Cybersecurity Identity and Access Solutions using Azure AD Coursera Quiz Answers
In this article i am gone to share Cybersecurity Identity and Access Solutions using Azure AD Coursera Quiz Answers with you..
Cybersecurity Identity and Access Solutions using Azure AD Coursera Quiz Answers
WEEK 1 QUIZ ANSWERS
Knowledge check: Azure Active Directory
Which of the following is a benefit of using Active Directory in an on-premises environment?
- Easy integration with cloud-based services.
- Centralized user and computer management.
- Backup and disaster recovery plans are not needed.
Complete the following sentence. When Migrating from AD to AAD, it is important to carefully plan and execute a migration strategy that examines the unique needs of the organization with important considerations such as ___________________?
- providing access to a wide range of online services.
- simplifying the management of users, groups, and devices.
- security policies, access controls, and impact on end-users and IT staff.
Sam’s Scoops uses tablets as point-of-sale devices at their shops. These are connected to the company network and contain custom apps that employees use to take customer orders. Which Microsoft tool would enable the management of these devices, such as enforcing password policies and verifying compliance?
- AD Intune
- AD Connect Health
- AD Connect
True or False: Azure Portal is a web-based interface used to reference Azure resources and services.
Which of the following are phases of the organizational lifecycle for users? Select all that apply.
- Role Change
Knowledge check: Azure Active Directory and editions
What is a resource group in Azure?
- A container for managing and monitoring Azure resources.
- A directory that contains multiple tenants for organizing your resources.
- An Azure account that acts as the root of your infrastructure.
- A list of users who have been approved to access certain resources.
Which AAD edition includes risk investigation management as a feature?
- 365 Apps Edition
- AAD Premium P2 Edition
- AAD Premium P1 Edition
- AAD Free Edition
Imagine a large company that needs the most advanced security capabilities. For example, the company wants risk-based Conditional Access, which denies access when a high-risk behavior is detected. Which of the following Azure editions would best meet the needs of this business?
- Azure Premium P1
- Azure Free
- Azure App 365 Edition
- Azure Premium P2
True or False: Conditional Access policies are available with the Free AAD edition.
Which of the following are reasons to sign up for a more advanced AAD edition? Select all that apply.
- A better customer support experience.
- Greater security features.
- Better management of devices.
- Greater storage capabilities.
Knowledge check: Azure Active Directory identity types
A developer wants an application to connect to Azure resources that support Azure AD authentication without having to manage any credentials. Which option best describes the identity type of this application?
- User identity
- Hybrid identity
- Service principal
- Managed Identity
You would like to link your organization with an external one so that you can access each other’s resources and collaborate more efficiently. Both parties use Azure AD. Which of the following services would you use to accomplish this?
- B2B direct connect
- Azure AD B2C
- B2B collaboration
- Azure AD multi-tenant organization
Which of the following are benefits of applying identity scope to a role in AAD? Select all that apply.
- Identity scope lowers costs.
- Identity scope provides easier resource access.
- Identity scope simplifies management.
- Identity scope provides better security.
True or False: Identity granted to access a network using AAD can only be assigned to a human user.
Which of the following is an identity provider?
Visit this link: Module quiz: Identity services Quiz Answers
WEEK 2 QUIZ ANSWERS
Knowledge check: Active Directory authentication
Complete the following sentence. Single sign-on is the practice of___________.
- Limiting the number of people signed into a system at any one time.
- Configuring a system so multiple systems and applications can be accessed with one authorization step.
- Configuring a system so that a user has to sign out of one device before accessing another.
What are the advantages of maintaining an on-premises Active Directory (AD) in conjunction with a cloud-based one? Select all that apply.
- Reduced flexibility in adopting cloud-based solutions.
- Feedback Not quite. AD can be incorporated into AAD giving greater coverage to integrate cloud-based solutions.
- A lower cost when compared to maintaining just one AD.
- Enhanced scalability for user authentication.
- Enhanced security and reduced risk of data breaches.
Which of the following services best enables users the authentication to access multiple systems using a single set of credentials through a convenient and protected process?
- Active Directory Federation Services
- Azure AD Hash Synchronization
- Azure AD Pass Through
Which of the following are examples of biometric features? Select all that apply.
- Facial recognition
The top priority for your organization is to have a backup option available for their directory in case the system goes down, so that the impact on productivity is minimal. Knowing this, which type of directory would best suit your organization?
- Both types of directories.
- An on-premises directory.
- A cloud-based directory.
Knowledge check: Multi-factor authentication
Imagine a shop that needs to secure its network-connected cash registers while maintaining easy access for employees at busy times. When choosing an authentication method in this case, which of the following considerations would be most important?
- The cost of implementing MFA.
- The popularity of the method.
- The balance between security and usability.
After entering the password for your account, you are prompted to check the Microsoft Authenticator app on your device to verify the login attempt. Which MFA factor is represented by this prompt?
- Something you have
- Something you are
- Something you know
Complete the following sentence. ____________ is a cloud-based service that uses Machine Learning and data analytics to monitor usage patterns and raise a flag if something deviates from the expected pattern.
- Conditional Access
- Strong protection
- Azure Identity Protection
True or False: Accessing a company network from outside the company will always trigger an MFA.
Which of the following statements about multi-factor authentication are correct? Select all that apply.
- MFA enhances security by requiring users to provide multiple means of verification.
- Administrators can configure who is subject to MFA.
- MFA is a security feature requiring multiple authentication passwords.
- MFA eliminates the need for passwords.
Knowledge check: Password protection and resetting
Your organization has implemented a hybrid Active Directory environment and wants to ensure that when a user updates their account password within the cloud-based directory, the change is also reflected in the on-premises directory. Which tool should be used to do this?
- Azure AD Connect Cloud Sync
- Azure Active Directory Risk Protection
- Azure Active Directory Domain Services
Which of the following scenarios outline when a Global Administrator is restricted from resetting a password?
- When SSPR has not been configured.
- When SSPR has been configured, but the Global Administrator has not been included in the authorized list.
- A Global Administrator is never restricted.
Complete the following sentence. Despite SSPR being enabled, the user still can’t access password reset because _____________.
- of Identity Protection.
- the user has entered a password with insufficient strength.
- the individual is excluded from SSPR.
True or False: A secret question can be used as a form of user authentication when accessing a system.
What is Microsoft’s minimum recommended password length?
- 6 characters
- 8 characters
- 10 characters
Visit this link: Module quiz: Active directory authentication Quiz Answers
WEEK 3 QUIZ ANSWERS
Knowledge check: Conditional Access
You have created a new Conditional Access policy and would like to define the signals that are considered when making policy decisions. Which signals can you configure for this? Select all that apply.
- Application-specific triggers
- User or group membership
- Network infrastructure
- Web browser
What is the purpose of Conditional Access templates in Azure AD?
- Conditional Access templates allow users to be productive wherever and whenever.
- Conditional Access templates enable real-time sign-in risk detection.
- Conditional Access templates protect the organization’s assets.
- Conditional Access templates provide preconfigured policies aligned with Microsoft’s recommendations.
Which scenarios are categories in which Conditional Access policy templates are filtered? Select all that apply.
- Secure foundation
- Zero Trust
- Data classification
- Remote work
True or False: The Report-only option for enabling Conditional Access policies gathers insights and assesses the potential impact of the policy without enforcing it.
What is the purpose of the Off option for enabling Conditional Access policies?
- The Off option temporarily suspends a policy without deleting it.
- The Off option applies the policy to specific users or groups.
- The Off option enforces the access control rules defined within the policy.
What is the purpose of user risk evaluation in Conditional Access?
- User risk evaluation enforces policies based on specific applications.
- User risk evaluation enables real-time sign-in risk detection.
- User risk evaluation determines the probability of a compromised identity or account.
- User risk evaluation creates policies based on IP address ranges.
Knowledge check: Roles and role-based access
Which of the following statements are true about role-based access control (RBAC) in Azure AD? Select all that apply.
- RBAC allows the head administrator to grant granular permissions to other administrators while adhering to the principle of least privilege.
- RBAC allows administrators to assign roles to roles that determine access to resources, without the need for additional authentication.
- Azure AD features built-in roles with pre-defined permissions, and custom roles that allow you to set permissions manually.
- RBAC uses machine learning to evaluate user roles and set their access accordingly.
As an administrator, you would like to create a role called ‘Shift Leads’ and give it the permissions to access an employee scheduling application. This role would then be assigned to all Shift Leads working for Sam’s Scoops, granting them access without the need for further configuration. Which feature would enable you to do this?
- Azure role-based access control (RBAC).
- Azure AD B2C for customer identity and access management.
- Azure AD Conditional Access.
- Single sign-on (SSO) for cloud applications.
What is the purpose of assigning custom roles in Azure RBAC?
- To automate resource provisioning in Azure.
- To define granular permissions tailored to unique business needs.
- To monitor network traffic patterns in real-time.
- To enforce data encryption for Azure virtual machines.
At which scopes can role assignments be made in Azure RBAC?
- Virtual network level, storage account level, and database level.
- Region level, availability set level, and virtual machine scale set level.
- Management group level, Azure AD level, and service principal level.
- Subscription level, resource group level, and individual resource level.
Which of the following statements best describes the role of the Global Administrator in Azure RBAC?
- The Global Administrator manages user accounts and access to Azure resources.
- The Global Administrator is responsible for monitoring and managing security settings.
- The Global Administrator has full access and control over all Microsoft 365 resources and services.
- The Global Administrator is responsible for managing virtual networks and network security groups.
Knowledge check: Identity governance
True or False: Sam’s Scoops can use Azure Identity Protection tools, such as risk evaluation, sign-in risk analysis, and threat intelligence to detect and respond to threats, covering all locations.
Sam’s Scoops uses security features such as Azure AD Conditional Access and multi-factor authentications to better secure access to sensitive resources. However, Sam has heard that the practice of “treating identity as the primary security perimeter” would provide attention protection. Which of the following is a benefit of this approach?
- Treating identity as the primary security perimeter decreases visibility and control over user accounts and activities.
- Treating identity as the primary security perimeter improves compliance with industry regulations.
- Treating identity as the primary security perimeter guarantees the safety of your organization’s resources and data.
- Treating identity as the primary security perimeter increases the attack surface for organizations.
Which of the following are recommended strategies for treating identity as the primary security perimeter? Select all that apply.
- Turn on Conditional Access.
- Enable single sign-on.
- Enable a single authentication method that is applied consistently.
- Use legacy authentication protocols.
Complete the following sentence. Azure AD provides a numerical score to objectively measure your security posture through the ________________ feature.
- Azure AD Secure Score
- Identity Secure Score
- Risk Evaluation
- Compliance Assessment
True or False: Microsoft offers features to protect access to applications represented by workload identities and to protect access to resources from workload identities.
Knowledge check: Privileged Identity Management and protection
Which type of assignment in Azure AD Privileged Identity Management allows users to use a privileged role for a specified start and end date?
- Time-bound eligible
- Permanent active
- Permanent eligible
- Time-bound active
Which license is required to use Azure AD Privileged Identity Management?
- Office 365 Free
- Azure AD Free
- Azure AD Premium P1
- Azure AD Premium P2
Which roles are required to manage assignments for other administrators in Azure AD Privileged Identity Management? Select all that apply.
- Privileged Role Administrator
- Global Reader
- Global Administrator
- Security Reader
Your organization hasn’t manually updated roles in quite some time, despite many recent staff changes. The lead administrator wants to review the access provided by specific roles, to determine what needs to be changed. Which feature of Azure AD Privileged Identity Management can be used to do this?
- Time-bound access
- Multi-factor authentication
- Role activation approval
- Access reviews
Which types of resources can be managed using Azure AD Privileged Identity Management?
- Only Azure AD roles
- Azure AD roles and Azure roles
- Only Azure resource groups
- Only Azure roles
WEEK 4 QUIZ ANSWERS
Visit this link: Self-review: Configure identity and access policies Quiz Answers
Visit this link: Course quiz: Identity and access solutions Quiz Answers