Module quiz: Application security with Azure AD and other Microsoft tools Quiz Answers
In this article i am gone to share Coursera Course: Secure Your Applications by Microsoft | Week 3 Quiz | Module quiz: Application security with Azure AD and other Microsoft tools Quiz Answers with you..
Enrol Link: Secure Your Applications
Module quiz: Application security with Azure AD and other Microsoft tools Quiz Answers
Question 1)
You are developing a website and want to ensure a secure sign-in process for your users. You are considering different options for authentication. In this scenario, would OpenID Connect be the best choice for securing your sign-in page?
- No
- Yes
Question 2)
Imagine you have developed an application that needs to make requests to a target resource. In this context, what do we mean by “effective permissions”?
- The delegated permissions granted to the application.
- The combination of delegated permissions and application permissions.
- The permissions granted exclusively to the target resource.
- The permissions granted to the signed-in user.
Question 3)
You are setting up an Azure AD tenant for your organization Buy For Sure Retail Inc. Which domain will be automatically assigned when creating the tenant?
- microsoft.com
- buyforsureretail.com
- onmicrosoft.com
- azure.com
Question 4)
In the custom sales web application being developed by your company, what is the primary purpose of integrating Microsoft Graph?
- To simplify the development process by utilizing a single endpoint for accessing organizational data
- To provide salespeople with a comprehensive view of customer data for informed decision-making and improved sales performance
- To enhance the security and data protection measures of the web application
- To integrate various Microsoft 365 services into the application and streamline workflow efficiency
Question 5)
Your developer has used the following code in Microsoft Graph. What does this REST API call do?
HTTP
GET/users/[email protected]
- It creates a user named Stan.
- It adds a user named Stan to a group.
- It gets information about a group named Stan.
- It returns profile information about a user named Stan.
Question 6)
When tracking alerts in Microsoft Graph permissions, which approach is used to unify and standardize the process?
- Microsoft Graph API
- Microsoft Cloud App Security
- OAuth 2.0
- Azure AD App registrations
Question 7)
Imagine you are a cloud administrator responsible for managing Azure virtual machines (VMs). You have an Azure VM, say ‘VM1,’ to run your web application. You want to ensure that VM1 can securely access Azure resources without storing any credentials within the VM. To achieve this, you decided to configure two types of managed identities for VM1: System-assigned managed identity and User-assigned managed identity. Identify the correct managed identity that will work with an Azure VM.
- Both the system-assigned and user-assigned managed identities allow users to authenticate to VM1.
- The user-assigned managed identity allows VM1 to authenticate itself to Azure resources, while the system-assigned managed identity allows users to authenticate to VM1.
- The system-assigned managed identity allows VM1 to authenticate itself to Azure resources, while the user-assigned managed identity allows users to authenticate to VM1.
- Both the system-assigned and user-assigned managed identities allow VM1 to authenticate itself to Azure resources.
Question 8)
You need to reduce the administration overhead for managing multiple resources that require access to the same Azure resources. Which type of managed identity should you use?
- System-assigned identity
- User-assigned identity
- Azure AD-managed identity
- App Service-managed identity
Question 9)
Sana is a developer working on a web application and needs to purchase a certificate to ensure secure communication between the application and its users. She visited a website that offers web app certificates and is going through the purchasing process. But when she was going through the purchasing process, a window opened for her, mentioning the certificate purchasing guidelines. Which among the following holds true for the purchasing guidelines?
- Sana should check for the management of certificate renewal.
- Sana should synchronize the certificate with the imported copies in App Service.
- Sana should not perform the certificate’s domain verification.
- Sana should go to the GoDaddy website to purchase a web app certificate.
Question 10)
Sana is a software developer. She purchased a certificate for her new web application. Now, she wants guidance in configuring this certificate to her web application. Which of the following steps are involved in configuring and deploying web app certificates? Select all that apply.
- Issue health certificate
- Test the SSL/TLS configuration to ensure the proper functioning
- Update the DNS records for the domain to include the certificate information
- Install the issued certificate on the web server