All Coursera Quiz Answers

Module quiz: Application security with the Microsoft identity platform Quiz Answers

In this article i am gone to share Coursera Course: Secure Your Applications by Microsoft | Week 2 Quiz | Module quiz: Application security with the Microsoft identity platform Quiz Answers with you..

Enrol Link:  Secure Your Applications


Module quiz: Application security with the Microsoft identity platform Quiz Answers

Question 1)
You have been hired as a software engineer at a renowned technology company. As part of your responsibilities, you are developing an e-commerce web application that allows users to make online purchases. The application handles sensitive customer data, including personal information and payment details. How is application security involved in this context?

  • Optimizing the application’s performance and response times.
  • Ensuring the application is user-friendly and visually appealing.
  • Implementing effective marketing strategies to increase user engagement.
  • Protecting the application against unauthorized access and data breaches.

Question 2)
You have been assigned as a risk analyst for a software development company. Your task is to identify and classify potential risks associated with developing a new mobile banking application. As a part of your analysis, you need to evaluate various risk factors and their potential impact on the project. Which type of risk will be related to the applications that handle monetary instruments and sensitive personal information?

  • Critical risk
  • Business risk
  • Significant risk
  • Regulated risk

Question 3)
John works as a software developer in a large enterprise. He has been assigned the task of creating a mobile application for his client. They plan to implement the Microsoft identity platform for user authentication and authorization in their applications. He must review his understanding of the platform as part of the development process. He chose MSAL Java as a Microsoft authentication language library. Identify the most suitable supporting platform for his mobile application.

  • Windows, macOS, Linux
  • Android
  • macOS
  • iOS and Android

Question 4)
You are a developer working on integrating the Microsoft identity platform into your application for secure authentication and authorization. Which protocol is commonly used with the Microsoft identity platform for secure authentication and authorization?

  • Azure AD B2B
  • MSAL
  • OATH 2.0
  • Azure AD B2C

Question 5)
Amy, a Developer, needs to register an Azure AD application that supports single-tenant accounts. When creating an Azure AD application supporting single-tenant accounts, which option should she select under Supported account types?

  • Accounts in Azure Active Directory (Any Azure AD directory—Multitenant)
  • Accounts in any organizational directory (Any Azure AD directory—Multitenant)
  • Accounts in this organizational directory only (Default Directory only—Single tenant)
  • Accounts in a specific organizational directory (Specific directory—Single tenant)

Question 6)
Imagine you’re a Developer working on a web application that requires authentication using Azure AD. You need to configure the authentication flow for different types of applications. Which tokens should you select for a single-page application (SPA) that invokes a web API via JavaScript?

  • Both access tokens and ID tokens
  • Only ID tokens
  • Neither access tokens nor ID tokens
  • Only access tokens

Question 7)
Pat is a Developer working on a web app that requires authentication using the Microsoft identity platform. Pat must configure the necessary settings for the web app’s authentication process. Liz is a Software Engineer responsible for managing access to the web app and ensuring secure authentication. Which actions should Pat and Liz perform to configure and manage authentication for the web app? Select all that apply.

  • Pat should create a client secret for the web app in Azure AD.
  • Liz should grant appropriate permissions to the registered web app in Azure AD.
  • Pat should configure the redirect uniform resource identifier (URI) of the web app to match the callback URL.
  • Pat should directly manage user accounts and credentials for the web app.
  • Liz should create API permissions for external services used by the web app.

Question 8)
Shaun, a Developer, is working on a web application that requires user authentication using the Microsoft identity platform. He is implementing the OAuth 2.0 authorization code grant flow to leverage Azure AD as the federated authentication provider. What is the role of the authorization code in the OAuth 2.0 authorization code grant flow for Shaun’s web application? Select all that apply.

  • The authorization code is exchanged with the web application for an identity token containing user claims.
  • The authorization code is a short-lived token for secure communication between the web application and Azure AD.
  • The authorization code is included in a request to the Azure AD token endpoint to obtain an access token.
  • The authorization code is an encoded string that can be read by Azure AD and the web application.
  • The authorization code is generated by Shaun’s web application and provided to the user during the sign-in process.

Question 9)
Which of the following statements accurately describe the OAuth 2.0 client credentials grant flow? Select all that apply.

  • It involves the presentation of client credentials to obtain an access token.
  • It is primarily used for user authentication in web apps.
  • It allows apps to obtain an access token based on their own credentials.
  • It is commonly used by daemon apps or service accounts.
  • It requires user consent for the app to access resources.

Question 10)
Joan, a Developer, is working on a project that involves implementing noninteractive or non-daemon apps. She needs to understand the authentication process for these apps. How do noninteractive apps prove their identity during authentication to Azure AD?

  • They authenticate using the user’s identity.
  • They rely on IT Administrators to authenticate on their behalf.
  • They register a client secret with Azure AD.
  • They use multifactor authentication.