Examice

Exam AZ-500 All QuestionsBrowse all questions from this exam

Go to Exam

Question 353

You have an Azure SQL Database server named SQL1.

For SQL1, you turn on Azure Defender for SQL to detect all threat detection types.

Which action will Azure Defender for SQL detect as a threat?

A user updates more than 50 percent of the records in a table.

A user attempts to sign in as SELECT * FROM table1.

A user is added to the db_owner database role.

A user deletes more than 100 records from the same table.

Correct Answer: B

Azure Defender for SQL is designed to detect various types of threats to your database. One such threat it can detect is SQL injection. This involves malicious users attempting to execute arbitrary SQL code on the database, often by manipulating input fields in a web application to gain unauthorized access or manipulate data. An example of this would be a user attempting to sign in with a SQL statement like 'SELECT * FROM table1', which could be an indicator of someone trying to exploit an SQL injection vulnerability.

Discussion

SecurityAnalyst

# IN EXAM - 31/8/2021

WhalerTom

Correct answer. In exam Dec 21. 40 questions, 1 case study, no labs.

zellckOption: B

B is the answer. https://learn.microsoft.com/en-us/azure/azure-sql/database/threat-detection-overview?view=azuresql#overview Advanced Threat Protection provides a new layer of security, which enables customers to detect and respond to potential threats as they occur by providing security alerts on anomalous activities. Users receive an alert upon suspicious database activities, potential vulnerabilities, and SQL injection attacks, as well as anomalous database access and queries patterns. Advanced Threat Protection integrates alerts with Microsoft Defender for Cloud, which include details of suspicious activity and recommend action on how to investigate and mitigate the threat. Advanced Threat Protection makes it simple to address potential threats to the database without the need to be a security expert or manage advanced security monitoring systems.

zellck

Gotten this in May 2023 exam.

Psychosikh

In exam 15/04/2023

majstor86Option: B

B. A user attempts to sign in as SELECT * FROM table1 (Typical SQL injection)

stepman

I chose this. This was On exam 4/27 with the new exam experience. No Sim or lab.

Ivan80

In exam 1/28/24

F117A_StealthOption: B

B SQL Injection

Diallo18

In Exam 10/18/2022. One case study(6 ques), no lab.

ad7399Option: B

B is an attempt to brute force sql credentials. https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/threat-detection-configure

matetav

It is SQL injection not brute force!!!

Amit3

# In Exam 01-Oct-2022, correct answer.

saira23

In Exam20/07/2024

scottyboy23

on exam 20240715. correct

Jco

#exam ques # 29 Sep

kam117

## Exam Question - 24 Sept 2021 ##

TonytheTiger

## Exam Question - 17 Sept 2021 ##