You have an Azure Sentinel deployment. You need to create a scheduled query rule named Rule1. What should you use to define the query rule logic for Rule1?

A. a Transact-SQL statement

B. a JSON definition

C. GraphQL

D. a Kusto query

You have a Azure subscription.
You enable Azure Active Directory (Azure AD) Privileged identify (PIM).
Your company’s security policy for administrator accounts has the following conditions:
* The accounts must use multi-factor authentication (MFA).
* The account must use 20-character complex passwords.
* The passwords must be changed every 180 days.
* The account must be managed by using PIM.
You receive alerts about administrator who have not changed their password during the last 90 days.
You need to minimize the number of generated alerts.
Which PIM alert should you modify?

A. Roles don’t require multi-factor authentication for activation.

B. Administrator aren’t using their privileged roles

C. Roles are being assigned outside of Privileged identity Management

D. Potential state accounts in a privileged role.

You have an Azure subscription that contains an Azure key vault named Vault1 and a virtual machine named VM1.
VM1 is connected to a virtual network named VNet1.
You need to allow access to Vault1 only from VM1.
What should you do in the Networking settings of Vault1?

A. From the Firewalls and virtual networks tab, set Allow trusted Microsoft services to bypass this firewall to Yes for Vault1.

B. From the Firewalls and virtual networks tab, add the IP address of VM1.

C. From the Firewalls and virtual networks tab, add VNet1.

D. From the Private endpoint connections tab, create a private endpoint for VM1.

You are configuring just in time (JIT) VM access to a set of Azure virtual machines.
You need to grant users PowerShell access to the virtual machine by using JIT VM access.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains the virtual machines shown in the following table.

You create a new Azure subscription.
You need to ensure that you can create custom alert rules in Azure Security Center.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Onboard Azure Active Directory (Azure AD) Identity Protection.

B. Create an Azure Storage account.

C. Implement Azure Advisor recommendations.

D. Create an Azure Log Analytics workspace.

E. Upgrade the pricing tier of Security Center to Standard.

You have an Azure subscription that contains a resource group named RG1 and the identities shown in the following table.

A. User1 only

B. User1 and Group3 only

C. User1, Group1, and Group3 only

D. User1, Group2, and Group3 only

E. User1, Group1, Group2, and Group3

You have a Microsoft Entra tenant named contoso.com that contains the users shown in the following table.

You have a Microsoft Entra tenant that contains a user named User1.
You have an app registration named App1.
For App1, you create an app role named Role1.
You need to assign User1 to Role1.
What should you use in the Azure portal?

A. Roles and administrators for App1 from Enterprise applications

B. App roles for App1 from App registrations

C. Users and groups for App1 from Enterprise applications

D. API permissions for App1 from App registrations

E. Roles and administrators from the Microsoft Entra admin center

You have an Azure subscription that contains a storage account and an Azure web app named App1.
App1 connects to an Azure Cosmos DB database named Cosmos1 that uses a private endpoint named Endpoint1. Endpoint1 has the default settings.
You need to validate the name resolution to Cosmos1.
Which DNS zone should you use?

A. Endpoint1. Privatelink,blob,core,windows,net

B. Endpoint1. Privatelink,database,azure,com

C. Endpoint1. Privatelink,azurewebsites,net

D. Endpoint1. Privatelink,documents,azure,com