Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

Your organization exposes internal REST APIs through an Azure API Management instance named contoso-apim. Security policy states that only Azure AD-issued OAuth 2.0 access tokens are accepted and that callers must never be allowed to authenticate by using subscription keys. Which Azure API Management configuration meets both requirements?

  • Enable OAuth 2.0 implicit grant on the Developer portal and require an API subscription for each caller.

  • Create an authorization server that integrates with Azure AD, add a validate-jwt policy to the APIs, and disable the Require subscription setting on the product.

  • Add a quota-by-key policy to the product, rotate the primary key, and delete the secondary key.

  • Enable mutual TLS authentication on the API gateway and upload the root CA certificate that chains to Azure AD.

Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot