Cybersecurity Solutions and Microsoft Defender

Cybersecurity Solutions and Microsoft Defender Quiz Answers + Review

Posted on by Niyander

In this article, I’m sharing my review of the Cybersecurity Solutions and Microsoft Defender course, along with all the quiz answers to help fellow learners.

Just completed the Coursera course “Cybersecurity Solutions and Microsoft Defender”? This course is part of the Microsoft Cybersecurity Analyst Professional Certificate and focuses on how Microsoft’s security tools help protect organizations from threats like DDoS attacks, phishing, and unauthorized access.

You’ll explore key solutions such as Microsoft Defender for Cloud, SIEM, and SOAR, while also learning about Azure’s built-in security features and compliance practices. Whether you’re aiming to pass the SC-900 exam or just getting started with Microsoft’s security ecosystem, this course is a valuable step forward — and I’ve included all the quiz answers to support your journey!

Module quiz: Azure basic security capabilities Quiz Answers

Question 1)
Azure DDoS uses multiple layers of protection to mitigate attacks effects, identify two of these layers of protection.

  • Sets firewall to block all traffic
  • Machine learning algorithms
  • Network segmentation
  • Switches off VMs under attack

Question 2)
Imagine you are a cybersecurity analyst working for a large e-commerce company that heavily relies on its online presence. One day, your team receives a notification about a potential Distributed Denial of Service (DDoS) attack targeting your company’s resources. As the team investigates the situation, you remember the Azure DDoS IP protection feature, which can safeguard certain resources from such attacks.
Which of the following resources could be protected by Azure DDoS IP protection in this scenario? Select all that apply.

  • Virtual machines
  • Websites
  • Virtual networks
  • Cloud services

Question 3)
True or False: Azure virtual machines offer a cost-effective and flexible solution for a variety of purposes.

  • True
  • False

Question 4)
When connecting VNets inside an Azure region _____(a) virtual network peering is used, but to connect them across regions _____(b) virtual peering is used.

  • (a) Wide (b) Local
  • (a) Regional (b) Global
  • (a) Local (b) Wide
  • (a) Global (b) Regional

Question 5)
The Basic Azure Firewall is a great firewall for SMBs that supports up to 250Mbps of data throughput but the Standard Firewall supports up to _____ Gbps of data throughput.

  • 3 Gbps
  • 300
  • 6
  • 30

Question 6)
You are configuring firewalls to protect the Azure network and enable connectivity. Which of the following options correctly identify the names of the firewall rules that can be configured? Select all that apply.

  • IP rules
  • Network rules
  • Application rules
  • NAT rules

Question 7)
You are managing multiple Azure firewalls and need to consolidate NAT, application, and network rules into a collection. Which Azure resource should you use for this purpose?

  • Firewall rules
  • Firewall policy
  • Firewall SKU
  • Firewall security

Question 8)
When JIT gives a user access to a VM it opens the specific port needed for a specified time that was configured in the JIT policy. What is used to check that the user has the correct permissions?

  • NSG
  • Azure RBAC
  • Defender for Cloud
  • Azure Firewall

Question 9)
What type of encryption is used for data at rest to encrypt and decrypt large volumes of data quickly, and is used by Azure Disk encryption?

  • Symmetric
  • Hashing
  • Asymmetric

Question 10)
Imagine a scenario where an administrator is using Azure Key Vault, a key management solution. The administrator needs to provide developers with a specific item to retrieve keys from applications. Which of the following options correctly identifies what the administrator gives to developers in this scenario?

  • Encryption algorithms
  • Access permissions
  • API documentation
  • Revocation certificates

Question 11)
Imagine you are a network security analyst responsible for protecting your organization’s Azure infrastructure. One day, you receive an alert about a potential DDoS attack targeting your network. As you investigate the situation, you remember hearing about Azure DDoS and its protective measures.
True or False: Azure DDoS employs a comprehensive defense strategy, which includes network segmentation, traffic analysis, machine learning, and firewalls to monitor and control network traffic.

  • True
  • False

Question 12)
Imagine you are a cybersecurity analyst working for a large e-commerce company that heavily relies on its online presence. One day, your team receives a notification about a potential Distributed Denial of Service (DDoS) attack targeting your company’s resources. As the team investigates the situation, you remember the Azure DDoS IP protection feature, which can safeguard certain resources from such attacks.
Which of the following resources could be protected by Azure DDoS IP protection in this scenario? Select all that apply.

  • Cloud services
  • Virtual networks
  • Websites
  • Virtual machines

Question 13)
You work for a software development company that frequently needs to test applications on different configurations. Your team is considering using Azure virtual machines for development and testing purposes. Which factor should you carefully consider when creating virtual machines to ensure optimal performance and cost-effectiveness?

  • The physical hardware required to run the virtual machines
  • The fluctuating demand for your application and the need for scalability
  • The specific software applications that need to be installed on the virtual machine

Question 14)
Sarah, a software engineer, is working on a project that involves deploying Azure services and virtual machines across different Azure regions. While discussing the project with her team, she asks them a question: “VNets are used like physical networks to connect to Azure services and virtual machines, but what do we use to connect VNets across Azure regions?”
What is the correct answer to her question?

  • Regional virtual network peering
  • Subnets
  • NSGs
  • Global virtual network peering

Question 15)
John is the owner of a small and medium-sized business (SMB) and is considering implementing a firewall solution for his company’s network security. He has heard about the basic Azure Firewall and wants to understand the advantages of the Standard firewall over the Basic version. Help John identify the additional advantages of the Standard firewall by selecting the correct options below. Select all that apply.

  • Increased data throughput
  • Traffic filtering
  • Threat intelligence filtering
  • Threat intelligence alerts

Question 16)
True or False: When configuring firewalls, different rules are used to help protect the Azure network as well as enable connectivity. NAT rules can convert public and private IP addresses, application rules can filter FQDN, and network rules can filter IP addresses.

  • True
  • False

Question 17)
You are managing multiple Azure firewalls and need to consolidate NAT, application, and network rules into a collection. Which Azure resource should you use for this purpose?

  • Firewall rules
  • Firewall policy
  • Firewall security
  • Firewall SKU

Question 18)
True or False: JIT Policy consists of port, protocol and the username of who is allowed access.

  • True
  • False

Question 19)
What type of encryption is used for data at rest to encrypt and decrypt large volumes of data quickly, and is used by Azure Disk encryption?

  • Hashing
  • Symmetric
  • Asymmetric

Question 20)
Azure Key Vault is a key management solution that allows security administrators to create, revoke and delete keys. What other tasks can it help administrators perform? Select all that apply.

  • Key vault access
  • Azure subscription access
  • Machine encryption
  • Key usage monitoring

Question 21)
True or False: VNets are used like physical networks to connect to Azure services and virtual machines. Global virtual network peering is used to connect VNets inside a region and regional virtual network peering is used to connect VNets across regions.

  • True
  • False

Question 22)
When configuring firewalls, different rules are used to help protect the Azure network as well as enabling connectivity. Which firewall rule can convert public and private IP addresses?

  • IP rules
  • Network rules
  • NAT rules
  • Application rules

Question 23)
True or False: When setting up Azure firewalls, you can use firewall rules which are great for simple configuration and when you have just one firewall. Firewall policy can be used when you have multiple firewalls and complex scenarios.

  • True
  • False

Question 24)
You are setting up encryption for your Azure Disk storage. Which encryption method does Azure Disk encryption utilize to ensure fast encryption and decryption of large data volumes?

  • Data compression techniques
  • Hashing algorithms
  • Asymmetric encryption
  • Symmetric encryption

Question 25)
True or False: Azure Key Vault is a key management solution that allows security administrators to create, revoke and delete keys and it can reduce code writing for developers.

  • True
  • False

Question 26)
True or False: The Basic Azure Firewall is a great firewall for SMBs as it supports threat intelligence-based filtering.

  • True
  • False

Question 27)
When JIT gives access to a VM to a user it opens the specific port needed which is configured in the JIT policy. What else forms part of that policy? Select all that apply.

  • IP address
  • Protocol
  • Allowed duration
  • Network rule

Question 28)
Azure DDoS IP protection protects resources, for example websites, virtual machines and cloud services, but what do these resources need to have for the protection to work? Select all that apply.

  • Internet access
  • A public IP address
  • A private IP address
  • LAN access

Question 29)
You are a network administrator responsible for granting access to virtual machines (VMs) through the just-in-time (JIT) policy. When providing access, you ensure that the necessary port is opened for a predetermined duration. Which of the following methods is used to verify if a user possesses the required permissions?

  • Azure RBAC
  • NSG
  • Defender for Cloud
  • Azure Firewall

Question 30)
Azure DDoS mitigates attacks effects by using network segmentation, traffic analysis and firewalls to monitor and control network traffic. But what other mechanism does it use?

  • Machine learning algorithms
  • Switches off VMs under attack
  • Malware protection
  • Sets firewall to block all traffic

Question 31)
Which of the following is a benefit of using Azure virtual machines? You have just started using Microsoft Azure and you are exploring the available management options. While learning about Azure, you come across a feature that allows you to manage resources. Which of the following options accurately describes what the Azure portal provides for managing resources?

  • Command line interface
  • Increased control over the computing environment
  • Browser accessible terminal
  • Application

Question 32)
When managing an Azure firewall what Azure resource allows you to combine NAT, application and network rules into a collection?

  • Firewall security
  • Firewall policy
  • Firewall SKU
  • Firewall rules

Question 33)
Symmetric encryption is used for data at rest storage and by Azure disk encryption for speed but what is used to encrypt the OS and the data disks? Select all that apply.

  • Linux dm-crypt
  • TLS
  • MAC sec
  • Windows Bit Locker

Question 34)
True or False: Azure DDoS IP protection protects resources like websites, virtual machines and cloud services, when they have a private IP address and internet access.

  • True
  • False

Module quiz: Security management in Azure Quiz Answers

Question 1)
You deploy Azure Bastion within a ______ and it needs a subnet named ______.

  • VM, AzureBastion
  • VNet, AzureBastion
  • VM, AzureBastionSubnet
  • VNET, AzureBastionSubnet

Question 2)
True or False: Microsoft Defender for Cloud assesses a cloud deployment’s risk level by examining vulnerabilities and misconfigurations in cloud environments.

  • True
  • False

Question 3)
Microsoft Defender for Cloud combines three capabilities. DevSecOps, CSPM, and what other function?

  • Remote access
  • SIEM
  • SOAR
  • CWPP

Question 4)
True or False: You connect to a virtual machine via Azure Bastion using RDP and SSH.

  • True
  • False

Question 5)
True or False: The four security best practices for implementing Azure are: Identity and access management, network security, monitoring and threat detection, and data compliance.

  • True
  • False

Question 6)
You are an Azure administrator responsible for managing VM sizes on a subscription. You need to determine how to deny deployment of certain VM sizes on the Azure subscription. Choose the correct option below:

  • Azure RBAC
  • Azure Policy
  • Azure resource manager templates
  • Azure management groups

Question 7)
True or False: The three main pillars of Azure Policy include enforcement and compliance, applying policies at scale, and remediation.

  • True
  • False

Question 8)
True or False: You can assign Azure Blueprints to resource groups.

  • True
  • False

Question 9)
Sarah is an IT professional working for a large multinational corporation. Her company recently implemented a cloud security strategy to safeguard their digital assets. As part of this strategy, they integrated Microsoft Sentinel into their security infrastructure. What is the role of Microsoft Sentinel in their cloud security strategy?

  • Microsoft Sentinel is a cloud service provider for hosting applications.
  • Microsoft Sentinel protects management ports from attack.
  • Microsoft Sentinel is responsible for monitoring and detecting security threats in real-time.
  • Microsoft Sentinel is a cloud-based antivirus software for protecting against malware.

Question 10)
Microsoft Sentinel supports a number of data collection types including vendor connectors, and what others? Select all that apply.

  • Built-in data connector
  • Workspaces
  • API connection
  • CEF and Syslog via a log forwarder VM

Question 11)
You are an IT professional working with Azure services. Your team is discussing the deployment location for the Azure Bastion service, which provides remote access. You need to identify where Azure deploys the Azure Bastion service.

  • Azure Bastion service is deployed on-premises within the organization’s data center.
  • Azure Virtual Machine
  • Azure VNet
  • Azure Resource group

Question 12)
True or False: Microsoft Defender for Cloud assesses a cloud deployment’s risk level by examining vulnerabilities and misconfigurations in cloud environments.

  • True
  • False

Question 13)
Microsoft Defender for Cloud combines three capabilities as shown in the diagram. What are they?

  • Cloud security posture management (CSPM)
  • Cloud workload protection (CWPP)
  • DevOps security management (DevSecOps)
  • Security orchestration, automation, and response (SOAR)

Question 14)
When using Azure Bastion, the user connects to the Azure portal using _______and Azure Bastion connects to the virtual machine using _______.

  • RDP/SSH, VPN
  • VPN, RDP/SSH
  • RDP/SSH, HTTPS
  • HTTPS, RDP/SSH

Question 15)
True or False: The four security best practices for implementing Azure are: Identity and access management, network security, monitoring and threat detection, and data compliance.

  • True
  • False

Question 16)
You can use Azure Policy to control deployment of certain VMs. What category does this type of policy fall under?

  • Compute
  • Key Vault
  • Azure Active Directory

Question 17)
You are an Azure administrator responsible for managing cloud resources. You have been tasked with implementing Azure Policy to enforce governance and compliance within your organization. As you review the documentation, you come across a question regarding the main pillars of Azure Policy. What are the three main pillars of Azure Policy? Select all that apply.

  • Remediation
  • Enforcement and compliance
  • Identifying threats
  • Apply polices at scale

Question 18)
What can you use to assign an Azure Blueprint to multiple subscriptions?

  • Resources
  • Azure Policy
  • Management groups
  • Resource groups

Question 19)
True or False: Microsoft Sentinel collects data, detects threats, and investigates using SIEM, and can automate the response using SOAR.

  • True
  • False

Question 20)
True or False: Microsoft Sentinel supports a number of data collection types including vendor connectors but needs an additional VM for CEF and syslog forwarding.

  • True
  • False

Question 21)
True or False: Azure deploys Bastion within an Azure VNet.

  • True
  • False

Question 22)
Microsoft Defender for Cloud provides a secure score by assessing which aspects of cloud environments? Select all that apply.

  • Compliance
  • Event logs
  • Misconfiguration
  • Security vulnerabilities

Question 23)
Microsoft Sentinel collects data and responds to incidents by combining which two system types?

  • SOAR
  • CSPM
  • CWP
  • SIEM

Question 24)
When implementing Azure security best practices, you can ensure data security by using Azure Storage encryption. What three other best practices and services are advised for a secure deployment?

  • Identity and access management using Microsoft Sentinel
  • Monitoring and threat detection using Microsoft Defender for Cloud
  • Network Security using NSGs, firewalls and application gateways
  • Identity and access management using Azure AD

Question 25)
True or False: You can control deployment of certain VM machine sizes by using Azure RBAC.

  • True
  • False

Question 26)
Imagine you are an analyst working with Microsoft Sentinel, a powerful security information and event management (SIEM) solution. As part of your job, you need to understand where the data collected by Microsoft Sentinel is stored. Which of the following options accurately describes where the data is stored?

  • Log analytics workbook
  • Log analytics agent
  • Log analytics playbook
  • Log analytics workspace

Question 27)
Imagine you are using Azure Bastion to access a virtual machine in the Azure cloud. Which of the following protocols would you use for this purpose?

  • VPN
  • HTTPS
  • HTTP
  • RDP/SSH

Question 28)
Imagine you are a cloud architect working on a project that involves Azure Blueprints. You need to assign Azure Blueprints to various resources within your Azure environment. Which of the following options correctly identify the resources to which Azure Blueprints can be assigned? Select all that apply:

  • Subscriptions
  • Management groups
  • Resources
  • Virtual machines

Question 29)
You are working as a cybersecurity analyst at a large organization. As part of your role, you use Microsoft Defender for Cloud to assess the organization’s risk level by identifying vulnerabilities and misconfigurations. What term is used to refer to the score assigned by Microsoft Defender for Cloud?

  • Posture score
  • Compliance score
  • Secure score
  • Risk assessment value

Question 30)
What are the four aspects of Azure security best practices?

  • Identity and access management, network security, monitoring and threat detection, and data security
  • Identity and access management, network security, monitoring and threat detection, and data compliance
  • Identity and access management, network security, monitoring and threat detection, and data automation
  • Identity and access management, network security, monitoring and threat detection, and data response

Question 31)
The three main pillars of Azure Policy include applying policies at scale, and remediation. What is the third one?

  • Enforcement and compliance
  • Identifying threats
  • Posture assessment
  • Data analytics

Module quiz: Microsoft 365 Defender threat protection Quiz Answers

Question 1)
True or False: Microsoft Defender for Endpoint is designed to protect against threats on Windows devices only.

  • True
  • False

Question 2)
What are custom roles in Microsoft 365 Defender used for?

  • For creating new user accounts
  • For assigning specific permissions based on a user’s job role
  • For managing active directory

Question 3)
True or False: Lateral movement paths refer to the techniques used by cyberattackers to move across a network.

  • True
  • False

Question 4)
As the Microsoft 365 Administrator for Sam’s Scoops, Ashton has been researching a Microsoft product that monitors and analyzes user activities and information across the company’s network. This product creates a behavioral baseline for each user, which the product uses to identify user anomalies with adaptive built-in intelligence. What product provides these features?

  • Microsoft Defender for Identity
  • Microsoft Defender for Office 365
  • Microsoft Defender for Endpoint

Question 5)
Threat hunting using Microsoft Defender for Endpoint involves _______ events in your network using a powerful search and query tool.

  • Automatically blocking
  • Proactively inspecting
  • Passively monitoring

Question 6)
Which statement accurately describes Safe Attachments from Microsoft Defender for Office 365?

  • Safe Attachments analyzes messages and attachments using machine learning to detect malicious intent.
  • Safe Attachments provides real-time scanning of Office documents for potential threats.
  • Safe Attachments protects against phishing attacks by inspecting email headers.

Question 7)
What is the primary function of Microsoft Defender’s real-time protection?

  • It continuously monitors and scans files to protect against malware.
  • It performs system updates automatically.
  • It provides data backup for system files.

Question 8)
True or False: Windows 365 is a unified endpoint management solution that simplifies management across various operating systems, cloud, on-premises, mobile, desktop, and virtualized endpoints.

  • True
  • False

Question 9)
Which of the following are features of Microsoft Purview? Select all that apply.

  • Data lineage
  • Predictive analytics
  • Data cataloging
  • Data governance

Question 10)
Which of the following are typical risks that Azure AD Identity Protection can identify? Select all that apply.

  • Sign-ins from anonymous IP addresses
  • Users with malware
  • Impossible travel to typical locations
  • Users with leaked credentials

Question 11)
You are a security manager for a company that uses devices with various operating systems, including Windows, macOS, and Linux. You want to implement a solution to protect these devices from threats. What should you use?

  • Microsoft Defender for Endpoint
  • Microsoft Purview
  • Microsoft Defender for 365

Question 12)
True or False: Custom roles in Microsoft 365 Defender allow users to have specific permissions based on their role.

  • True
  • False

Question 13)
Which of the following best describes lateral movement paths?

  • Methods employed by attackers to move across a network
  • Techniques used by security engineers to prevent lateral movement across a network
  • Strategies implemented by administrators to secure network endpoints

Question 14)
____________ monitors and analyzes user activities and information across a company’s network, creating a behavioral baseline for each user, and uses adaptive built-in intelligence to identify user anomalies.

  • Microsoft Defender for Office 365
  • Microsoft Defender for Identity
  • Microsoft Defender for Endpoint

Question 15)
Imagine you are a cybersecurity analyst responsible for threat detection. Which tool in Microsoft Defender for Endpoint would you use to proactively investigate and search for potential threats?

  • Microsoft Defender for Endpoint’s threat hunting feature
  • Microsoft Defender for Endpoint’s app blocking feature
  • Microsoft Defender for Endpoint’s vulnerability reduction feature

Question 16)
Which of the following features are provided by Safe Attachments from Microsoft Defender for Office 365? Select all that apply.

  • Zero-day protection against unknown malware and viruses
  • Protection against malicious URLs in Office documents
  • Real-time scanning of email attachments
  • Rerouting messages to a special environment for analysis.

Question 17)
What is the primary function of Microsoft Defender’s real-time protection?

  • It provides data backup for system files.
  • It continuously monitors and scans files to protect against malware.
  • It performs system updates automatically.

Question 18)
Which Microsoft service provides a cloud-based unified endpoint management solution that helps to simplify management across various operating systems, cloud, on-premises, mobile, desktop, and virtualized endpoints?

  • Windows Autopilot
  • Configuration Manager
  • Microsoft Intune

Question 19)
Your organization has decided to adopt Microsoft Purview for its data governance needs. You are assigned the task of ensuring that sensitive data, such as credit card numbers and social security numbers, are identified and tagged appropriately. Which of the following features of Microsoft Purview should you primarily leverage to accomplish this task?

  • Data map
  • Data classification
  • Data insights

Question 20)
You are an administrator for an organization that uses Azure AD. You notice suspicious activities on some user accounts. What service in Azure AD can help you identify potential vulnerabilities and suggest remediation actions?

  • Azure AD Privileged Identity Management
  • Microsoft Purview Information Protection
  • Azure AD Identity Protection

Question 21)
What platform(s) does Microsoft Defender for Endpoint protect against threats?

  • macOS only
  • Windows only
  • Windows, macOS, and Linux

Question 22)
Imagine an attacker gains access to a user’s workstation within a corporate network. From there, the attacker explores the network and identifies an unpatched server as a potential target. What is this an example of?

  • Phishing attacks
  • Techniques used by security engineers to prevent lateral movement across a network
  • Social engineering
  • Lateral movement

Question 23)
What is the primary function of Microsoft Purview?

  • It is a cloud computing platform.
  • It is a data governance service.
  • It is a threat hunting service.

Question 24)
As a security administrator, you want to ensure that your team members only have access to the features they need to perform their jobs in Microsoft 365 Defender. What feature would you use to accomplish this?

  • The custom roles feature
  • The role editor feature
  • The account creation feature

Question 25)
How can Microsoft Defender’s real-time protection help secure your system? Select all that apply.

  • It can isolate or remove identified threats.
  • It can create a firewall to block all incoming connections.
  • It can detect malware in real-time.
  • It can scan files downloaded from the Internet.

Question 26)
Which of the following options describes a feature of Microsoft Defender for Endpoint’s threat hunting capabilities?

  • It allows you to proactively inspect events in your network using a powerful search and query tool.
  • It detects and blocks apps that are considered unsafe but may not be detected as malware.
  • It reduces vulnerabilities in your applications with intelligent rules that help stop malware.

Question 27)
You are a system administrator for a medium-sized company that uses various operating systems and has a mix of cloud, on-premises, mobile, desktop, and virtualized endpoints. Which Microsoft service would you use to simplify management across these platforms?

  • Microsoft Intune
  • Configuration Manager
  • Windows Autopilot

Question 28)
You receive an email with an attachment that looks suspicious. You want to ensure it does not contain any malware. What feature of Microsoft Defender for Office 365 can help you in this situation?

  • Safe Attachments
  • Safe Links
  • Microsoft Defender Antivirus

Question 29)
True or False: Azure Active Directory Identity Protection only identifies vulnerabilities but does not suggest any remediation actions.

  • True
  • False

Self-review: Securing virtual machines Quiz Answers

Question 1)
Have you successfully deployed the Service_VM for the IT services provider?

  • Yes
  • No

Question 2)
Have you successfully created a hub network with VNet peering?

  • Yes
  • No

Question 3)
Have you successfully deployed an Azure Standard firewall ready to protect the network?

  • Yes
  • No

Question 4)
You have a web application hosted on Azure and want to restrict inbound access to the application from specific IP addresses. Which feature of the Azure Standard Firewall can help you achieve this?

  • Network address translation (NAT)
  • Custom application rules.
  • Load balancing rules
  • Network rules

Question 5)
Have you successfully configured just-in-time access on the Services_VM?

  • Yes
  • No

Question 6)
Have you successfully configured and deployed Azure Bastion?

  • Yes
  • No

Question 7)
Which of the following protocols are supported by Azure Bastion for remote access? Select all that apply.

  • RDP (Remote Desktop Protocol)
  • SSH (Secure Shell)
  • HTTP (Hypertext Transfer Protocol).
  • FTP (File Transfer Protocol)

Question 8)
Were you able to remotely connect the Services_VM using Azure Bastion and JIT access?

  • Yes
  • No

Question 9)
Have you successfully deployed Microsoft Sentinel?

  • Yes
  • No

Question 10)
What does Microsoft Sentinel primarily help organizations with?

  • Detecting and responding to security threats
  • Managing customer relationships
  • Analyzing financial data

Question 11)
What is the name of the instance used for Azure Bastion configuration in Step 5?

  • Services_Bastion
  • SecureBastion
  • AccessBastion
  • BastionVM

Question 12)
What is the purpose of creating a hub network with VNet peering in Step 2 of the exercise?

  • To establish a connection to the public internet
  • To enable communication between virtual networks for enhanced security
  • To provide remote access to virtual machines
  • To deploy an Azure Standard Firewall

Question 13)
What is the purpose of deploying the Azure Standard Firewall in Step 3 of the exercise?

  • To manage JIT (just-in-time) access
  • To provide remote desktop access
  • To monitor the testing environment
  • To protect and secure the network

Question 14)
In Step 7, what type of workspace is created when implementing Microsoft Sentinel?

  • Azure Sentinel Workspace
  • Log Analytics Workspace
  • Application Insights Workspace
  • Logic App Workspace

Question 15)
What is the main purpose of enabling just-in-time (JIT) access on the Services_VM in Step 4 of the exercise?

  • To enhance security by controlling and limiting remote access to the virtual machine
  • To restrict remote access and only allow access during specified times
  • To automatically deploy security updates to the virtual machine
  • To allow unlimited and unrestricted access to the virtual machine

Course Quiz: Cybersecurity solutions and Microsoft Defender Quiz Answers

Question 1)
True or False: Azure’s built-in security measures include a feature called Microsoft Defender for Cloud that provides unified security management and advanced threat protection.

  • True
  • False

Question 2)
You are a network administrator and your company’s website has been experiencing frequent DDoS attacks. You decide to implement DDoS IP Protection. Which of the following outcomes can you expect?

  • The website will never experience a DDoS attack again.
  • The website will be immune to all types of cyberattacks.
  • The risk and impact of DDoS attacks on the website will be significantly reduced.

Question 3)
Which Microsoft 365 feature leverages machine learning algorithms and anomaly detection techniques to detect suspicious activities and potential threats within an organization’s identity infrastructure?

  • Azure AD Privileged Identity Management
  • Azure AD Identity Governance
  • Azure AD Identity Protection

Question 4)
Which of the following are functionalities of the Azure Firewall? Select all that apply.

  • To provide data encryption services
  • To provide outbound and inbound filtering rules
  • To provide fully stateful firewall as a service
  • To provide virtual machine hosting

Question 5)
You are a network administrator and you want to control outbound access to a specific FQDN on Azure Firewall. Which component of Azure Firewall would you use?

  • Application rule collection
  • Intrusion detection system
  • Network rule collection
  • Threat intelligence-based filtering

Question 6)
You are a system administrator and you want to limit the exposure of your resources to attacks by providing access only when needed. Which feature of Microsoft Azure would you use?

  • Microsoft Defender for Cloud
  • Azure Active Directory
  • Azure Bastion
  • Just-in-time access

Question 7)
You are a cloud administrator for a company that handles sensitive customer data. The company is considering moving its data to Microsoft Azure. What would be a key benefit of using encryption in this scenario?

  • The company could process data more quickly.
  • The company’s data would be better protected against unauthorized access.
  • The company could store more data in Azure.
  • The company would no longer need to back up its data.

Question 8)
Which encryption protocol does Microsoft Azure primarily use for data in transit?

  • Internet protocol security (IPSec)
  • Hypertext transfer protocol secure (HTTPS)
  • Hash-based encryption
  • Transport layer security (TLS) encryption

Question 9)
Which of the following are best practices for managing data at rest in Microsoft Azure? Select all that apply.

  • Use Azure Disk Encryption for virtual machine disks
  • Use the same encryption keys for all data and services to maintain uniformity.
  • Enable Azure Storage Service Encryption.
  • Disable automatic system updates to prevent potential compatibility issues with existing security configurations.

Question 10)
Which of the following are benefits of using BitLocker in Microsoft Azure? Select all that apply.

  • Reduced disk performance
  • Real-time data replication
  • Enhanced data security
  • Centralized key management

Question 11)
Which of the following reasons highlight the importance of cloud security in Microsoft Azure? Select all that apply.

  • Reduced hardware maintenance
  • Protection against data loss and corruption
  • Compliance with regulatory requirements
  • Improved application performance

Question 12)
Which of the following is a feature of Azure Network Security Groups (NSGs)?

  • Monitoring network traffic
  • Load balancing network traffic
  • Managing virtual machine resources
  • Enforcing access control policies

Question 13)
Which of the following are required for Azure Bastion deployment? Select all that apply.

  • Azure Active Directory
  • AzureBastionSubnet
  • Public IP address
  • Virtual network

Question 14)
What is one of the primary functions of Microsoft Defender for Cloud?

  • Microsoft Defender for Cloud serves as a primary storage solution for cloud data.
  • Microsoft Defender for Cloud manages customer relations and tracks sales activities.
  • Microsoft Defender for Cloud provides threat protection across hybrid cloud workloads..
  • Microsoft Defender for Cloud controls authorization policies.

Question 15)
Which Azure service can be used to enforce organizational standards and to assess compliance at scale across your Azure resources?

  • Azure Firewall
  • Azure Bastion
  • Azure Policy

Question 16)
In Azure Policy, what does a custom policy definition allow you to do?

  • It offers capabilities to customize the Azure dashboard.
  • It enables you to manage storage account keys.
  • It allows you to enforce and evaluate your organization’s compliance.
  • It enables you to create predefined virtual machine sizes.

Question 17)
Which of the following artifacts can be included in an Azure Blueprint? Select all that apply.

  • Azure Policy assignments
  • Virtual machines
  • Resource groups
  • Role assignments

Question 18)
You are a security analyst and you notice a sudden spike in login attempts on your network. Which SIEM functionality would help you determine whether this activity is malicious or benign?

  • Event correlation
  • Log management
  • Compliance reporting

Question 19)
Which of the following best describes the primary function of Microsoft Sentinel?

  • To allow secure remote access
  • To manage and monitor network traffic
  • To collect, detect, investigate, and respond to security threats
  • To serve as a database management system

Question 20)
What is the primary goal of a SOAR system?

  • To eliminate all cybersecurity threats
  • To improve the efficiency and effectiveness of security operations
  • To predict future cybersecurity threats.
  • To replace all cybersecurity staff

Question 21)
What is the primary purpose of data connectors in Microsoft Sentinel?

  • To gather and ingest data from different sources
  • To generate security alerts
  • To visualize security data
  • To manage user access permissions

Question 22)
Which of the following are functionalities offered by the Microsoft 365 Defender portal? Select all that apply.

  • Threat and vulnerability management
  • Virus protection
  • Incident management
  • Automatic investigation and response

Question 23)
John, a security analyst, noticed a set of alerts that appear to be related to a single attack campaign. He wants to investigate them together. What should he do in Microsoft 365 Defender?

  • Assign the alerts to different team members.
  • Create an incident.
  • Change the status of the alerts.
  • Delete the unrelated alerts.

Question 24)
True or false: Microsoft Defender for Office 365 only provides threat protection for Outlook.

  • True
  • False

Question 26)
You’ve noticed some suspicious activity on your company’s network. You suspect a potential threat actor is attempting to compromise identities within your organization. Which tool from Microsoft would be most appropriate to help investigate and respond to this situation?

  • Azure Active Directory
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender Office 365

Question 27)
What are the main capabilities of Microsoft’s next-gen antivirus and endpoint response solution? Select all that apply.

  • Log collection
  • Threat intelligence
  • Post-breach detection
  • Remediation actions

Question 28)
True or false: Microsoft Endpoint Encryption supports full disk encryption.

  • True
  • False

Question 29)
True or false: Microsoft Intune can manage both mobile devices and desktop computers.

  • True
  • False

Question 30)
Which of the following are features of Microsoft Purview? Select all that apply.

  • Data cataloging
  • Automated data discovery
  • Sensitive data identification
  • Data encryption

Question 31)
Which of the following are built-in security measures in Azure? Select all that apply.

  • Azure Security Guard
  • Azure DDoS protection
  • Microsoft Defender for Cloud
  • Azure Active Directory

Question 32)
True or False: DDoS IP Protection can completely eliminate the risk of a DDoS attack.

  • True
  • False

Question 33)
True or False: Azure Firewall is a cloud-based network security service that provides intrusion detection and prevention capabilities.

  • True
  • False

Question 34)
Which of the following are benefits of using just-in-time access in Microsoft Azure? Select all that apply.

  • Allows for easy configuration of access policies
  • Reduces the attack surface by enabling access to resources only when needed
  • Provides permanent access to resources
  • Provides audit logs for requests and approvals

Question 35)
You are a cloud administrator for a company that handles sensitive customer data. The company is considering moving its data to Microsoft Azure. What would be a key benefit of using encryption in this scenario?

  • The company’s data would be better protected against unauthorized access.
  • The company could process data more quickly.
  • The company would no longer need to back up its data.
  • The company could store more data in Azure.

Question 36)
Which of the following are features of Microsoft Azure data in transit encryption? Select all that apply.

  • Hypertext Transfer Protocol (HTTP)
  • Secure Sockets Layer (SSL) certificate
  • End-to-end encryption
  • Public key encryption

Question 37)
Which of the following is a best practice for data at rest protection in Microsoft Azure?

  • Storing sensitive data in plain text
  • Storing encryption keys in the same location as the encrypted data
  • Implementing disk-level encryption
  • Disabling access controls for data at rest

Question 38)
You are an administrator in a Microsoft Azure environment and need to secure sensitive data stored on virtual machines. Which feature can you use to encrypt the virtual machine disks?

  • Microsoft Sentinel
  • BitLocker
  • Microsoft Defender for Cloud
  • Azure Key Vault

Question 39)
A company is considering migrating its sensitive customer data to Microsoft Azure. Why is cloud security important in this scenario?

  • To reduce operational costs
  • To improve application performance
  • To protect customer data from unauthorized access and breaches
  • To enhance collaboration and teamwork

Question 40)
You have a virtual machine “VM1” in a subnet “Subnet1” within a virtual network “VNet1”. You want to connect to “VM1” using Azure Bastion. Which of the following steps would you need to undertake to achieve this?

  • Assign a public IP address to “VM1” and connect using Azure Bastion.
  • Deploy Azure Bastion in “VNet1” and assign it a public IP address.
  • Deploy Azure Bastion in a different virtual network and connect the networks using VNet peering.

Question 41)
How does Microsoft Defender for Cloud aid in maintaining compliance with organizational policies and regulations?

  • It provides compliance assessment and recommendations to meet industry standards.
  • It automatically changes organizational policies to align with detected security threats.
  • It acts as a database for storing all organizational policies and regulations.

Question 42)
You are an Azure administrator and want to ensure all your virtual machines have the latest patches installed. What Azure service would you use to enforce this?

  • Azure Policy
  • Azure Firewall
  • Azure Bastion

Question 43)
In Azure Policy, what does a custom policy definition allow you to do?

  • It allows you to enforce and evaluate your organization’s compliance.
  • It enables you to create predefined virtual machine sizes.
  • It offers capabilities to customize the Azure dashboard.
  • It enables you to manage storage account keys.

Question 44)
Which Azure service provides a declarative way to orchestrate the deployment of various resource templates and other artifacts?

  • Azure Bastion
  • Azure Blueprints
  • Azure Policy

Question 45)
In a SIEM system, what does the acronym SIEM stand for?

  • Security information and event management
  • Secure interconnection of electronic machines
  • Secure information exchange method
  • Security information exchange model

Question 46)
You’re a security analyst and you want to collect data from all your organization’s applications, including both Microsoft and non-Microsoft products, to analyze for potential security threats. Which feature of Microsoft Sentinel will enable this functionality?

  • Data endpoints
  • Data connectors
  • Databases
  • Data sources

Question 47)
What are the main components of SOAR? Select all that apply.

  • Response
  • Orchestration
  • Automation
  • Synchronization.

Question 48)
You are a security analyst and you want to analyze logs from a third-party cloud service. What would you most likely use in Microsoft Sentinel?

  • Data connector
  • FTP
  • API
  • Data source

Question 49)
True or false: The Microsoft 365 Defender portal only protects against threats related to emails.

  • True
  • False

Question 50)
Which of the following information is not included in the Microsoft 365 Defender incident page?

  • Involved entities
  • Investigation graph
  • Related alerts
  • Network traffic statistics

Question 51)
A user has received a potential phishing email in their Office 365 account. What steps would Microsoft Defender take to protect the user?

  • Microsoft Defender will scan the email for potential threats and warn the user if any are detected.
  • Microsoft Defender will send the email to the user’s spam folder.
  • Microsoft Defender will ignore the email until the user opens it.
  • Microsoft Defender will automatically delete the email.

Question 52)
Your organization just faced a sophisticated cyber attack. You suspect that some devices might be compromised. Which feature of Microsoft Defender for Endpoint would you primarily use to investigate and respond to this situation?

  • Incident graph
  • Alerts
  • Secure score
  • Safe attachments

Question 53)
True or false: Microsoft Defender for Identity is designed to identify, detect, and investigate advanced threats, compromised identities, and malicious actions across your Microsoft 365 environment.

  • True
  • False

Question 54)
A potential security breach has been detected in your organization’s system. You are using Microsoft’s next gen antivirus and endpoint response solution. What should be your immediate course of action?

  • Shut down the entire system.
  • Ignore the alert if it is just a potential breach.
  • Uninstall the antivirus solution
  • Investigate the alert using the tools provided by the solution.

Question 55)
True or false: Microsoft Endpoint Encryption supports full disk encryption.

  • True
  • False

Question 56)
John is an IT administrator at a company with many employees who use a number of different devices and he needs a cloud service to manage these devices. Which Microsoft service could help?

  • Microsoft Intune
  • Microsoft CoPilot
  • Configuration manager

Question 57)
True or false: Microsoft Purview allows an organization to create a unified data map.

  • True
  • False

Question 58)
Which of the following are benefits of using encryption in Microsoft Azure? Select all that apply.

  • It helps meet compliance requirements.
  • It enhances data security.
  • It reduces the need for data backup.
  • It decreases data storage capacity.

Question 59)
True or False: Network Security Groups (NSGs) in Azure provide inbound and outbound traffic filtering at the network interface level.

  • True
  • False

Question 60)
True or False: Microsoft Defender for Cloud is only compatible with Microsoft Azure.

  • True
  • False

Question 61)
You are asked to design a system where identical environments are deployed multiple times for different teams. Which service would be most appropriate for this?

  • JIT
  • Microsoft Sentinel
  • Azure Bastion
  • Azure Blueprints

Question 62)
You are a cybersecurity analyst at a medium-sized company. Your team is considering implementing a SOAR system. What benefits can you expect? Select all that apply.

  • Complete elimination of all cybersecurity threats
  • Increased the speed of threat detection
  • Enhanced response to threats
  • Reduced the need for new security staff

Question 63)
You are a security administrator and need to investigate a potential threat detected in your Microsoft 365 environment. Which tool within Microsoft 365 Defender portal would you most likely use?

  • Advanced hunting
  • Secure score
  • Compliance manager
  • Security policy advisor

Question 64)
Which of the following features is not included in Microsoft Defender for Office 365?

  • Safe links protection
  • Anti-phishing capabilities
  • Email calendar protection
  • Automated investigation and response capabilities

Question 65)
What does Microsoft Endpoint Encryption primarily protect against?

  • Software bugs
  • Unauthorized access to data
  • DDoS attacks
  • Network intrusions

Question 66)
You are a security administrator for Sam’s Scoops. You need to ensure that only authorized users can access the company’s Azure resources. Which built-in Azure security measure should you use?

  • Azure Firewall
  • Azure Active Directory
  • Azure DDoS protection

Question 67)
Which Microsoft 365 feature helps mitigate the risks associated with privileged identities by enforcing the principle of least privilege and providing just-in-time access?

  • Azure AD Privileged Identity Management.
  • Azure AD Identity Governance
  • Azure AD Identity Protection

Question 68)
Which of the following types of resources can Azure Policy audit for compliance?

  • Only compute resources like virtual machines
  • Only storage resources like storage accounts
  • Only network resources like virtual networks
  • All types of resources in Azure

Question 69)
What feature of Microsoft Defender for Endpoint helps identify, investigate, and respond to advanced threats, compromised identities, and malicious actions across an organization?

  • Basic Firewall protection
  • Email filtering
  • Operating system update
  • Advanced threat protection

Question 70)
Which threat protection feature does Microsoft’s next-gen antivirus and endpoint response solution provide?

  • Real-time threat detection
  • Endpoint power management
  • Remote desktop access

Question 71)
As an IT administrator, you need to secure sensitive data on company laptops that could be lost or stolen. Which Microsoft solution would you use?

  • Microsoft Defender Antivirus.
  • Microsoft Defender for Endpoint
  • Microsoft Endpoint Encryption

Question 72)
What type of service is Microsoft Intune?

  • Platform as a Service (PaaS)
  • On-premise device management service
  • Infrastructure as a Service (IaaS)
  • Mobile device management cloud service

Question 73)
Which of the following are benefits of implementing DDoS IP Protection? Select all that apply.

  • Minimized downtime during a DDoS attack
  • Improved network performance
  • Reduced risk of DDoS attacks
  • Complete prevention of DDoS attacks

Question 74)
Which of the following is not a component of Azure Firewall?

  • Threat intelligence-based filtering
  • Application rule collection
  • Unlimited scalability

Question 75)
True or False: Cloud security measures in Microsoft Azure are only relevant for large enterprises.

  • True
  • False

Question 76)
True or False: Azure Bastion requires a dedicated subnet named “AzureBastionSubnet” in order to be deployed.

  • True
  • False

Question 77)
True or False: Encryption in Microsoft Azure does not provide any benefits in terms of data security.

  • True
  • False

Question 78)
Imagine a scenario where a company wants to securely store sensitive customer data in Microsoft Azure. Which of the following actions should they take to ensure the security of data at rest?

  • Storing the data in plain text format without any encryption
  • Storing the data in a publicly accessible container
  • Sharing data access credentials with multiple employees
  • Implementing data encryption using Azure Key Vault

Question 79)
Which of the following is a key feature of BitLocker in Microsoft Azure?

  • Virtual machine management
  • Disk encryption
  • Network monitoring
  • Data backup

Question 80)
You have an Azure virtual network with multiple subnets. You want to allow inbound traffic from the internet to a specific subnet for a web application. Which Azure service should you use to achieve this?

  • Azure Peering
  • Azure Network Security Group (NSG)
  • Azure Firewall
  • Azure Active Directory

Question 81)
You are required to ensure that all the virtual machines in your Azure subscription have threat detection enabled. Which of the following actions should you take?

  • Use Azure Policy’s built-in policies.
  • Implement Defender for Cloud.
  • Create a custom policy definition.

Question 82)
Which of the following actions can be performed on alerts in Microsoft 365 Defender? Select all that apply.

  • Add comments to the alert.
  • Delete the alert.
  • Assign the alert to a team member.
  • Change the status of the alert.

Question 83)
You are a network administrator and you need to monitor and control network traffic to and from your Azure resources. Which Azure service would you use?

  • Microsoft 365 Defender
  • Microsoft Sentinel
  • Azure Active Directory
  • Azure Firewall

Question 84)
Which of the following are common use cases for SIEM systems? Select all that apply.

  • Incident response
  • Compliance reporting
  • Network performance monitoring
  • Threat detection

Question 85)
True or false: Microsoft Sentinel data connectors can only ingest data from Microsoft products.

  • True
  • False

Question 86)
Microsoft Defender for Identity is part of which broader Microsoft security solution?

  • Azure Active Directory
  • Microsoft Defender
  • Microsoft Sentinel
  • Microsoft 365 Defender

Question 87)
True or False: Azure Firewall supports both network and application level filtering.

  • True
  • False

Question 88)
What are some of the capabilities of Microsoft Defender for Endpoint? Select all that apply.

  • Attack surface reduction
  • Automated investigation and response
  • Threat and vulnerability management
  • Secure remote access

Question 89)
As a data engineer in a large corporation, you want to automate classification of a variety of data across different stores. Which Microsoft service would you likely use?

  • Microsoft Sentinel
  • Microsoft 365 Defender
  • JIT
  • Microsoft Purview

Question 90)
You are configuring data in transit encryption for Microsoft Azure. Which components can you encrypt using Azure Transport Layer Security (TLS)?

  • Data at rest
  • User access credentials
  • Network traffic between Azure virtual machines

Question 91)
Which Microsoft 365 feature provides insights into potential vulnerabilities in an organization’s identity infrastructure and prompts additional authentication methods for risky sign-ins?

  • Azure AD Privileged Identity Management.
  • Azure AD Identity Governance
  • Azure AD Identity Protection

Question 92)
What is the primary purpose of just-in-time access in Microsoft Azure?

  • To provide access to all resources at all times
  • To limit exposure to attacks by providing access to resources only when needed
  • To provide permanent access to resources

You might also likeCybersecurity Identity and Access Solutions using Azure AD Quiz Answers + Review

My Review:

I recently completed the Cybersecurity Solutions and Microsoft Defender course on Coursera, part of the Microsoft Cybersecurity Analyst Professional Certificate. This 4-module course dives into real-world cybersecurity challenges and the Microsoft tools designed to solve them. It covers essential protection strategies against DDoS attacks, firewall breaches, phishing, and unauthorized access.

The course also introduces key tools like Microsoft Defender for Cloud, SIEM (Security Information and Event Management), and SOAR (Security Orchestration, Automation, and Response)—all vital for building a strong, proactive defense system. I found the breakdown of Azure security features and compliance standards particularly useful.

It’s beginner-friendly yet detailed enough to prepare learners for the Microsoft SC-900 certification. Overall, it’s a practical, hands-on course that helps you understand how Microsoft Defender tools work together to strengthen organizational security.

Category: Coursera Hub

Leave a Reply

Your email address will not be published. Required fields are marked *