AZ-500

Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel

hard

Question 3 of 68

A company still uses the Key Vault access policy model. Why does Microsoft recommend moving to Azure RBAC for Key Vault data plane access?

AAzure RBAC disables all network controls automatically

BAzure RBAC supports centralized grants, PIM integration, and reduces self-escalation risk from broad contributors

CAzure RBAC removes the need for Microsoft Entra authentication

DAzure RBAC allows anonymous reads for trusted services

More Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel Questions

68 questions

Full Microsoft Certified: Azure Security Engineer Associate Practice Test

All topics covered

All Microsoft Certified: Azure Security Engineer Associate Questions

Browse by topic

Related Questions

A security team wants to understand the effect of a new Azure Policy before it starts blocking deplo...

Which Defender for Cloud capability summarizes your organization's security posture based on recomme...

What platform are Microsoft Sentinel playbooks built on?...

Which Defender for Cloud role can view recommendations, alerts, and policies but cannot make changes...

Which Defender for Cloud plan provides protections such as just-in-time VM access, file integrity mo...

View all Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign In Create free account