Module quiz: Recap of Azure security technologies Quiz Answers
In this article i am gone to share Coursera Course: Capstone and Practice Exam (AZ-500) | Week 1 Quiz | Module quiz: Recap of Azure security technologies Quiz Answers with you..
Enrol Link: Capstone and Practice Exam (AZ-500)
Module quiz: Recap of Azure security technologies Quiz Answers
Question 1)
As an IT administrator responsible for access management in your organization’s Azure Active Directory (Azure AD) environment, you need to understand the methods of granting access to resources. What are the options for granting access to your organization’s resources in Azure AD?
- Access is granted automatically to all users upon resource creation
- Only by directly assigning access to individual users
- By assigning access either to individual users or to entire Azure AD groups
- Access can be granted solely through role-based assignments
Question 2)
In a security investigation scenario, an administrator needs to analyze potential risks through two types of reports: risky sign-ins and risky users. What information is included in the risky sign-ins report and risky users report, and what actions can the admin take based on these reports?
- Risky sign-ins report contains device details and dismissed risks, while risky users report covers the user history of safe sign-ins. Administrators can reset user passwords, dismiss user risks, and block user sign-ins.
- Risky sign-ins report provides information on safe or compromised sign-ins and device details. Risky users report includes lists of at-risk users. Administrators can reset user passwords, dismiss user risks, block user sign-ins, and confirm compromised accounts.
- Risky sign-ins report includes location, device details, and safe or compromised sign-ins. Risky users report lists users with dismissed risks. Administrators can block user sign-ins and confirm compromised accounts.
- Risky sign-ins report lists at-risk users and their sign-in history. Administrators can reset user passwords, block user sign-ins, and confirm compromised accounts
Question 3)
You are a cloud security engineer responsible for managing network connectivity and data protection in Microsoft Azure. Your organization utilizes ExpressRoute for private and dedicated connections to Azure services. As part of your role, you are tasked with ensuring data encryption for ExpressRoute connections. What is the primary method for encrypting data transmitted over an ExpressRoute connection in Microsoft Azure?
- Media Access Control Security (MACsec) encryption
- Internet Protocol Security (IPsec) encryption
- Azure Key Vault encryption
- SSL/TLS encryption
Question 4)
You are tasked with implementing an Azure application gateway to optimize and secure traffic for your organization’s web applications. Which configuration option should you choose to ensure optimal performance and security? Select all that apply.
- Configure Auto Scale so your Application Gateway can scale up as traffic increases.
- Use the basic tier for cost-effective load balancing and SSL termination.
- Enable Zone Redundancy to ensure high availability across multiple Azure Availability Zones.
- Configure the Web Application Firewall (WFA) SKU to protect against OWASP’s top 10 threats.
Question 5)
You are developing a mobile app that allows users to track their fitness goals and share their progress with friends. You want to implement a permissions and consent framework to ensure user data privacy. What should you consider when designing the framework?
- Collect and share users’ location to display personalized workout routes.
- Implement a clear and concise privacy policy that explains what data you will collect and how you will use it.
- Provide access to their camera and microphone to enhance the app’s social features.
- Share users’ fitness achievements on social media platforms without seeking their explicit consent.
Question 6)
You are developing a web application that needs to integrate with Microsoft 365 services to access user data and calendar events. Which of the following options correctly describes the role of Microsoft Graph in this scenario?
- Microsoft Graph is a machine learning framework that analyzes user behavior to provide personalized calendar suggestions.
- Microsoft Graph is an API that provides a unified endpoint for accessing data and capabilities across Microsoft 365 services.
- Microsoft Graph is a cloud-based relational database service that stores user data and events for seamless integration.
- Microsoft Graph is a virtual reality platform for immersive collaboration and communication within the application.
Question 7)
You are the IT Security Manager at a global e-commerce company. Your organization manages vast amounts of customer data and conducts regular key rollovers to maintain a robust security system. An internal audit has prompted the need for a comprehensive test key rollover using Azure Storage Explorer. What is the correct sequence of steps for performing a test key rollover test using Azure Storage Explorer?
- Retrieve the existing key, perform key rollover, download and install Azure Storage Explorer, and fix key rollover issue.
- Download and install Azure Storage Explorer, retrieve the existing key, perform key rollover, and fix key rollover issue.
- Retrieve the existing key, download and install Azure Storage Explorer, perform key rollover, and fix key rollover issue.
- Download and install Azure Storage Explorer, perform key rollover, retrieve the existing key, and fix key rollover issue.
Question 8)
You are the chief technology officer at a large healthcare institution that manages the electronic health records of patients. With the increasing demand for remote patient care, the institution has developed a patient portal that allows patients to access their medical records and communicate with healthcare professionals online. Given the sensitive nature of the data being transmitted, ensuring its security during transit is a top priority. Which encryption method should be implemented to ensure the confidentiality of patient data transmitted between the patient portal’s servers and the Azure SQL Database?
- Dynamic data masking
- Transparent data encryption (TDE)
- Virtual private network (VPN)
- Transport Layer Security (TLS)
Question 9)
As the IT security director of a healthcare organization, you’re grappling with the aftermath of a major security breach. The breach exposed sensitive patient records, causing significant financial and reputational damage. Your mission is to enhance cybersecurity to thwart unauthorized access and data breaches. How can you use Microsoft Defender for Cloud to help secure your organization against such cyberattacks?
- Through behavioral analytics and machine learning
- Through reactive incident response
- By relying solely on firewall data
- By assessing historical attack data
Question 10)
After a series of alarming security breaches, as the newly appointed head of cybersecurity, you’ve taken on the responsibility of fortifying the incident investigation process within your organization. You are exploring using Microsoft Sentinel to enhance incident investigation capabilities and minimize future vulnerabilities. What fundamental prerequisites must you address before initiating incident investigations using Microsoft Sentinel?
- Enable user-based analytics rules and utilize Directory Reader roles.
- Set up third-party integrations and configure IP-based mapping fields.
- Configure entity mapping and delegate Directory Reader roles for guest users if they’re required to assign incidents.
- Incorporate specialized analytics rules and leverage custom security roles.