Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

An Azure API Management (APIM) instance publishes several mission-critical APIs to external business partners. Security requirements are: callers must authenticate by presenting X.509 certificates issued by the company's internal CA, partners must not need to include subscription keys, and no changes can be made to the backend APIs. Which APIM configuration meets all the requirements?

  • Configure the API to require mutual TLS authentication and disable the subscription key requirement.

  • Apply a check-header inbound policy that verifies a shared-secret header provided to each partner.

  • Enable an Azure AD OAuth 2.0 authorization server and add a validate-jwt inbound policy.

  • Move the APIM instance to an internal virtual network and publish it through Azure Application Gateway with Web Application Firewall.

Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot