Coursera Answers

Microsoft SC-900 Exam Preparation and Practice Coursera Quiz Answers

by Niyander

In this article i am gone to share Coursera Course: Microsoft SC-900 Exam Preparation and Practice All Weeks Quiz Answers with you..

Enrol Link:  Microsoft SC-900 Exam Preparation and Practice

Microsoft SC-900 Exam Preparation and Practice Coursera Quiz Answers

 

WEEK 1 QUIZ ANSWERS

Knowledge check: Security and compliance concepts Quiz Answer

Question 1)
Which industry-specific regulation applies to the financial industry?

  • NIST cybersecurity framework
  • Sarbanes-Oxley Act (SOX)
  • General Data Protection Regulation (GDPR)

Question 2)
Which regulations relate to data sovereignty? Select all that apply.

  • General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • California Consumer Privacy Act (CCPA)
  • Payment Card Industry Data Security Standard (PCI DSS)

Question 3)
In Infrastructure as a Service (IaaS), which of the following responsibilities is typically handled by the cloud customer?

  • Maintaining the physical hardware.
  • Configuring the network.
  • Ensuring compliance with industry standards.

Question 4)
___________________ is the process of planning and implementing strategies to ensure the continuous operation of critical business functions during an unforeseen incident and the rapid recovery post-event.

  • Business continuity management (BCM)
  • Configuring regional data centers
  • Recovery point objective (RPO)

Question 5)
Which encryption approach requires a cipher known by both parties to encrypt and decrypt data?

  • Data encryption standard (DES)
  • Symmetric encryption
  • Asymmetric encryption

 

Knowledge Check: Identity concepts Quiz Answer

Question 1
Which factors reduce the effectiveness of a traditional on-premises Active Directory? Select all that apply.

  • Company workstations
  • SaaS applications
  • Working from home
  • Authentication

Question 2
Azure AD can be configured to determine the security posture for Azure AD Domain Services (AAD DS) through the use of _______________.

  • Active Directory
  • Group Policy
  • Firewall

Question 3
What is the main purpose of authentication in cybersecurity?

  • Monitoring and auditing system activities
  • Establishing the identity of an entity before granting access to a system
  • Protecting sensitive data with encryption

Question 4
Which of the following concepts involves giving a user or entity the minimum amount of access?

  • Zero-trust access
  • Conditional access
  • Least privileged access

Question 5
Which of the following is a protocol used to configure business-to-customer (B2C)?

  • Line-of-business (LOB)
  • Security Assertion Markup Language (SAML)
  • Single sign-on (SSO)

Question 6)
What is the purpose of scoping an identity in Azure AD?

  • Providing multi-factor authentication (MFA).
  • Assigning administrative roles.
  • Enforcing security by reducing access.

 

Study checkpoint: Concepts of security, compliance and identity Quiz Answer

A new tech startup has recently adopted Microsoft 365 applications for their employees, enabling seamless collaboration and productivity. It is considering the shared responsibility model to ensure comprehensive data protection in line with its security strategy. As the security analyst at Dazzling Darling Dungarees Inc., you are tasked with understanding the responsibilities concerning accounts and identities.

Question 1
In the context of the shared responsibility model and Microsoft 365 deployment, who is responsible for managing the accounts and identities of the tech startup’s employees?

  • Shared responsibility between the organization and Microsoft.
  • The organization itself.
  • Microsoft, the SaaS provider.

A leading encryption solutions provider has been hired by a multinational corporation to enhance the security of their sensitive data. As a cybersecurity consultant at the encryption enterprise, you are guiding the corporation in implementing effective security measures.

Question 2
Which security mechanism should they deploy for confidential data stored in their databases?

  • Hashing
  • Encryption in transit
  • Encryption at rest

Sam’s Scoops plans to synchronize its on-premises Active Directory (AD) with Azure AD to enable centralized user management. It needs a service that facilitates this synchronization of user accounts, groups, and attributes for centralized identity and access management.

Question 3
Which of the following services is suitable for the task?

  • Azure Active Directory B2B
  • Azure Active Directory Connect
  • Azure Active Directory B2C

 

 

WEEK 2 QUIZ ANSWERS

Knowledge check: Authentication capabilities of Azure AD Quiz Answer

Question 1)
Within your organization, Azure AD Identity Protection raised an alert after some unusual log-in attempts were made using an employee’s username with different passwords.
In this scenario, which of the following would provide the strongest protection?

  • Introduce a banned password list.
  • Create a custom list, removing common company-related passwords.
  • Implement multi-factor authentication (MFA).

Question 2)
You’re a recruit at a company, and you want to impress by improving the firm’s security. You have flagged several employees whose security hygiene is questionable. So, you navigate to the authentication methodsin their user profiles to add additional authentication methods.
Which of the following is found under their authentication contact info? Select all that apply.

  • Fingerprint scan
  • Email
  • Address
  • Phone

Question 3)
Having added an additional authentication method to a user on Azure AD from their user profiles, you trigger a multi-factor authentication (MFA) request based on a conditional access policy configured to their location. Which authentication methods found in a user’s authentication contact info would not be applicable to MFA?

  • Phone
  • Email
  • Alternative phone

Question 4)
True or False: Azure does not use a security question to confirm anyone’s identity.

  • True
  • False

Question 5
What is the most common trigger for MFA?

  • Sign-in.
  • Changing your password.
  • With a conditional access policy for suspicious log-ins.

 

Knowledge check: Access management capabilities of Azure AD Quiz Answer

Question 1)
At your company, you notice that the security posture is not as good as it should be. After authentication is established, there are no subsequent checks to ensure that the authentication granted was toward an appropriate identity. What should you do?

  • Implement a blanket MFA rule for all company users.
  • Establish company policies and implement them.
  • Prevent authentication from any sign-ins in the blocked countries list.

Question 2)
A set of built-in rules that outlines what an identity can do is known as ____.

  • A templated conditional access policy line of business
  • A templated role
  • Highest privilege wins

Question 3)
Sign-in risk is one of the templated Conditional Access policies an organization can create. Which of the following is a sign-on risk?

  • Sign-in from a device not shown to be owned by the user
  • New users to your organization
  • The likelihood that the owner of an identity does not initiate the authentication request.

Question 4)
True or False: When subscribed to the free license it is possible to configure role scope.

  • True
  • False

Question 5)
Which of the following is a security access policy enforced by Azure?

  • Geolocation tracking
  • Least privilege
  • Highest privilege wins

 

Knowledge Check: Identity protection and governance capabilities of Azure AD Quiz Answer

Question 1)
You’ve been tasked with adding some last-minute updates to a customer-facing application. You suggest that customers should be made to agree to the legal disclaimers necessary for storing their data. How would you ensure compliance?

  • Identity management
  • Identity life cycle
  • Azure AD Terms of Service

Question 2)
Working within the HR department in an organization, you oversee a large number of people in a variety of roles. What Azure AD solution would you use to manage the various roles and permissions?

  • Azure terms of service
  • Most privilege wins
  • Entitlement management

Question 3)
An audit at your company has found that the time-bound practice of allocating and deallocating permissions has not been adequately enforced. What do you suggest as a means of fixing this?

  • Role-based access control
  • Privilege Identity Management
  • Least privilege

Question 4)
True or False: Access reviews are a process of examining who is authenticating.

  • True
  • False

Question 5)
There’s been an increase in improper authentications at your workplace. What mechanism should you implement as a solution?

  • Access reviews
  • Entitlement management
  • Identity protection

 

Study checkpoint: The capabilities of Microsoft Azure Active Directory Quiz Answer

Imagine you are new to the working environment, and you have decided to apply for a job at Sam’s Scoops within their cyber security department. An area you have had a deep interest in after experiencing an attempted cybercrime yourself! As a fresh-faced graduate, you are hoping to show your knowledge by nailing the cyber-security questions in the interview. The following are a sample of the questions that have been asked in the interview.

Question 1)
Sam’s Scoops requires your consultation in relation to moving from an on-premises Active Directory (AD) to a completely cloud-based one. They hope to bring some international individuals with lucrative offers and allow them use of company hardware to access the system.
To ensure the security of their operation, what measures should be taken with these devices to ensure the best security for a cloud-based operation?

  • Ensure all the devices are registered with the AD.
  • Ensure that all the devices are hybrid joined devices.
  • Ensure that all the devices are joined devices.

Question 2)
Sam’s Scoops would like to ensure a seamless yet safe authentication when accessing their system. They have considered different authentication strategies and have settled on a passwordless approach for the best, yet most secure, means of authentication.
Which of the following would most accurately reflect their approach?

  • Use of hardware tokens to authenticate
  • Microsoft Authenticator
  • Multi-factor authentication (MFA)

Question 3)
Sam’s Scoops would like you to secure access to a sample database. As you may be aware, role-based access control (RBAC) is seen as a strong method for implementing secure access management policies. But how would you complete secure access to a sample database that is to be used by the finance division?
Which of the following would you apply an RBAC policy on?

  • Apply it to a group.
  • Apply it to the privileged members of the division.
  • Apply it to individual users.

 

 

WEEK 3 QUIZ ANSWERS

Knowledge check: Basic security capabilities in Azure Quiz Answer

Question 1)
True or False: Azure Firewall is a managed, cloud-based service that allows users to take full responsibility for its configuration and efficacy.

  • True
  • False

Question 2)
As a new hire for an online firm, you have been tasked to review their security protocols. Currently, an important customer-facing application is deployed on the network with a network security group (NSG). The NSG ruleset prevents remote desktop protocol (RDP) requests from accessing it.
What is the best course of action to take?

  • Create a new inbound rule with higher priority that conditionally allows outside access.
  • Create a duplicate of the service and deploy it on a network without the same level of NSG restrictions.
  • Remove any NSG rules that prevent access from off-site.

Question 3)
A recent spate of DDoS attacks has been launched at your company. The bosses want a solution that will offer DDoS protection to the company but also output some telemetry that can be analyzed in azure monitor.
Which of the following options is a viable solution to achieve this?

  • DDoS infrastructure protection
  • Azure Bastion
  • DDoS Standard Plan

Question 4)
As the top security analyst at your firm, a new employee is implementing a customer-managed encryption process for your keys.
Where would you store your encryption keys?

  • Key vault
  • At the key store
  • In Azure Bastion

Question 5)
True or False: Segmentation in network security refers to physically locating each department in its secular environment.

  • True
  • False

 

Knowledge check: Azure security management Quiz Answer

Question 1)
As an IT cyber security specialist, what is one of your primary responsibilities concerning cloud security posture management (CSPM)?

  • Developing new cloud services for the company.
  • Managing employee access to cloud services.
  • Strengthening the management of security implemented by the company.

Question 2)
True or False: Microsoft Defender for Cloud (Free) provides endpoint detection and response (EDR) capabilities for real-time analysis and monitoring of endpoints.

  • True
  • False

Question 3)
What is the primary purpose of Microsoft’s Cloud security benchmark?

  • To develop advanced cybersecurity algorithms.
  • To provide guidelines for securing on-premises environments.
  • To establish fundamental guideline configurations for online services.

Question 4)
An organization looking to capitalize on Microsoft’s application scanning and vulnerability detection to strengthen its security posture should consider which of the following steps?

  • Configuring Shadow IT for vulnerability scans.
  • Configuring Sentinel to create a vulnerability score for the application.
  • Selecting an enhanced Microsoft Defender plan for greater functionality, including vulnerability scans.

Question 5)
Which framework forms the basis for Microsoft’s Defender for Cloud policy?

  • The National Institute of Standards and Technology (NIST) framework
  • The Center for Internet Security (CIS) framework
  • Microsoft security benchmark

 

Knowledge check: Security capabilities of Microsoft Sentinel Quiz Answer

Question 1)
Imagine you want to gather continuous information on your workplace to ensure that no attack occurs; which of the following will perform this action?

  • SIEM
  • SOAR
  • SOC

Question 2)
Sentinel requires logs to perform its vigilance. Where are these logs likely to be found?

  • Azure Blob Storage
  • Azure Workbooks
  • Azure Playbook

Question 3)
Out of the following set of activities, which one most closely matches the Sentinel’s behaviors?

  • Collects, ejects, investigates, and redirects
  • Collects, detects, investigates and reports
  • Collects, detects, patches, and reports

Question 4)
Where can you locate the automation steps that can be triggered in response to configurable system signals?

  • Monitor
  • Workspace
  • Playbook

Question 5)
True or False: Sentinel can only connect with Microsoft Applications.

  • False
  • True

 

Knowledge check: Threat protection with Microsoft 365 Defender Quiz Answer

Question 1)
The security specialist at the firm wants to implement protection for the secure exchange of confidential information shared on collaboration platforms. Which of the following protection services best secures the exchange of confidential information when collaborating?

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Microsoft Defender for Identity

Question 2)
Which of the following automated actions does Microsoft Defender perform to help create future policies?

  • Reports
  • Events
  • Scanning for malware signatures

Question 3)
True or False: As an administrator for your organization, you wish to purchase Defender Plan One, that includes attack simulation.

  • True
  • False

Question 4)
Complete the following sentence. Microsoft Defender for Endpoint has four components when dealing with incidents, which are prevention, detection, investigation and ______________.

  • Role-based access control (RBAC)
  • Workspace
  • Response

Question 5)
What does Shadow IT refer to?

  • Placing a key logger on a device to record the input so that all entries are recorded into a device.
  • The use of unregistered devices by employees.
  • Covertly hacking an IT system without being detected.

 

Study checkpoint: Microsoft Security solutions Quiz Answer

Question 1)
You are an IT Administrator at a medium-sized company that relies heavily on cloud-based collaborative tools for team communication and document sharing. Your organization is concerned about the increasing risk of cyberattacks, especially those involving compromised identities and malicious activities within collaborative tools like Microsoft Teams, SharePoint Online, and OneDrive for Business. You are tasked with finding the most suitable solution from the Microsoft 365 Defender suite to address these concerns. Which service of the Defender suite is most suitable for this task?

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender for Office 365

Question 2)
In your role as an analyst, you’ve noticed a recurring attack signature that consistently triggers the need for defensive actions. This attack pattern remains the same, requiring a consistent response from you. What is the most effective course of action to take?

  • Take the asset offline.
  • Create an automated response in the Azure playbook.
  • Identify an IP address and block the sender.

Question 3)
You are an analyst with a busy company who engages a lot with the customers through email. Other than this, your company supports a website. So, essentially, the company has little online real estate. You are tasked with ensuring that communication is conducted safely. In interacting with your customers regularly, you open and send many attachments and clickable links. Which Microsoft Defender plan would be most applicable for this scenario?

  • Microsoft Defender for Office 365 (Plan 2)
  • Microsoft Defender for Endpoint (Plan 1)
  • Microsoft Defender for Office 365 (Plan 1)

 

 

WEEK 4 QUIZ ANSWERS

Knowledge check: Microsoft’s Service Trust Portal and privacy principles Quiz Answer

Question 1)
What is the primary purpose of Microsoft’s Service Trust Portal (STP)?

  • To serve as a source for determining bad URLs and passwords.
  • To offer cloud storage solutions for personal data.
  • To serve as a centralized repository for compliance and security documents.

Question 2)
Which of the following are capabilities of Azure Information Protection (AIP)?

  • Email encryption, data loss prevention, and role-based access control.
  • Data classification, email encryption, and malware scanning.
  • Unified labeling client, on-premises scanner, and Microsoft Information Protection SDK.

Question 3)
True or False: According to Microsoft’s privacy principles, the control of data should always rest with the customer.

  • True
  • False

Question 4)
Microsoft’s privacy management follows a “hub and spoke” approach, where the central committee responsible for generating privacy policy is known as the ______ group.

  • CCPA (California Consumer Privacy Act)
  • GDPR (General Data Protection Regulation)
  • CELA (Corporate, External, and Legal Affairs)

Question 5)
What is the purpose of applying sensitivity labels to files or documents in Microsoft’s data protection process?

  • To categorize the data for storage.
  • To promote data security and compliance with privacy regulations.
  • To make the data easier to access.

 

Knowledge check: Compliance management capabilities of Microsoft Purview Quiz Answer

Question 1)
True or False: The data connectors in Microsoft Purview are limited to Microsoft technologies.

  • True
  • False

Question 2)
Imagine you work for an organization, and a new staff member requires access to the Microsoft Purview portal. Will it matter which role this new employee chooses?

  • No. Like other Microsoft software, any role can access it.
  • Yes, the role chosen in the Purview portal determines the level of access and permissions the team member will have.
  • Sometimes. Any role is OK to access as long as the admin imposes no role-based access restrictions.

Question 3)
True or False: The Compliance Manager is the role that oversees the calculation of the compliance score.

  • True
  • False

Question 4)
You are responsible for reviewing your company’s data storage practices as an employee. To comply with legislation, you must assess the changes you will make regarding storing it to meet European law. Which of the following tools will you use?

  • Microsoft Defender for Data
  • Microsoft Sentinel
  • Microsoft Purview

Question 5)
What are the primary purposes of data connectors in Microsoft Purview?

  • A method for connecting Azure Active Directory data storage and an on-premises Active Directory storage.
  • To provide Purview with interoperability data connections between services.
  • To infer information from data to identify attack signatures.

 

Knowledge check: Information protection and data lifecycle management capabilities of Microsoft Purview Quiz Answer

Question 1)
Your organization manages sensitive medical records. When branching into a new region, you are made aware that there are laws that mandate that this information must be kept for a set period of time. Which of the following labels would you use?

  • Retention labels
  • Sensitivity labels
  • Protection labels

Question 2)
Which of the following roles can assign permissions to a user on the compliance portal?

  • Global administrator
  • Compliance administrator
  • Security administrator

Question 3)
Your organization needs to protect confidential emails by encrypting them so that only authorized users can access their contents. How should this requirement be addressed?

  • Leverage sensitivity labels.
  • Utilize the data retention policy.
  • Implement a content classification system.

Question 4)
Your company is opening a new branch in California with consideration of the geographical compliance impact of being based in California and falling subject to the California Consumer Privacy Act (CCPA) over the General Data Protection Regulation (GDPR) compliance. Creating sensitivity labels that adhere to the individual’s right to be forgotten is a legal requirement.

  • True
  • False

Question 5)
How do data loss prevention (DLP) policies help organizations protect sensitive information across Microsoft services?

  • They enable irreversible consequences for data marked as regulatory records.
  • They prevent the sharing of sensitive documents and provide policy violation guidance.
  • They allow users to easily remove sensitive labels from documents.

 

Study checkpoint: Capabilities of Microsoft compliance solutions Quiz Answer

Question 1)
You are an IT administrator at a mid-sized company that values data privacy and wants to ensure that customer data is managed responsibly. Microsoft’s privacy principles are of interest to your organization as you consider data management practices. Which of Microsoft’s privacy principles emphasizes giving individuals control over their data?

  • Transparency
  • Control
  • Security

Question 2)
You are an IT manager at a medium-sized organization dealing with increasing data volumes and the challenges of remote work. Your organization is looking for a comprehensive solution to address compliance needs, particularly in recognizing and protecting sensitive data. Which Microsoft service can help with these compliance requirements?

  • Microsoft Purview
  • Microsoft Defender for Endpoint
  • Microsoft Power BI

Question 3)
You are the Chief Information Officer (CIO) of a large organization that handles sensitive customer data. Data security and compliance are of paramount importance. Your team is evaluating Microsoft’s solutions for enhancing data protection and compliance. Given the context provided, which Microsoft service should you consider implementing to ensure data security and compliance in your organization?

  • Microsoft Purview
  • Azure Information Protection (AIP)
  • Microsoft Power BI

 

 

WEEK 5 QUIZ ANSWERS

Knowledge check: Insider risk capabilities in Microsoft Purview Quiz Answer

Question 1)
You have been transferred from Finance into HR. You are tasked with investigating a compliance claim relating to an improper email exchange between two employees in your former department. To conduct the investigation phase of the process, you must first examine the exchanged emails. Which role/s are required to complete this task?

  • Office 365 Global Administrator
  • Both Office 365 Global Administrator and Compliance Administrator in Purview
  • Compliance Administrator in Purview

Question 2)
In Purview, which of the following can be defined as structural organization for delegation of tasks?

  • Administrative units
  • Role-based access control (RBAC)
  • Role groups

Question 3)
The compliance admin for the organization wants to justify the cost of Microsoft Purview to the organization. Which of the following arguments would be used as part of the justification?

  • The admin team wants to offset the dangers of insider risks by implementing insider risk management.
  • To provide continuous scanning against malware, including applying analytics on data and generating graphs.
  • To identify devices that are in danger of shutting down and preventing loss of service.

Question 4)
Select the following definition that accurately captures an appropriate use case for communication compliance in Purview.

  • For identifying and scanning offensive language across the organization.
  • For ensuring data integrity and regulatory adherence by enforcing access controls, data classification, and monitoring data activities.
  • For mitigating insider risks related to data security and compliance

Question 5)
Which of the following ISO standards certifies Azure Active Directory and relates to information management and compliance?

  • ISO 9001
  • ISO 14001
  • ISO 27001

 

Knowledge check: Resource governance capabilities in Azure Quiz Answer

Question 1)
Which of the following statements is true about Azure Policy?

  • Policies can only be applied on a resource-by-resource basis.
  • Microsoft Sentinel is required to monitor the outcome of a policy application.
  • Azure policy supports automatic remediation.

Question 2)
Which of the following characteristics can be achieved through the application of Azure Blueprints to service replication?

  • Consistency
  • Low availability
  • High latency

Question 3)
Which of the following roles has Blueprint assignment permissions?

  • Owner
  • Contributor
  • Blueprint Contributor
  • Blueprint Operator

Question 4)
Which of the following Microsoft services can be said to act in a similar fashion as a design pattern?

  • Azure Blueprint
  • Azure Policy
  • Azure Defender

Question 5)
True or False: Purview provides cross-application capabilities.

  • True
  • False

 

Study checkpoint: Risk and resource governance Quiz Answer

Question 1)
You are responsible for insider risk management in your organization, where you need to identify and mitigate risks stemming from internal threats and unauthorized actions. Which Microsoft service can assist in addressing insider risk management?

  • Microsoft Purview
  • Microsoft Azure Active Directory
  • Microsoft SharePoint

Question 2)
You are responsible for ensuring compliance and best practices in your Azure environment. You need a Microsoft service to enforce compliance rules and ensure resources adhere to desired states. Which Microsoft service is designed to manage company baselines for implementing rules, assessing compliance, and ensuring adherence to corporate standards and SLAs in Azure?

  • Microsoft Azure Policy
  • Microsoft Azure Sentinel
  • Microsoft Azure Remediation

Question 3)
You are responsible for ensuring uniformity, governance, and compliance in your organization’s Azure environment. You need a Microsoft service to define how the environment should look, enforce compliance with organizational policies, and quickly reproduce an existing setup. Which Microsoft service serves this purpose?

  • Microsoft Azure ARM Templates
  • Microsoft Azure Resource Groups
  • Microsoft Azure Blueprints

 

 

WEEK 6 QUIZ ANSWERS

 

Visit this link:  SC-900 Mock Exam Answers