Common Traps on Which Command Should the Administrator Use Practice Questions
- ·Separate verification commands from configuration commands.
- ·Read whether the question asks to identify, verify, fix, permit or deny.
- ·Small command keywords often change the correct answer.
Sample Questions
Practice all 15 →A DevOps team wants Defender for Cloud to identify secrets exposed in GitHub repositories. What should be configured?
Explanation: Defender for Cloud DevOps Security connects repositories and pipelines to identify code, dependency, and secret risks.
A SOC wants a Sentinel rule to include account, host, and IP entities so analysts can pivot during investigation. What should be configured in the analytics rule?
Explanation: Entity mapping maps query columns to Sentinel entities such as Account, Host, and IP, enabling investigation graph and entity pivots.
A storage account contains legal evidence that must not be modified or deleted for seven years. Which feature should be configured?
Explanation: Immutable blob storage enforces write-once-read-many retention and prevents modification or deletion during the retention period.
A team wants Sentinel incidents to automatically assign to the Tier 2 queue when severity is High and the product name is Microsoft Defender for Endpoint. What should they configure?
Explanation: Automation rules can update incident properties or trigger playbooks when incident conditions match.
A company has an Azure Storage account with infrastructure encryption enabled. They configure the storage account to use customer-managed keys (CMK) stored in Azure Key Vault for encryption at rest. Despite this configuration, newly uploaded blobs are still encrypted with Microsoft-managed keys. What is the most likely cause?
Explanation: When a storage account is configured to use customer-managed keys, the encryption type at the storage account level must be explicitly set to 'Customer-managed keys'. If it remains set to 'Microsoft-managed keys', even if infrastructure encryption is enabled, the storage account will use Microsoft-managed keys for all new data. The CMK configuration in the storage account blade includes a toggle to select the key type. If the key is disabled or expired, writes would fail, not fall back to Microsoft-managed keys. Container-level policies cannot override storage account encryption settings.
+10 more scenario questions available
Practice all Which Command Should the Administrator Use Practice QuestionsRelated Topics
Frequently asked questions
How do "Which Command Should the Administrator Use Practice Questions" appear on the real AZ-500?
Practise command-choice questions where the task is to identify the correct verification, configuration or troubleshooting command. These appear throughout the AZ-500 and require you to apply your knowledge, not just recall facts.
How many scenario questions are on the AZ-500 exam?
Cisco doesn't publish an exact breakdown, but scenario-based questions (especially exhibit and command-output formats) make up a significant portion of the AZ-500. Practicing each scenario type ensures you're ready for any format.
Are these AZ-500 scenario practice questions free?
Yes — all scenario practice on Courseiva is completely free. Sign up for a free account to track your progress and see which scenario types you've mastered.
Ready to practice this scenario type?
Launch a full Which Command Should the Administrator Use Practice Questions session with instant scoring and detailed explanations.
Start Scenario Practice →