database engine sees ciphertext. Even DBAs cannot read it. DDM = not encryption at all — masks in results but bypassed by privileged users. Use Always Encrypted when even database administrators must be excluded from seeing sensitive data.

Question 15: Always Encrypted — Deterministic vs Randomized

✓ Correct Answer: B) Column A: Deterministic. Column B: Randomized

Why this is correct:

Deterministic encryption: the same plaintext always encrypts to the same ciphertext. This allows equality queries (WHERE SSN = @value), point lookups, and joins on encrypted columns. It is slightly less secure than randomized because frequency analysis of ciphertext can reveal patterns. Randomized encryption: the same plaintext encrypts to different ciphertext each time. This prevents pattern analysis and is more secure, but the column cannot be searched, filtered, or used in joins — only full value retrieval is possible.

Why other answers are incorrect:

A: Reversed — using Randomized on SSN would prevent equality searches; using Deterministic on notes is unnecessary (notes are never queried) and slightly less secure.

C: Deterministic on both is unnecessary over-restriction — Column B never needs equality queries, so Randomized is preferable for stronger security on that column.

D: Randomized on both breaks the WHERE SSN = @value query requirement for Column A.

💡 Key Concept:

Always Encrypted encryption types: Deterministic = same plaintext → same ciphertext. Supports: equality comparisons (=), point lookups, DISTINCT, joins. Does not support: LIKE, BETWEEN, >, < comparisons, full-text search. Randomized = same plaintext → different ciphertext each time. No search support at all — only store and retrieve. For searchable sensitive columns: Deterministic. For non-searchable sensitive data: Randomized.

Question 16: Disk Encryption — ADE vs SSE with CMK

✓ Correct Answer: A) Finance VMs: SSE with CMK. Compliance VMs: ADE

Why this is correct:

Server-Side Encryption (SSE) with Customer-Managed Key (CMK): encryption happens at the Azure storage layer. Customer controls the key in Key Vault. Key rotation and revocation are customer-managed. The VM OS and applications do not know about the encryption — it's transparent. If the CMK is revoked, the disk cannot be started. Azure Disk Encryption (ADE): uses BitLocker (Windows) or DM-Crypt (Linux) inside the OS. Encryption extends into the VM's OS layer. Even if someone extracts the raw disk VHDX from Azure infrastructure, it remains encrypted. This is required for compliance scenarios where OS-level encryption verification is needed.

Why other answers are incorrect:

B: Reversed — ADE is the OS-level (inside-VM) encryption; SSE with CMK is the storage-layer encryption. Finance requirement is about CMK control → SSE with CMK. Compliance requirement is about OS-level/BitLocker → ADE.

C: Both ADE is not correct — SSE with CMK satisfies the finance team's key control requirements without the OS-level overhead.

D: Platform-managed keys (PMK) don't give the customer any key control — does not meet the finance team's key management requirement.

💡 Key Concept:

ADE vs SSE: ADE = BitLocker/DM-Crypt inside the OS, OS-level encryption, visible as encrypted to OS, required for some compliance standards (FIPS 140). SSE = Azure storage layer encryption, transparent to OS, customer-managed key control. Both can be used simultaneously for defense-in-depth. SSE with CMK: if key is revoked/deleted → VM cannot start → strong access revocation control.

Question 17: Storage Account Security — SAS Tokens

✓ Correct Answer: D) User Delegation SAS tied to a Stored Access Policy

Why this is correct:

User Delegation SAS tokens are signed with an Azure AD user or managed identity credential rather than the storage account key. They can be associated with a Stored Access Policy defined on the container. To revoke access before the SAS expiry, simply delete or modify the Stored Access Policy — all SAS tokens referencing that policy immediately become invalid. This revocation is instant and does not affect other containers or access methods.

Why other answers are incorrect:

A: Account SAS signed with the storage account key can be revoked by rotating the storage account key, but key rotation immediately invalidates ALL SAS tokens signed with the old key — including any other vendor access or application access using that key.

B: Service SAS signed with the storage account key without a Stored Access Policy cannot be revoked before expiry without rotating the storage account key (which breaks everything signed with it).

C: This is incorrect — Stored Access Policies exist specifically to enable pre-expiry revocation without key rotation.

💡 Key Concept:

SAS token types: Account SAS = broadest access (account-level), signed with account key. Service SAS = resource-level (blob, queue, table, file), signed with account key. User Delegation SAS = signed with Azure AD credential, most secure. Stored Access Policy = server-side policy referenced by SAS; deleting/modifying the policy immediately revokes all associated SAS tokens without key rotation.

Question 18: AKS Security — Workload Identity

✓ Correct Answer: C) AKS Workload Identity with per-pod managed identities

Why this is correct:

AKS Workload Identity uses the Kubernetes service account OIDC token to federate with Azure Managed Identities. Each pod's service account is mapped to a specific User-Assigned Managed Identity via a FederatedIdentityCredential. The pod receives a projected service account token (no credentials stored), which it exchanges for an Azure AD token to authenticate to Key Vault. Each pod can have a different managed identity with different Key Vault RBAC permissions — pod-level identity isolation without any stored credentials.

Why other answers are incorrect:

A: Storing service principal secrets in Kubernetes secrets is exactly what managed identities eliminate — the secret is stored in etcd (base64, not encrypted at rest by default), visible to anyone with kubectl get secrets permission.

B: Node-pool managed identity means ALL pods on that node share the same identity — no pod-level isolation. Any pod can access any Key Vault secret the node identity has permission to.

D: AAD Pod Identity is the deprecated predecessor to Workload Identity — Microsoft recommends migrating to Workload Identity for new deployments.

💡 Key Concept:

AKS Workload Identity setup: Enable OIDC issuer on AKS cluster. Create User-Assigned Managed Identity per microservice. Create FederatedIdentityCredential linking the identity to the pod's service account. Assign Key Vault RBAC role to the managed identity. Annotate pod's service account with the managed identity client ID. No secrets stored anywhere.

Question 19: Defender for Servers Plans

✓ Correct Answer: B) Defender for Servers Plan 2

Why this is correct:

Defender for Servers Plan 2 includes: agentless scanning for OS vulnerabilities (no agent installation required), agentless malware scanning, adaptive application controls (identifies trusted and anomalous process execution patterns), File Integrity Monitoring (FIM) via Microsoft Defender for Endpoint integration, and Just-In-Time VM access integration with Defender for Cloud. Plan 1 is a subset that includes Defender for Endpoint P2 integration and JIT access, but NOT agentless scanning, adaptive application controls, or FIM.

Why other answers are incorrect:

A: Plan 1 includes Defender for Endpoint P2 and JIT access but does not include agentless scanning, adaptive application controls, or FIM — the scenario requires all four features.

C: The free tier provides security recommendations and basic Secure Score but no threat detection, vulnerability assessment, or the advanced features listed.

D: Defender for Endpoint standalone provides EDR capabilities on servers but is not the same as Defender for Servers — it lacks the cloud-native features like agentless scanning, adaptive application controls, and FIM integration that Defender for Servers Plan 2 provides.

💡 Key Concept:

Defender for Servers Plan 1 vs Plan 2: Plan 1 = Defender for Endpoint P2 (EDR) + JIT VM access + OS vulnerability assessment via Defender for Endpoint. Plan 2 = everything in Plan 1 + agentless scanning (no agent), adaptive application controls, File Integrity Monitoring, Docker host assessment, network map, free 500 MB/day Log Analytics ingestion. Plan 2 is required for all four listed features.

Question 20: Defender for Cloud — Secure Score

✓ Correct Answer: A) "Enable MFA for accounts with Owner permissions" — 15% score impact

Why this is correct:

Secure Score recommendations are weighted by their security impact. "Enable MFA for accounts with Owner permissions" (15% score impact) provides the largest single improvement. Prioritizing by score impact is the standard Defender for Cloud workflow — the Recommendations panel shows each recommendation's potential score increase. Additionally, MFA for Owner accounts directly addresses the highest-risk accounts (full resource control), making it the highest-value security action.

Why other answers are incorrect:

B: Container image vulnerabilities (8% impact) are significant but rank second behind the MFA recommendation in score impact.

C: Encrypting data in transit (3% impact) is important but provides the smallest Secure Score improvement of the three options — not the priority when resource-constrained.

D: Partially completing a recommendation CAN improve Secure Score — Defender for Cloud calculates score based on the ratio of healthy resources to total resources per recommendation. Fixing some resources partially raises the score.

💡 Key Concept:

Secure Score optimization: Each recommendation has a "Max score" showing potential impact. Prioritize recommendations by: (1) Max score impact, (2) Quick wins (low effort, high impact), (3) Risk — recommendations affecting privileged accounts or network perimeter carry higher actual risk than their score suggests. Use the "Attack path analysis" feature to identify recommendations that break kill chains.

Question 21: Sentinel Analytics Rule Types

✓ Correct Answer: D) Scheduled, NRT, and Anomaly rules for the three scenarios respectively

Why this is correct:

Scheduled Query rules run KQL queries on a configurable schedule (every 5 minutes to every 24 hours) — ideal for correlating events over time windows like impossible travel detection. Near-Real-Time (NRT) rules run approximately every minute against streaming logs — designed for immediate alerting on specific high-priority events like critical security event IDs. Anomaly rules use machine learning to build behavioral baselines and detect deviations — no KQL rule writing required for the detection logic.

Why other answers are incorrect:

A: Scheduled Query rules can detect scenarios 1 and 3 via KQL, but near-real-time detection (seconds) for scenario 2 requires NRT rules — Scheduled rules have minimum 5-minute intervals.

B: NRT rules are NOT for anomaly/baseline detection; Anomaly rules are NOT for single-event immediate alerting. The assignment is reversed.

C: Fusion rules correlate low-fidelity signals from multiple Microsoft products into multi-stage attack alerts — they are not configurable for custom scenarios.

💡 Key Concept:

Sentinel rule types: Scheduled = custom KQL, configurable window and frequency (5 min – 24 hr). NRT = near-real-time, ~1 min latency, limited KQL operators, great for critical single-event alerts. Anomaly = ML-based baseline, no KQL required, 14-day learning period. Fusion = Microsoft-managed multi-stage attack detection. MS Security = creates incidents from Defender product alerts. Choose based on: timing requirements, correlation complexity, and whether custom logic is needed.

Question 22: KQL Query Interpretation

✓ Correct Answer: C) Users with more than 10 failed sign-ins in 7 days, all source IPs, sorted by failures

Why this is correct:

Breaking down the query: SigninLogs = the Entra ID sign-in log table. where TimeGenerated > ago(7d) = last 7 days. where ResultType != "0" = filters out successful sign-ins (ResultType "0" = success; anything else = failure). summarize by UserPrincipalName = groups by user. FailedAttempts = count() = counts failures per user. IPAddresses = make_set(IPAddress) = collects all unique IPs used. where FailedAttempts > 10 = filters to users with >10 failures. sort by FailedAttempts desc = highest failure count first. This is a brute-force detection query.

Why other answers are incorrect:

A: The ResultType != "0" filter selects FAILURES (non-zero result codes), not successes. Also, the query groups by user and counts events — not by distinct IP count.

B: The query groups by UserPrincipalName (not IPAddress) and counts failures per user — it is not detecting which IPs hit multiple accounts.

D: The query does not retrieve all events and does not limit to top 10 — it filters by a threshold (>10 failures) and shows all matching users sorted by count.

💡 Key Concept:

Key KQL operators for AZ-500: where = filter rows. project = select/rename columns. summarize = aggregate (count, sum, make_set, dcount). sort/order by = sort results. extend = create computed columns. ago() = relative time (ago(7d) = 7 days ago). make_set() = unique values as array. ResultType in SigninLogs: "0" = success, anything else = failure. Practice: recognize what a query does without running it.

Question 23: Sentinel Automation — Playbooks vs Automation Rules

✓ Correct Answer: A) Automation Rule for simple closure; Automation Rule triggering Playbook for complex response

Why this is correct:

Automation Rules can directly: change incident status (Active/Closed), change severity, add tags, assign owners, and suppress incidents — all without executing a Logic App. For simple P3 auto-closure, an Automation Rule is sufficient and more performant. For complex multi-step responses (Teams notification + firewall IP block), an Automation Rule triggers a Playbook (Logic App). Automation Rules can also be used to run playbooks as their action, making them the orchestration layer for both simple and complex responses.

Why other answers are incorrect:

B: Automation Rules can handle simple incident property changes (close, tag, severity change) without any Logic App — forcing a Playbook for every action is unnecessarily complex and costly.

C: Scheduled Analytics Rules generate incidents — they are not used for incident response automation.

D: Logic Apps (Playbooks) ARE integrated with Sentinel automation — Automation Rules can trigger Playbooks as actions. Playbooks are essential for multi-step external API calls.

💡 Key Concept:

Sentinel automation: Automation Rules = run automatically on incident creation/update, can: change status/severity, add tags, assign owners, suppress, run playbooks. No Logic App required for property changes. Playbooks (Logic Apps) = complex multi-step workflows: API calls, Teams/email notifications, blocking IPs, creating tickets. Use Automation Rules as the control layer that decides when and whether to trigger Playbooks.

Question 24: Defender for Cloud Plans — Scope

✓ Correct Answer: C) Defender for Servers, Defender for Azure SQL, Defender for Storage, Defender for Containers — separately enabled

Why this is correct:

Microsoft Defender for Cloud enhanced security features are not a single toggle — each workload type has its own dedicated plan that must be enabled separately. Defender for Servers protects VMs and on-premises servers. Defender for Azure SQL protects Azure SQL Databases, SQL Managed Instances, and SQL on VMs. Defender for Storage protects Azure Storage accounts with malware scanning and sensitive data discovery. Defender for Containers protects AKS clusters and container registries.

Why other answers are incorrect:

A: There is no single "Enhanced Security Features" toggle — Defender for Cloud presents individual plan toggles per subscription or resource type. Each plan has its own pricing and capabilities.

B: Defender for Servers protects VMs only — it does not cover SQL databases, storage accounts, or AKS clusters.

D: Microsoft Sentinel is a SIEM/SOAR tool — it ingests and analyzes logs but does not provide threat detection and prevention for specific workloads like Defender for Cloud plans do. They are complementary, not substitutes.

💡 Key Concept:

Defender for Cloud plans (key workload plans): Defender for Servers (VMs, Arc-enabled servers), Defender for Storage (Blob, Files, ADLS Gen2), Defender for Azure SQL (Azure SQL DB, Managed Instance, SQL on Azure VM), Defender for Containers (AKS, Arc-enabled Kubernetes, registries), Defender for Key Vault, Defender for App Service, Defender for Resource Manager. Each plan is priced separately.

Question 25: Sentinel UEBA

✓ Correct Answer: B) Microsoft Sentinel UEBA — ML-based behavioral baseline with anomaly scoring

Why this is correct:

UEBA (User and Entity Behavior Analytics) builds behavioral profiles for users and entities (devices, applications) over a 14-day learning period. It tracks normal patterns: typical working hours, typical access volumes, typical data volumes, typical locations. When behavior deviates significantly from baseline — 3 AM login, 200-file access spike, unusual device — UEBA generates an anomaly score and surfaces the activity as an investigation insight. No pre-written detection rule is needed; the ML model defines what is "normal" per user.

Why other answers are incorrect:

A: Fusion rules correlate signals from multiple Microsoft security products (e.g., Identity Protection alert + Defender alert) into multi-stage attack incidents. They are not designed for baseline behavioral analysis of individual user activity patterns.

C: Scheduled Query rules require a pre-defined KQL query — someone must know to write "WHERE login_hour < 6 AND file_access_count > 100". UEBA detects anomalies without pre-defining thresholds.

D: Microsoft Defender for Identity specifically protects on-premises Active Directory environments — it monitors Domain Controller traffic for identity attacks. The scenario describes cloud sign-in and SharePoint behavior, which is covered by UEBA in Sentinel.

💡 Key Concept:

UEBA key concepts: Learning period = 14 days before anomaly alerts activate. Entity types = users, devices, hosts, IP addresses. Anomaly scores are additive — multiple minor anomalies in short period = high compound risk score. Investigation priority score = combines alert severity + UEBA anomaly score + blast radius. UEBA insights appear in the User page in Sentinel and in the Incident investigation graph.

📊 How Did You Score?

23–25

Exam Ready

Excellent! Schedule your AZ-500 exam.

19–22

Almost There

Review Sentinel/KQL and encryption distinctions.

14–18

Keep Studying

Focus on PIM, CA policy logic, and Always Encrypted.

0–13

More Study Needed

Build AZ-104 fundamentals before AZ-500 content.

Ready for More AZ-500 Practice?

These 25 questions are just a sample. The actual AZ-500 has 40–60 questions in 150 minutes.

MSCertQuiz AZ-500 includes 500 questions covering:

✓ PIM scenarios — every configuration option, break-glass accounts, access reviews
✓ Conditional Access — all grant controls, session controls, risk-based policies
✓ Network security — Firewall rule order, Private Endpoints, NSG flow analysis
✓ Encryption deep-dives — TDE vs Always Encrypted vs DDM vs ADE vs SSE
✓ Microsoft Sentinel — KQL queries, UEBA, playbooks, automation rules

$14.99 One-Time Payment

Lifetime access • No subscription • 500 questions

Try 40 Free Questions Get 500 Questions — $14.99

📚 Related AZ-500 Resources

📖

AZ-500 Study Guide 2026

Complete domain-by-domain breakdown with 6-week study plan and exam tips

⚖️

SC-300 vs AZ-500: Which First?

Compare both security certifications and plan your certification path

🔍

SC-200 Study Guide 2026

Goes deeper into Microsoft Sentinel and KQL — the natural next step after AZ-500

🎯

AZ-500 Certification Page

Full exam details, domain breakdown, and start your practice quiz