Module quiz: Perimeter Security Quiz Answers
In this article i am gone to share Coursera Course: Implement Platform Protection by Microsoft | Week 1 Quiz | Module quiz: Perimeter Security Quiz Answers with you..
Enrol Link: Implement Platform Protection
Module quiz: Perimeter Security Quiz Answers
Sarah is an IT security manager at an MNC that has recently adopted a Zero Trust security strategy to safeguard their sensitive data and key resources. One day, a team member’s laptop gets infected with some malware while connected to the office network. However, because of the Zero Trust strategy, malware is contained, and it fails to access critical company data. In this scenario, which of the following best describes the benefits of the Zero Trust approach?
- Reduced reliance on firewalls and network perimeter security
- Improved collaboration and information sharing among employees
- Cost savings on cybersecurity investments
- Enforces and validates access control at access time
Imagine your organization is considering implementing thin client technology to streamline management and improve security. They want to centralize desktop management, reduce hardware costs, and enhance security by moving away from traditional desktop computers. Which of the following best describes a thin client in this context?
- A thin client can process some data locally but needs the server to store the data.
- A thin client can process and store data locally and uses the server when it needs more processing power or storage.
- A thin client can only display processed data provided by a server.
- A thin client is a cloud-based storage solution that provides secure file storage and sharing capabilities.
Sarah works as a network administrator for an MNC with multiple offices located in various geographies. The organization utilizes private IP addressing to set up connectivity within its internal networks. Which of the following features best describe a private IP address? Select all that apply.
- Are non-routable IP addresses that conform to RFC 1918
- Directly assigned to the virtual network adapter of the VM or the load balancer
- VMs use these addresses to communicate with other VMs in the same or connected virtual network
- Dynamically allocated to a VM from the defined scope of IP addresses in the virtual network
You are heading a multinational financial institution that has recently migrated its critical applications to the Azure cloud. As part of security measures, your IT team has implemented Azure DDoS Protection Standard to safeguard your applications against DDoS attacks. How does Azure DDoS Protection works to detect and mitigate DDoS attacks and ensure the availability of your applications?
- Azure DDoS Protection relies on application layer inspection to identify and block DDoS attacks.
- Azure DDoS Protection analyzes application behavior and dynamically adjusts resources to mitigate the impact of DDoS attacks.
- Azure DDoS Protection analyzes network traffic patterns, detects anomalies, and automatically blocks malicious traffic.
- Azure DDoS Protection redirects incoming traffic through a network of scrubbing centers to filter out malicious traffic.
You are a cloud security administrator responsible for managing the Azure Firewall for your organization. Your company has multiple departments, each with its own set of Azure virtual machines (VMs) hosting different applications. You need to configure Azure Firewall rules to allow specific traffic while ensuring proper security measures.
How are you going to configure Azure Firewall rule types to allow HTTP traffic to the VMs in the Marketing department while blocking SSH (Secure Shell) traffic to maintain security?
- Create both an Application Rule and a Network Rule to allow HTTP traffic, and no rules to block SSH traffic.
- Create an Application Rule to allow HTTP traffic, and no rules to block SSH traffic.
- Create an Application Rule to allow HTTP traffic and a Network Rule to block SSH traffic.
- Create a Network Rule to allow HTTP traffic and an Application Rule to block SSH traffic.
James heads a growing organization aiming to enhance the security of its Azure infrastructure. James asked his IT team to configure and deploy Azure Firewall Manager with its features to centralize firewall management and strengthen network security.
How does James’s organization benefit from configuring and deploying Azure Firewall Manager with its features to enhance its network security?
- By configuring and deploying Azure Firewall Manager, the organization can automatically identify and block malicious traffic using advanced threat intelligence capabilities.
- By configuring and deploying Azure Firewall Manager, the organization can automatically scale their firewall instances based on traffic patterns and application demands.
- By configuring and deploying Azure Firewall Manager, the organization can seamlessly integrate with third-party firewall solutions for enhanced security capabilities.
- By configuring and deploying Azure Firewall Manager, the organization gains centralized visibility and control over firewall policies, enabling consistent enforcement across their Azure infrastructure.
You are working at a multinational organization that operates in multiple regions and utilizes Azure for its cloud infrastructure. They are looking for options to encrypt data in transit in their Azure environment to protect sensitive data and prevent unauthorized access.
Which of the following Azure services can help them encrypt data in transit by providing a dedicated private connection between their on-premises network and Azure?
- Azure ExpressRoute
- Azure Load Balancer
- Azure Firewall
- Azure Virtual Network (VNet)
You are a Service Engineer for an MNC with offices located in various locations. Because of the nature of your business, it is imperative that secure and seamless communication happens between these offices. For this, you need to implement a VPN gateway that can ensure encrypted and private connections. In the given scenario, what, according to you, are the uses of a VPN gateway? Select all that apply.
- Send encrypted traffic between your virtual network and your on-premises location across a public connection
- Focus your network access control management, monitoring, logging, and reporting on the devices at the edge of your Azure virtual network
- Send traffic between virtual networks across the Azure backbone
- Connect to devices on the same virtual network, different virtual networks, the internet, or your own on-premises networks.
You are a network architect for an MNC that is looking to optimize its network infrastructure. The organization wants to leverage the advantages of network virtualization and has decided to implement a network virtual appliance (NVA). NVAs provide a software-based solution for various network functions like routing, security, and load balancing. In the given scenario, what is the key benefit of using an NVA?
- To control who can access Azure resources from the perimeter network
- To load balance incoming traffic from the internet across multiple Azure virtual machines and across two regions for DR purposes.
- To control outbound access to the internet
- To control incoming traffic from the perimeter network and allow only traffic that meets security requirements to pass through
You are a network administrator for an organization that manages sensitive customer data. Your firm operates in a highly regulated industry and needs to comply with strict data privacy laws. You have been advised to implement a virtual private network (VPN) with forced tunneling. Considering this scenario, why do you require forced tunneling in a VPN configuration?
- To route all network traffic through the VPN tunnel
- To bypass network restrictions and access any blocked content
- To provide access to local resources while being connected to the VPN
- To improve network performance and reduce latency