Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You manage security for hundreds of Windows and Linux Azure virtual machines across several production subscriptions. The security team must receive operating-system and software vulnerability findings, but they refuse to allow any new agents, extensions, or scripts to run inside the guest operating systems because of performance and change-control concerns. Which action should you take to satisfy the requirement?

  • Enable Microsoft Defender for Servers Plan 1 on all subscriptions and deploy the Log Analytics agent to every VM.

  • Use Defender for Cloud auto-provisioning to install the built-in Qualys vulnerability assessment extension on each VM.

  • Onboard every VM to Microsoft Defender for Endpoint by applying the onboarding script from the security center.

  • Enable Microsoft Defender for Servers Plan 2 on all subscriptions and turn on agentless vulnerability assessments for machines.

Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot