Describe Azure identity, access, and security
61 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following statements about Azure Active Directory (Azure AD) is true?

  • Azure AD is only used for accessing Microsoft cloud applications
  • Azure AD is a cloud-based identity and access management service (correct)
  • Azure AD can only be used for on-premises Active Directory deployments
  • Azure AD does not provide any security features

    • What is the main purpose of Azure AD for IT administrators?

  • To control access to applications and resources based on business requirements (correct)
  • To authenticate into Microsoft 365 and Microsoft Office 365
  • To provide a standards-based approach for adding functionality to applications
  • To manage user identities and perform maintenance actions

    • What benefit does connecting Active Directory with Azure AD provide?

  • Enabling self-service password reset
  • Detecting suspicious sign-in attempts (correct)
  • Adding SSO functionality to applications
  • Monitoring sign-in attempts

    • Which authentication method simplifies the security model by granting access across applications to a single identity?

    <p>Single sign-on (SSO) (C)</p> Signup and view all the answers

    What is the purpose of multifactor authentication (MFA)?

    <p>To protect against a password compromise (D)</p> Signup and view all the answers

    Which authentication method requires the user to provide two or more elements to fully authenticate?

    <p>Multifactor authentication (MFA) (A)</p> Signup and view all the answers

    What does Azure AD Multi-Factor Authentication provide?

    <p>Multifactor authentication (MFA) (A)</p> Signup and view all the answers

    Which of the following is NOT a passwordless authentication method offered by Microsoft Azure?

    <p>Azure AD External Identities (B)</p> Signup and view all the answers

    Which of the following is a feature of Windows Hello for Business?

    <p>Ability to use a PIN for authentication (B)</p> Signup and view all the answers

    What is the main advantage of using FIDO2 security keys for passwordless authentication?

    <p>Increased security with no exposed or guessed passwords (D)</p> Signup and view all the answers

    What can external identities in Azure AD be used for?

    <p>Collaborating with partners and vendors (A)</p> Signup and view all the answers

    What is one of the services provided by Azure AD?

    <p>Authentication (C)</p> Signup and view all the answers

    What is the purpose of single sign-on (SSO)?

    <p>To simplify the security model (D)</p> Signup and view all the answers

    How can you connect your on-premises AD with Azure AD?

    <p>By using Azure AD Connect (C)</p> Signup and view all the answers

    What are the benefits of using Azure AD DS?

    <p>Enables legacy applications to use modern authentication methods (B)</p> Signup and view all the answers

    Which of the following best describes Azure AD B2B collaboration?

    <p>Collaborating with external users using their preferred identity to sign in to Microsoft applications and other enterprise applications. (B)</p> Signup and view all the answers

    Which of the following is NOT a capability of Azure External Identities?

    <p>Azure AD B2B (C)</p> Signup and view all the answers

    Conditional Access in Azure Active Directory allows access to resources based on which of the following signals?

    <p>User's role, location, and network (A)</p> Signup and view all the answers

    What is the purpose of Conditional Access in Azure Active Directory?

    <p>To allow or deny access to resources based on identity signals (C)</p> Signup and view all the answers

    Which of the following is true about Azure role-based access control (Azure RBAC)?

    <p>Azure RBAC allows you to control access to cloud resources based on the principle of least privilege. (C)</p> Signup and view all the answers

    What is the purpose of Azure role-based access control (Azure RBAC)?

    <p>To manage access permissions for multiple IT and engineering teams in a cloud environment. (B)</p> Signup and view all the answers

    Which of the following is a scope to which Azure role-based access control (Azure RBAC) can be applied?

    <p>A management group (A)</p> Signup and view all the answers

    How does Azure RBAC enforce access permissions?

    <p>Azure RBAC enforces access permissions on actions initiated against an Azure resource through Azure Resource Manager. (C)</p> Signup and view all the answers

    Which of the following best describes Azure Active Directory (Azure AD)?

    <p>A directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that you develop. (C)</p> Signup and view all the answers

    Which of the following is NOT a user of Azure AD?

    <p>Online service subscribers (A)</p> Signup and view all the answers

    What benefit does connecting Active Directory with Azure AD provide?

    <p>Detecting suspicious sign-in attempts for on-premises Active Directory. (D)</p> Signup and view all the answers

    Which of the following is NOT a passwordless authentication method offered by Microsoft Azure?

    <p>Azure AD Multi-Factor Authentication (D)</p> Signup and view all the answers

    What is the main advantage of using FIDO2 security keys for passwordless authentication?

    <p>They eliminate the need for a username and password (A)</p> Signup and view all the answers

    Which of the following is NOT a capability of Azure External Identities?

    <p>Enabling single sign-on for external users (C)</p> Signup and view all the answers

    What is the purpose of Conditional Access in Azure Active Directory?

    <p>To enforce access permissions based on certain signals (C)</p> Signup and view all the answers

    Which of the following is a service provided by Azure AD DS?

    <p>Domain join (D)</p> Signup and view all the answers

    What is the purpose of Azure AD Connect?

    <p>To synchronize user identities between on-premises Active Directory and Azure AD (D)</p> Signup and view all the answers

    How does Azure AD DS handle domain controllers in the managed domain?

    <p>They are deployed as a replica set in the selected Azure region (D)</p> Signup and view all the answers

    Is information synchronized between Azure AD and Azure AD DS in both directions?

    <p>No, information is only synchronized from Azure AD DS to Azure AD (B)</p> Signup and view all the answers

    Which of the following is NOT an authentication method supported by Azure?

    <p>Single sign-on (SSO) (D)</p> Signup and view all the answers

    What is the purpose of single sign-on (SSO)?

    <p>To enable a user to sign in one time and use that credential to access multiple resources and applications from different providers (B)</p> Signup and view all the answers

    What elements fall into the category of 'Something the user knows' in multifactor authentication?

    <p>A challenge question (D)</p> Signup and view all the answers

    What is the purpose of Azure AD Multi-Factor Authentication?

    <p>To provide multifactor authentication capabilities (B)</p> Signup and view all the answers

    Which of the following best describes the purpose of Azure AD B2C?

    <p>To publish modern SaaS apps or custom-developed apps to consumers and customers (C)</p> Signup and view all the answers

    What is the purpose of Azure conditional access?

    <p>To allow (or deny) access to resources based on identity signals (B)</p> Signup and view all the answers

    When can Conditional Access be useful?

    <p>When you need to require multifactor authentication depending on the requester's role, location, or network (A)</p> Signup and view all the answers

    What is the purpose of enforcement in Azure conditional access?

    <p>To carry out the decision made based on the signals (A)</p> Signup and view all the answers

    Which of the following best describes Azure role-based access control (Azure RBAC)?

    <p>A. Azure RBAC allows you to control access to your cloud resources based on the principle of least privilege. (B)</p> Signup and view all the answers

    When is role-based access control applied to resources in Azure?

    <p>D. When a user is assigned a role at the resource level. (D)</p> Signup and view all the answers

    How does Azure RBAC enforce access permissions?

    <p>C. Azure RBAC uses an allow model, allowing users to perform actions within the scope of their assigned role. (A)</p> Signup and view all the answers

    What is the hierarchy of Azure RBAC?

    <p>A. Management group &gt; Subscription &gt; Resource group &gt; Resource (B)</p> Signup and view all the answers

    Which of the following is a guiding principle of the Zero Trust security model?

    <p>Authenticate and authorize based on all available data points (B)</p> Signup and view all the answers

    According to the text, how does the Zero Trust model differ from traditional corporate networks?

    <p>It requires everyone to authenticate (C)</p> Signup and view all the answers

    What is the main goal of the Zero Trust security model?

    <p>To protect resources based on the assumption of breach (C)</p> Signup and view all the answers

    Which layer of defense-in-depth is responsible for securing access to virtual machines?

    <p>Compute (A)</p> Signup and view all the answers

    What is the purpose of the network layer in defense-in-depth?

    <p>To limit communication between resources (A)</p> Signup and view all the answers

    Which layer of defense-in-depth focuses on physically securing access to buildings and controlling access to computing hardware?

    <p>Physical security (D)</p> Signup and view all the answers

    What is the main objective of defense-in-depth?

    <p>To protect information and prevent unauthorized access (A)</p> Signup and view all the answers

    Which of the following is NOT a feature provided by Microsoft Defender for Servers?

    <p>Vulnerability assessment (B)</p> Signup and view all the answers

    What is the purpose of Defender for Cloud?

    <p>To continuously assess the security posture of your environment (C)</p> Signup and view all the answers

    What is the role of Azure Security Benchmark in Defender for Cloud?

    <p>To provide guidelines for security and compliance best practices (A)</p> Signup and view all the answers

    What does Defender for Cloud's secure score indicate?

    <p>The overall health of your security posture (A)</p> Signup and view all the answers

    Which of the following best describes the purpose of Microsoft Defender for Cloud?

    <p>It is a monitoring tool for security posture management and threat protection (B)</p> Signup and view all the answers

    What does Defender for Cloud help you detect threats across?

    <p>Azure PaaS services, Azure data services, and networks (D)</p> Signup and view all the answers

    How can you extend Defender for Cloud's protection to on-premises servers?

    <p>Deploy Azure Arc and enable enhanced security features (A)</p> Signup and view all the answers

    Which of the following is NOT a capability of Defender for Cloud in protecting resources in other clouds?

    <p>Container threat detection for Amazon EKS Linux clusters (D)</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser