Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel practice sets

AZ-500 Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel • Set 13

AZ-500 Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel Practice Test 13 — 15 Questions

AZ-500 Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel Practice Test 13 — 15 questions with explanations. Free, no signup.

15
Questions
Free
No signup
Certifications/AZ-500/Practice Test/Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel/Set 13
Question 1 of 150 answered
medium

Your company has a Microsoft Sentinel workspace that ingests logs from multiple sources, including Azure Active Directory (now Microsoft Entra ID), Azure Firewall, and Microsoft 365 Defender. You are asked to create an analytics rule that detects when a user account is deleted from Microsoft Entra ID and then, within 24 hours, a large number of Azure resources are deleted in the same tenant. You have the following requirements: - The rule must use KQL to correlate events across two tables: AuditLogs (for user deletion) and ActivityLogs (for resource deletion). - The rule should trigger an incident only if more than 10 resources are deleted within 24 hours after the user deletion. - The incident severity should be set to 'High'. - The rule should run every hour and look back 24 hours. Which of the following is the correct KQL query for the analytics rule? (Choose the best option.)

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

AZ-500 Practice Test 1 — 10 Questions→AZ-500 Practice Test 2 — 10 Questions→AZ-500 Practice Test 3 — 10 Questions→AZ-500 Practice Test 4 — 10 Questions→AZ-500 Practice Test 5 — 10 Questions→AZ-500 Practice Exam 1 — 20 Questions→AZ-500 Practice Exam 2 — 20 Questions→AZ-500 Practice Exam 3 — 20 Questions→AZ-500 Practice Exam 4 — 20 Questions→Free AZ-500 Practice Test 1 — 30 Questions→Free AZ-500 Practice Test 2 — 30 Questions→Free AZ-500 Practice Test 3 — 30 Questions→AZ-500 Practice Questions 1 — 50 Questions→AZ-500 Practice Questions 2 — 50 Questions→AZ-500 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Secure identity and accessSecure compute, storage, and databasesSecure Azure using Microsoft Defender for Cloud and Microsoft SentinelManage identity and accessSecure networking

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel setsAll Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel questionsAZ-500 Practice Hub