Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

Your company hosts an Azure SQL Managed Instance in a dedicated subnet of VNet-Prod. Several partner teams have workloads running in separate VNets and subscriptions. All teams must be able to connect to the managed instance by using private IP addresses that stay on the Microsoft backbone. Security policies forbid VNet peering, VPN gateways, and ExpressRoute. Which solution should you implement?

  • Enable virtual network service endpoints for Microsoft.Sql on every partner VNet.

  • Expose the managed instance's public endpoint and restrict it with a firewall rule.

  • Create an Azure Private Endpoint for the managed instance in each partner VNet.

  • Deploy Azure Bastion in VNet-Prod and share it with the partner VNets.

Microsoft Azure Security Engineer Associate AZ-500
Secure networking
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot