Microsoft AZ-500 Quiz 6 Topic 9 Questions 26-30

Question: 1

You need to ensure that the AzureBackupReport log for the Vault1 Recovery Services vault is stored in the WS11641655 Azure Log Analytics workspace.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
1. In the Azure portal, type Recovery Services Vaults in the search box, select Recovery Services Vaults from the search results then select Vault1. Alternatively, browse to Recovery Services Vaults in the left navigation pane.
2. In the properties of Vault1, scroll down to the Monitoring section and select Diagnostic Settings.
3. Click the Add a diagnostic setting link.
4. Enter a name in the Diagnostic settings name box.
5. In the Log section, select AzureBackupReport.

6. In the Destination details section, select Send to log analytics

7. Select the WS11641655 Azure Log Analytics workspace.
8. Click the Save button to save the changes.

Show Answer

Question: 2

You need to ensure that the audit logs from the SQLdb1 Azure SQL database are stored in the WS11641655 Azure Log Analytics workspace.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
1. In the Azure portal, type SQL in the search box, select SQL databases from the search results then select SQLdb1. Alternatively, browse to SQL databases in the left navigation pane.
2. In the properties of SQLdb1, scroll down to the Security section and select Auditing.
3. Turn auditing on if it isn't already, tick the Log Analytics checkbox then click on Configure.

4. Select the WS11641655 Azure Log Analytics workspace.
5. Click Save to save the changes.

Show Answer

Question: 3

You need to enable Advanced Data Security for the SQLdb1 Azure SQL database. The solution must ensure that Azure Advanced Threat Protection (ATP) alerts are sent to User1@contoso.com.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
In the Azure portal, type SQL in the search box, select SQL databases from the search results then select SQLdb1. Alternatively, browse to SQL databases in the left navigation pane.
In the properties of SQLdb1, scroll down to the Security section and select Advanced data security.
Click on the Settings icon.
Tick the Enable Advanced Data Security at the database level checkbox.
Click Yes at the confirmation prompt.
In the Storage account select a storage account if one isn't selected by default.
Under Advanced Threat Protection Settings, enter User1@contoso.com in the Send alerts to box.
Click the Save button to save the changes.

Show Answer

Question: 4

You plan to use Azure Disk Encryption for several virtual machine disks.

You need to ensure that Azure Disk Encryption can retrieve secrets from the KeyVault11641655 Azure key vault.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
1. In the Azure portal, type Key Vaults in the search box, select Key Vaults from the search results then select KeyVault11641655. Alternatively, browse to Key Vaults in the left navigation pane.
2. In the Key Vault properties, scroll down to the Settings section and select Access Policies.
3. Select the Azure Disk Encryption for volume encryption

4. Click Save to save the changes.

Show Answer

Question: 5

You need to ensure that User2-11641655 has all the key permissions for KeyVault11641655.

To complete this task, sign in to the Azure portal and modify the Azure resources.

AExplanation:
You need to assign the user the Key Vault Secrets Officer role.
In the Azure portal, type Key Vaults in the search box, select Key Vaults from the search results then select KeyVault11641655. Alternatively, browse to Key Vaults in the left navigation pane.
In the key vault properties, select Access control (IAM).
In the Add a role assignment section, click the Add button.
In the Role box, select the Key Vault Secrets Officer role from the drop-down list.
In the Select box, start typing User2-11641655 and select User2-11641655 from the search results.
Click the Save button to save the changes.

Show Answer

Microsoft AZ-500 Quiz:6 Topic:9 Questions:26-30