Module quiz: Defender for Cloud and data masking and encryption Quiz Answers
In this article i am gone to share Coursera Course: Secure Your Data at Rest by Microsoft | Week 4 Quiz | Module quiz: Defender for Cloud and data masking and encryption Quiz Answers with you..
Enrol Link: Secure Your Data at Rest
Module quiz: Defender for Cloud and data masking and encryption Quiz Answers
Question 1)
Imagine you are part of a newly set up healthcare organization that has recently implemented Defender for Cloud to enhance the security posture of its hybrid cloud environment. The organization has a low secure score and has room to improve its security. What does a secure score indicate for that organization?
- The number of recommendations provided by Defender for Cloud
- A percentage of the security strength of the environment
- A measure of how much data is stored in the cloud
- The level of encryption used for data storage
Question 2)
Imagine you are a security engineer at a multinational organization that operates in a hybrid cloud environment. You are responsible for monitoring the security posture of the cloud. You log in to Defender for Cloud dashboard to enhance the security posture of its cloud workloads and resources. One day you receive alerts informing you about cyber attacks.
Which part of Defender for Cloud is considered the reactive component that contributes to setting up automatic responses to cyberattacks such as brute-force attacks?
- Enhanced security features
- Cloud workload protection
- Cloud workload prevention
- Automatic responses
Question 3)
You are a cybersecurity analyst working for an e-commerce company that operates a cloud-based environment to serve customers worldwide. The company’s application is hosted on multiple cloud servers, and you are responsible for ensuring the security of the entire application infrastructure.
Which capability of Microsoft Defender for Cloud helps to diagnose the weaknesses in your application infrastructure that leave your environment susceptible to attack?
- Infrastructure service insights
- Security alerts
- Protect containers
- Security incidents
Question 4)
Suppose you are working as a security engineer in a financial institution. Recently, you have received several security warnings that your organization’s database is at high risk. You decide to take a step toward improving the security of your organization’s resources, and therefore, you decide to implement Microsoft Defender plans. Before choosing the kind of plan, what parameters should you consider?
- Resources used by the organization and regulatory requirements
- Operating system of the organization’s servers
- Number of employees in the organization
- Physical location of the organization’s headquarters
Question 5)
You are a cybersecurity analyst in a healthcare organization. You realize that enabling Microsoft Defender for SQL at the subscription level has a significant advantage. Therefore, you decide to enable it. What is the benefit of enabling Microsoft Defender for Azure SQL Database at the subscription level?
- Automatically protects all new resources
- Gives better performance for SQL queries
- Reduces the cost of SQL database storage
- Enhances the scalability of SQL databases
Question 6)
You work for a healthcare organization that stores patients’ financial and health records. What feature can you use to secure your data at rest if an interceptor tries to gain physical access to the database files?
- Microsoft Defender for Cloud
- Dynamic data masking
- Transparent data encryption (TDE)
- TLS network encryption
Question 7)
How does dynamic data masking (DDM) help prevent unauthorized access to sensitive data?
- By limiting data exposure through data masking for nonprivileged users
- By implementing strong access control lists
- By creating regular data backups
- By encrypting the data at rest and in transit
Question 8)
Suppose you are a database administrator at a financial institution that uses Azure SQL Database to store financial information. You have implemented transparent data encryption (TDE) to secure your data at rest and protect the information from unauthorized access.
One day, you discover that during a routine security review, the permissions of the logical SQL Server to the key vault are revoked. What will be the consequence of such a challenging situation?
- Permissions of the Key Vault will automatically be revoked.
- TDE protector will be transferred to the Key Vault.
- The database will become inaccessible, and all data will be encrypted.
- TDE protector will be generated by the Key Vault.
Question 9)
You are an Azure security engineer designing an encryption strategy. The company’s database includes a column used for point lookups and indexing.
What type of encryption should you use for this column?
- No encryption
- Randomized encryption
- Deterministic encryption
- Transparent Data Encryption (TDE)
Question 10)
You work for an online retailer, and you are implementing Always Encrypted on Azure SQL Database to safeguard sensitive customer information. You have created the Column Master Key (CMK) and Column Encryption Key (CEK).
What is the next step in deploying an Always Encrypted implementation?
- Develop and modify applications
- Setup key metadata and configure column encryption
- Design
- Validation and testing