Module quiz: Azure basic security capabilities Quiz Answers
In this article i am gone to share Coursera Course: Cybersecurity Solutions and Microsoft Defender Week 1 | Module quiz: Azure basic security capabilities Quiz Answers with you..
Enrol Link: Cybersecurity Solutions and Microsoft Defender
Cybersecurity Solutions and Microsoft Defender Week 1 Quiz Answers
Module quiz: Azure basic security capabilities Quiz Answers
Question 1)
Azure DDoS uses multiple layers of protection to mitigate attacks effects, identify two of these layers of protection.
- Sets firewall to block all traffic
- Machine learning algorithms
- Network segmentation
- Switches off VMs under attack
Question 2)
Imagine you are a cybersecurity analyst working for a large e-commerce company that heavily relies on its online presence. One day, your team receives a notification about a potential Distributed Denial of Service (DDoS) attack targeting your company’s resources. As the team investigates the situation, you remember the Azure DDoS IP protection feature, which can safeguard certain resources from such attacks.
Which of the following resources could be protected by Azure DDoS IP protection in this scenario? Select all that apply.
- Virtual machines
- Websites
- Virtual networks
- Cloud services
Question 3)
True or False: Azure virtual machines offer a cost-effective and flexible solution for a variety of purposes.
- True
- False
Question 4)
When connecting VNets inside an Azure region _____(a) virtual network peering is used, but to connect them across regions _____(b) virtual peering is used.
- (a) Wide (b) Local
- (a) Regional (b) Global
- (a) Local (b) Wide
- (a) Global (b) Regional
Question 5)
The Basic Azure Firewall is a great firewall for SMBs that supports up to 250Mbps of data throughput but the Standard Firewall supports up to _____ Gbps of data throughput.
- 3 Gbps
- 300
- 6
- 30
Question 6)
You are configuring firewalls to protect the Azure network and enable connectivity. Which of the following options correctly identify the names of the firewall rules that can be configured? Select all that apply.
- IP rules
- Network rules
- Application rules
- NAT rules
Question 7)
You are managing multiple Azure firewalls and need to consolidate NAT, application, and network rules into a collection. Which Azure resource should you use for this purpose?
- Firewall rules
- Firewall policy
- Firewall SKU
- Firewall security
Question 8)
When JIT gives a user access to a VM it opens the specific port needed for a specified time that was configured in the JIT policy. What is used to check that the user has the correct permissions?
- NSG
- Azure RBAC
- Defender for Cloud
- Azure Firewall
Question 9)
What type of encryption is used for data at rest to encrypt and decrypt large volumes of data quickly, and is used by Azure Disk encryption?
- Symmetric
- Hashing
- Asymmetric
Question 10)
Imagine a scenario where an administrator is using Azure Key Vault, a key management solution. The administrator needs to provide developers with a specific item to retrieve keys from applications. Which of the following options correctly identifies what the administrator gives to developers in this scenario?
- Encryption algorithms
- Access permissions
- API documentation
- Revocation certificates
Question 11)
Imagine you are a network security analyst responsible for protecting your organization’s Azure infrastructure. One day, you receive an alert about a potential DDoS attack targeting your network. As you investigate the situation, you remember hearing about Azure DDoS and its protective measures.
True or False: Azure DDoS employs a comprehensive defense strategy, which includes network segmentation, traffic analysis, machine learning, and firewalls to monitor and control network traffic.
- True
- False
Question 12)
Imagine you are a cybersecurity analyst working for a large e-commerce company that heavily relies on its online presence. One day, your team receives a notification about a potential Distributed Denial of Service (DDoS) attack targeting your company’s resources. As the team investigates the situation, you remember the Azure DDoS IP protection feature, which can safeguard certain resources from such attacks.
Which of the following resources could be protected by Azure DDoS IP protection in this scenario? Select all that apply.
- Cloud services
- Virtual networks
- Websites
- Virtual machines
Question 13)
You work for a software development company that frequently needs to test applications on different configurations. Your team is considering using Azure virtual machines for development and testing purposes. Which factor should you carefully consider when creating virtual machines to ensure optimal performance and cost-effectiveness?
- The physical hardware required to run the virtual machines
- The fluctuating demand for your application and the need for scalability
- The specific software applications that need to be installed on the virtual machine
Question 14)
Sarah, a software engineer, is working on a project that involves deploying Azure services and virtual machines across different Azure regions. While discussing the project with her team, she asks them a question: “VNets are used like physical networks to connect to Azure services and virtual machines, but what do we use to connect VNets across Azure regions?”
What is the correct answer to her question?
- Regional virtual network peering
- Subnets
- NSGs
- Global virtual network peering
Question 15)
John is the owner of a small and medium-sized business (SMB) and is considering implementing a firewall solution for his company’s network security. He has heard about the basic Azure Firewall and wants to understand the advantages of the Standard firewall over the Basic version. Help John identify the additional advantages of the Standard firewall by selecting the correct options below. Select all that apply.
- Increased data throughput
- Traffic filtering
- Threat intelligence filtering
- Threat intelligence alerts
Question 16)
True or False: When configuring firewalls, different rules are used to help protect the Azure network as well as enable connectivity. NAT rules can convert public and private IP addresses, application rules can filter FQDN, and network rules can filter IP addresses.
- True
- False
Question 17)
You are managing multiple Azure firewalls and need to consolidate NAT, application, and network rules into a collection. Which Azure resource should you use for this purpose?
- Firewall rules
- Firewall policy
- Firewall security
- Firewall SKU
Question 18)
True or False: JIT Policy consists of port, protocol and the username of who is allowed access.
- True
- False
Question 19)
What type of encryption is used for data at rest to encrypt and decrypt large volumes of data quickly, and is used by Azure Disk encryption?
Hashing- Symmetric
- Asymmetric
Question 20)
Azure Key Vault is a key management solution that allows security administrators to create, revoke and delete keys. What other tasks can it help administrators perform? Select all that apply.
- Key vault access
- Azure subscription access
- Machine encryption
- Key usage monitoring
Question 21)
True or False: VNets are used like physical networks to connect to Azure services and virtual machines. Global virtual network peering is used to connect VNets inside a region and regional virtual network peering is used to connect VNets across regions.
- True
- False
Question 22)
When configuring firewalls, different rules are used to help protect the Azure network as well as enabling connectivity. Which firewall rule can convert public and private IP addresses?
- IP rules
- Network rules
- NAT rules
- Application rules
Question 23)
True or False: When setting up Azure firewalls, you can use firewall rules which are great for simple configuration and when you have just one firewall. Firewall policy can be used when you have multiple firewalls and complex scenarios.
- True
- False
Question 24)
You are setting up encryption for your Azure Disk storage. Which encryption method does Azure Disk encryption utilize to ensure fast encryption and decryption of large data volumes?
- Data compression techniques
- Hashing algorithms
- Asymmetric encryption
- Symmetric encryption
Question 25)
True or False: Azure Key Vault is a key management solution that allows security administrators to create, revoke and delete keys and it can reduce code writing for developers.
- True
- False
Question 26)
True or False: The Basic Azure Firewall is a great firewall for SMBs as it supports threat intelligence-based filtering.
- True
- False
Question 27)
When JIT gives access to a VM to a user it opens the specific port needed which is configured in the JIT policy. What else forms part of that policy? Select all that apply.
- IP address
- Protocol
- Allowed duration
- Network rule
Question 28)
Azure DDoS IP protection protects resources, for example websites, virtual machines and cloud services, but what do these resources need to have for the protection to work? Select all that apply.
- Internet access
- A public IP address
- A private IP address
- LAN access
Question 29)
You are a network administrator responsible for granting access to virtual machines (VMs) through the just-in-time (JIT) policy. When providing access, you ensure that the necessary port is opened for a predetermined duration. Which of the following methods is used to verify if a user possesses the required permissions?
- Azure RBAC
- NSG
- Defender for Cloud
- Azure Firewall
Question 1)
Azure DDoS mitigates attacks effects by using network segmentation, traffic analysis and firewalls to monitor and control network traffic. But what other mechanism does it use?
- Machine learning algorithms
- Switches off VMs under attack
- Malware protection
- Sets firewall to block all traffic
Question 3)
Which of the following is a benefit of using Azure virtual machines? You have just started using Microsoft Azure and you are exploring the available management options. While learning about Azure, you come across a feature that allows you to manage resources. Which of the following options accurately describes what the Azure portal provides for managing resources?
- Command line interface
- Increased control over the computing environment
- Browser accessible terminal
- Application
Question 7)
When managing an Azure firewall what Azure resource allows you to combine NAT, application and network rules into a collection?
Firewall security- Firewall policy
- Firewall SKU
- Firewall rules
Question 9)
Symmetric encryption is used for data at rest storage and by Azure disk encryption for speed but what is used to encrypt the OS and the data disks? Select all that apply.
- Linux dm-crypt
- TLS
- MAC sec
- Windows Bit Locker
Question 2)
True or False: Azure DDoS IP protection protects resources like websites, virtual machines and cloud services, when they have a private IP address and internet access.
- True
- False
When is this available,,,,,,,Guided project quiz: Secure Identity and Access with Microsoft Entra