In this article i am gone to share Coursera Course: Secure Your Applications by Microsoft | Week 1 Quiz | Module quiz: Azure Key Vault Quiz Answers with you..

Enrol Link:  Secure Your Applications

Module quiz: Azure Key Vault Quiz Answers

Question 1)
Suppose you are a software developer looking for encrypted keys. In this case, you find a challenge where to maintain the encrypted data. Which Azure Key Vault service will you use to keep the data?

• Certificate management
• Secret management
• Key management
• Store management

Question 2)
You are configuring access control for Azure Key Vault, a cloud service provided by Microsoft for securely storing and managing cryptographic keys, secrets, and certificates. You want to ensure that only authorized users and applications can access the stored sensitive information. Which Azure service holds true to control access to Azure Key Vault resources?

• Azure Virtual Network (VNet)
• Azure Key Vault Managed HSM
• Azure Security Center
• Azure Active Directory (Azure AD)

Question 3)
A financial institution is building a cloud-based banking application that requires a Secure Sockets Layer (SSL) certificate for secure communication. The application utilizes Azure Storage to store sensitive customer data securely. The application uses a 2048-bit RSA key stored in Azure Key Vault for cryptographic signing operations to ensure data integrity and authentication. Azure virtual machines (VMs) can deploy the application. Here are the roles performed by three employees in the organization.

Neel: Application developer responsible for developing and deploying the application in Azure
Julie: Security team member responsible for the proper safekeeping of secrets
David: Auditor responsible for reviewing the use and maintenance of certificates, keys, and secrets to ensure compliance with security standards

Which among the following statement holds true with this scenario?

• The application needs the Key Vault Contributor permission for the management plane.
• David needs list permission for keys and secrets as part of data plane permissions.
• Neel needs permission for all operations concerning secrets in the data plane.
• Julie does not need any permissions for the data plane.

Question 4)
You are the administrator of a Key Vault certificate management system. You need to create a certificate policy for a new Key Vault certificate. The policy should define various properties and actions related to the certificate’s lifecycle.

Which of the following components should be included in the Key Vault certificate policy?

• Secret properties
• X509 certificate properties
• Key properties
• Lifetime actions.

Question 5)
Imagine you are using Azure Key Vault Hardware Security Module (HSM) to store your cryptographic keys securely. In this scenario, what is the purpose of the KEK (Key Encryption Key) within the Azure Key Vault HSMs?

• It encrypts the key generated internally within the Azure Key Vault HSMs.
• It ensures the secure storage of the cryptographic keys.
• It encrypts the data stored in the Azure Key Vault.
• It verifies the authenticity of the Thales-manufactured HSM.

Question 6)
You are working on a project that requires secure storage and management of cryptographic keys, certificates, and secrets. You decide to use Azure Key Vault, a cloud service provided by Microsoft Azure, for this purpose. Now, you must determine Azure Key Vault’s authentication method to authenticate users and apps.

In the context of Azure Key Vault, which authentication method is employed to authenticate users and apps?

• Azure Active Directory (Azure AD)
• Anonymous access
• Azure role-based access control (RBAC)
• Custom authentication provider

Question 7)
Sara is working in an IT department of a large enterprise. Her company has just shifted to the cloud-based Azure services for securing confidential data. But somehow, she deleted the secret for SQL server and forgot the secret value. Which command will she use to retrieve the secret value?

• Get-AzKeyVault
• Get-AzKeyVaultSecret -VaultName
• Get-AzKeyVaultSecret -VaultName ‘VaultamortDiary’ -Name ‘HiddenLocation’
• Get-AzKeyVaultSecret’HiddenLocation’

Question 8)
You are a cloud administrator responsible for managing Azure resources for an e-commerce company. The company must securely store and manage cryptographic keys for its payment processing system, which requires high-performance cryptographic operations. Which Azure Key Vault role should you recommend to securely store and manage cryptographic keys for the high-performance payment processing system?

• Key Vault Administrator
• Key Vault Reader
• Key Vault Contributor
• Key Vault Secrets User

Question 9)
As a part of your job responsibilities, you should choose the right option for utilizing Azure Dedicated Hardware Security Module (HSM service). Which would be inappropriate for implementing Azure Dedicated HSM among the following choices?

• Azure SQL Database with encryption enabled
• Azure Disk Encryption for data at rest in Azure Virtual Machines
• Azure Information Protection with customer-managed keys
• Migrating applications from on-premises to Azure Virtual Machines (Azure VMs)

Question 10)
You are a security analyst responsible for evaluating Azure Key Vault Managed HSM. In this scenario, you want to determine the specific security control Azure Key Vault Managed HSM implemented to safeguard key material.

What measures does Azure Key Vault managed HSM employ to protect the confidentiality and integrity of key material?

• Confidentiality through a trusted execution environment
• Regular backups of the HSM
• Encryption of traffic with TLS
• Use of Azure role-based access control (Azure RBAC) for access control