Summer Sale - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65percent

Welcome To DumpsPedia

SC-500 Sample Questions Answers

Questions 4

You need to implement the planned change for storage2 The solution must meet the technical requirements for storage encryption.

What should you do?

Options:

A.

Enable purge protection for storage2.

B.

Create an encryption scope in storage2.

C.

Configure storage2 to use an account encryption key.

D.

Assign an Azure role-based access control (Azure RBAC) role to storage2.

Buy Now
Questions 5

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.

You have a Microsoft Sentinel workspace

You have a multi-tier Security Operations Center (SOC) team.

You need to ensure that all new security incidents are assigned immediately to the Tier 1 analysts group and flagged for triage.

Solution: You create an analytics rule.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 6

User1 has requested to use the AI Administrator role.

Which approvers can approve the request, and how long will User1 be an AI administrator after the role is approved? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Buy Now
Questions 7

For each of the following statements, select Yes if the statement is true Otherwise, select No.

Options:

Buy Now
Questions 8

You need to delegate a user to implement the planned change for Defender for Cloud. The solution must follow the principle of least privilege.

Which user should you choose?

Options:

A.

Admin1

B.

Admin2

C.

Admin3

D.

Admin4

Buy Now
Questions 9

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.

You have a Microsoft Sentinel workspace

You have a multi-tier Security Operations Center (SOC) team.

You need to ensure that all new security incidents are assigned immediately to the Tier 1 analysts group and flagged for triage.

Solution: You create an automation rule.

Does this meet the goal?

Options:

A.

Yes

B.

No

Buy Now
Questions 10

You need to protect the applications hosted on AKS1. The solution must meet the technical requirements.

Which Defender for Cloud plan should you enable?

Options:

A.

Microsoft Defender for Servers

B.

Microsoft Defender for App Service

C.

Microsoft Defender for Containers

D.

Microsoft Defender for Resource Manager

E.

Microsoft Defender for Storage

Buy Now
Questions 11

You have an Azure subscription that contains a user named User1 and an Azure Container Registry named ContReg1.

You enable content trust for ContReg1.

You need to ensure that User1 can create trusted images in ContReg1 The solution must use the principle of least privilege.

Which two roles should you assign to User1? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

AcrQuarantineWriter

B.

Contributor

C.

AcrQuarantineReader

D.

AcrPush

E.

AcrImageSigner

Buy Now
Questions 12

You have an Azure subscription named Sub1. Sub1 contains 20 virtual machines that run Windows Server.

Sub1 has the Microsoft Defender for Cloud Defender Cloud Security Posture Management (CSPM) plan enabled.

You need to ensure that all the virtual machines are scanned automatically for known security flaws and misconfigurations.

What should you use?

Options:

A.

Attack path analysis

B.

Microsoft Cloud Security Benchmark (MCSB)

C.

Cloud security explorer

D.

Just-in-time (JIT) VM access

E.

Vulnerability assessment on the virtual machines

Buy Now
Questions 13

You have an Azure subscription named Sub1 that contains multiple virtual machines. Sub1 has the Microsoft Defender Cloud Security Posture Management (CSPM) plan enabled.

You discover that Defender for Cloud falls to identify plaintext connection strings and SSH keys stored on the virtual machines.

You need to ensure that secrets can be identified on the virtual machines.

What should you do?

Options:

A.

Configure the Defender for Cloud data connector in Microsoft Sentinel.

B.

Enable agentless machine scanning.

C.

Deploy the Azure Monitor Agent to all the virtual machines.

D.

Enable Microsoft Defender for Key Vault.

Buy Now
Questions 14

You have a Microsoft Entra tenant that has user consent for applications disabled.

You register an application named App1 that requests the following Microsoft Graph delegated permissions:

•user.Read

•Mail.Read

You need to configure tenant permissions to meet the following requirements:

•Enable users to grant consent for low-risk permissions without administrator interaction.

•Ensure that applications requesting higher-privilege permissions require administrator approval.

What should you do?

Options:

A.

Grant tenant-wide admin consent to App1.

B.

Configure application assignments for App1.

C.

Configure Privileged Identity Management (PIM) role assignments.

D.

Create an app consent policy.

Buy Now
Questions 15

You have an Azure subscription that contains the following servers:

•200 virtual machines that run either Windows Server or Ubuntu Server

•50 Azure Arc enabled servers

You use Azure Policy to manage compliance across all the servers.

You need to enforce an organization-specific security baseline. The solution must meet the following requirements:

•Customize a built-in security baseline.

•Ensure that configuration changes to the servers are enforced automatically after the security baseline is deployed.

♦Minimize administrative effort.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Buy Now
Questions 16

You have a Microsoft Defender External Attack Surface Management (Defender EASM) resource for a company named Contoso. Ltd.

You need to update the Defender EASM workflow to meet the following requirements:

•Assets from a business domain that Contoso no longer owns must be removed from inventory.

•Findings that do NOT apply to confirmed inventory must NOT affect reported counts.

What should you do for each requirement? To answer, drag the appropriate actions to the correct requirements. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Options:

Buy Now
Questions 17

You have an Azure SQL Database logical server named Server1 that contains a database named DB1.

You need to configure authentication for Server1 to meet the following requirements;

•SQL authentication cannot be used for any databases on Server1.

•The solution must be enforced centrally at the server level.

What should you do?

Options:

A.

Configure a Microsoft Entra administrator for Server1.

B.

Enable a managed identity for Server1.

C.

Enable Microsoft Entra-only authentication for Server1.

D.

Remove SQL logins from DB1.

Buy Now
Questions 18

You have an Azure subscription that contains a resource group named RG1.

RG1 contains a Microsoft Security Copilot deployment that is integrated with a Microsoft Sentinel workspace named Workspace1.

Analysts use the Security Copilot standalone experience to retrieve incidents by using the Microsoft Sentinel plugin.

A user named User1 can sign in to Security Copilot but cannot retrieve incidents from Workspace1. You verify that User1 lias only the Security Copilot Contributor role.

You need to ensure that User1 can retrieve the incidents. The solution must follow the principle of least privilege and NOT require any configuration changes to Security Copilot.

Which role should you assign to User1?

Options:

A.

The Security Reader role in Microsoft Entra

B.

The Microsoft Sentinel Reader role for Workspace1

C.

The Security Copilot Owner role

D.

The Security Administrator role in Microsoft Entra

E.

The Contributor role in Azure for RG1

Buy Now
Questions 19

You have a Microsoft Sentinel workspace

You need to collect Windows security events from 200 Azure virtual machines that run Windows Server. The solution must meet the following requirements:

•Use direct agent based data collection from each virtual machine.

•Use a supported agent for new virtual machine deployments

Which Microsoft Sentinel connector should you use?

Options:

A.

Windows Forwarded Events

B.

Windows Security Events via AMA

C.

Security Events via Legacy Agent

D.

Syslog via AMA

E.

Azure Resource Graph

Buy Now
Questions 20

You have Microsoft Security Copilot agents that authenticate by using Microsoft Entra service principals.

You receive a Microsoft Defender alert triggered by the anomalous OAuth authentication of an agent ' s Microsoft Entra service principal.

You need to assess the impact of the agent identity and identify which resources are affected if the identity is abused for lateral movement The solution must minimize administrative effort.

What should you do?

Options:

A.

From Advanced hunting, create a query against the IdentityLogonEvents table to list all the sign-ins performed by the identity.

B.

From Attack paths, select the identity and view the blast radius.

C.

From AI Observability in Microsoft Purview Data Security Posture Management (DSPM), review the agent activity.

D.

From Microsoft Purview Audit, query the audit logs for all the role assignments granted to the identity.

E.

From Incidents, review incidents related to OAuth events reported by Microsoft Defender for Cloud Apps.

Buy Now
Exam Code: SC-500
Exam Name: Microsoft Certified: Cloud and AI Security Engineer Associate
Last Update: Jul 10, 2026
Questions: 68

PDF + Testing Engine

$63.24 $180.69

Testing Engine

$48.24 $137.83

PDF (Q&A)

$53.24 $152.11