Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You manage a production Azure Kubernetes Service (AKS) cluster. The security team needs automatic detection of suspicious activities such as an unexpected "kubectl exec" into a pod or large-scale enumeration of Kubernetes secrets. They also want any resulting security alerts to flow to Microsoft Sentinel without deploying and maintaining custom agents on every node. Which action should you take first?

  • Enable Azure Monitor Container insights for the cluster and connect it to a Log Analytics workspace.

  • Install the Azure Policy add-on for Kubernetes and assign the built-in AKS baseline policy initiative.

  • Configure Azure RBAC integration with Microsoft Entra ID for the cluster and require multifactor authentication.

  • Enable Microsoft Defender for Containers for the subscription and apply the AKS protection plan to the cluster.

Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot