Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

Your company protects Azure virtual machines by using an existing Recovery Services vault. Security policy states that ransomware or compromised administrator accounts must not be able to delete or shorten the retention of any new restore points for at least 14 days, even if the attacker has Owner permissions on the subscription. What should you configure in the vault to meet this requirement?

  • Configure a private endpoint for the Recovery Services vault.

  • Enable cross-region restore for the Recovery Services vault.

  • Enable soft delete on the Recovery Services vault.

  • Enable an immutable vault and set the retention mode to Locked for a minimum of 14 days.

Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot