Module quiz: Host and container security Quiz Answers
In this article i am gone to share Coursera Course: Implement Platform Protection by Microsoft | Week 3 Quiz | Module quiz: Host and container security Quiz Answers with you..
Enrol Link: Implement Platform Protection
Module quiz: Host and container security
Your organization has just undergone a restructuring of the senior management and executive council. This crucial update needs to be communicated to all the employees through a channel that can accommodate the sensitivity of the information. As a security engineer on the IT team, you recommend using PAWs since they have access to _____.
- Cloud services
- Administrative privileges
- High-sensitivity information workers
- Identity systems
You are a cloud administrator responsible for ensuring the organization’s security for all sensitive data stored in Azure virtual machines (VMs). To safeguard against unauthorized access, you must enable Azure Disk Encryption to encrypt the VM disks. Which of the following steps are involved in enabling Azure Disk Encryption? Select all that apply.
- Configure user storage of BitLocker recovery information
- Windows VM must connect to an Azure storage endpoint
- Get a token to connect to your key vault
- Write the encryption keys to your key vault
You are an IT security specialist for a financial institution that manages sensitive information and requires robust security measures. To protect against credential theft and unauthorized access, you must enable Windows Defender Credential Guard on your organization’s endpoints. You have decided to do this to enhance the security of credentials stored on the organization’s devices, preventing unauthorized access, and minimizing the risk of credential-based attacks. Given this scenario, which features and solutions can you get by enabling Windows Defender Credential Guard? Select all that apply.
- Virtualization-based security enhancement
- Better protection against advanced persistent threats
- Hardware security enhancement
- Comprehensive multicloud security framework
You are a DevOps engineer for a software development firm heavily relying on containerization for deploying and managing applications. You are responsible for optimizing your container images’ security. To accomplish this, you will use a private registry, which provides enhanced control and security measures for your container images. Considering this scenario, what is the benefit of using a private registry such as Azure Container Registry or Docker Trusted Registry?
- Supports service principal-based authentication through Azure Active Directory for basic authentication flows
- Private registry is the Docker Trusted Registry, which can be installed only on-premises
- Safeguards encryption keys and secrets
- Provides a chain of custody that enables you to verify the integrity of the containers
As an IT Security Manager, you are concerned about the security of the containers during runtime. Your company has recently transitioned to using Azure Container Instances (ACI) for its AI applications.
What is a recommended best practice for securing containers during runtime?
- Ignore network segmentation to improve container communication
- Permit the containers to access any files or executables as required
- Grant all privileges to the containers during runtime for better performance
- Enforce least privileges in runtime and reduce the container attack surface by removing unneeded privileges
You are developing a CI/CD pipeline for a containerized application. You need an Azure Container Registry (ACR) authentication method that allows flexibility and seamless integration for your pipeline.
What is the best authentication method for the given scenario?
- Service Principal
- Admin account
- Individual login with Azure AD
- Azure Kubernetes Service (AKS)
As a restaurant owner, you have started the implementation of Azure serverless computing for your online ordering system. You want to understand how you can ensure your system can handle peak times when the volume of orders is exceptionally high.
Which of the following describes how Azure serverless computing handles high-demand periods?
- Azure serverless computing reduces resources during high-demand periods
- Azure serverless computing requires manual scaling during peak demand
- Azure serverless computing cannot adjust to increased demand
- Azure serverless computing dynamically scales up to match the demands of the workload
TechRetail Inc. is planning to migrate its web application to Azure App Service. The application must support secure login using various identity providers, including Azure Active Directory and social media accounts.
What feature should TechRetail Inc. leverage in Azure App Service to implement this requirement?
- Built-in Authentication and Authorization
- Azure Virtual Network Integration
- Managed Identities
- Azure Disk Encryption
You are a DevOps engineer responsible for managing a Kubernetes cluster in a production environment. Your team wants to ensure the stability and reliability of the cluster.
Which of the following correctly highlights the key considerations when working with Kubernetes?
- Regularly updating Kubernetes to the latest version
- Running all services as privileged containers for increased flexibility
- Monitoring resource utilization and setting appropriate limits for each workload
- Assigning large resource limits to all containers for optimal performance
The security team at TechCo wants to increase the security posture of its AKS clusters. They need a solution offering RBAC, multifactor authentication, and identity protection.
Which solution can provide these requirements?
- Kubernetes RBAC alone
- Azure AD integration with AKS
- Azure AD alone without AKS integration
- AKS alone without Azure AD integration