Examice

Exam AZ-500 All QuestionsBrowse all questions from this exam

Go to Exam

Question 95

HOTSPOT -

You have the hierarchy of Azure resources shown in the following exhibit.

RG1, RG2, and RG3 are resource groups.

RG2 contains a virtual machine named VM2.

You assign role-based access control (RBAC) roles to the users shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

Discussion

Geeky93

Correct answers. 1) Yes Source : https://docs.microsoft.com/fr-fr/azure/governance/management-groups/overview 2) Yes The role has this rights : Microsoft.Compute/virtualMachines/* Perform all virtual machine actions including create, update, delete, start, restart, and power off virtual machines. Execute predefined scripts on virtual machines. Source : https://docs.microsoft.com/fr-fr/azure/role-based-access-control/built-in-roles#virtual-machine-contributor 3) No Virtual Machine Administrator Login -> View Virtual Machines in the portal and login as administrator Source : https://docs.microsoft.com/fr-fr/azure/role-based-access-control/built-in-roles

eroms

Microsoft.Compute/virtualMachines/loginAsAdmin/action Log in to a virtual machine with Windows administrator or Linux root user privileges.. so 3). Yes

3abmula

3). Why No. If user can login to a VM as an Administrator, then he can reset the built-in Admin password.

Frosticus

on 3, I think the question is asking if the user can reset the admin password from the Azure portal, not login and reset it. They are really asking, if the admin password were lost, forgotten, or locked out, can this user use the portal to reset it. The answer to that question is no. Bad question as it isn't specific enough.

Ivanvazovv

When you log in with admin permission you can change the built-in Administrator account password.

teehex

Because User1 has Contributor at Tenant Root Group so the role is inherited in subscription under that root group. So User1 can deploy a new VM. User2 has VM Contributor which can delete a VM2 which is in RG2 which is part of Subscription2. The statement #3 is tricky to be honest. Infact with Virtual Machine Administrator Login User3 can log in to an Azure virtual machine with administrator privileges. And once he is in the VM he can change local admin password using PowerShell or GUI from Computer Management. Correct Answer - Yes Yes Yes

Ivanvazovv

Virtual Machine Administrator Login - Microsoft.Compute/virtualMachines/loginAsAdmin/action - Log in to a virtual machine with Windows administrator or Linux root user privileges. From here - https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-administrator-login So when you log in with administrative privileges, you can change the password of the built-in Administrator account. I'd vote for triple "Yes".

brooklyn510

On exam 1/2/24

ArchitectX

Yes -Yes - Yes is the right answer

Self_Study

On exam 7/8/23. Answers are correct but the 3. is a really not clear. If reset means change after login, that its YYY.

majstor86

YES YES NO

certmonk

user3 can rest the local admin password. because the virtual machine administrator login gives him the following - Microsoft.Compute/virtualMachines/loginAsAdmin/action Log in to a virtual machine with Windows administrator or Linux root user privileges https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-administrator-login

upliftinghut

Question 3 Yes, refer to the matrix of which admin can reset other admin password here: https://learn.microsoft.com/en-us/answers/questions/408862/reset-azure-ad-admin-password

xRiot007

This is for Azure AD itself, not what happens inside of a VM. Do not confuse an Active Directory Admin with a VM built-in admin.

acexyz

# IN EXAM - 30/6/2022

alou333

# IN EXAM - 3/6/2022 (online). Lot of new questions. Good luck !

ArunRavilla

No, liar. Not many new questions.

JakeCallham

maybe all the new question were added after alou33 made the reply here?

Fal991l

good one :)

hfk2020

Tested in the lab 3 is NO

zellck

YYN is the answer. https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#contributor Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries. https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-contributor Create and manage virtual machines, manage disks, install and run software, reset password of the root user of the virtual machine using VM extensions, and manage local user accounts using VM extensions. This role does not grant you management access to the virtual network or storage account the virtual machines are connected to. This role does not allow you to assign roles in Azure RBAC.

zellck

https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#virtual-machine-administrator-login View Virtual Machines in the portal and login as administrator

KaleMu92

In Exam 02/12/2022

Alessandro365

correct answer is: YYN

Eltooth

Yes, Yes and No (if user 3 is accessing via portal).

siobhan1

## Ihttps://www.examtopics.com/exams/microsoft/az-500/view/10/#n Exam 03/12/2022