Describe Azure identity, access, and security
61 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following statements about Azure Active Directory (Azure AD) is true?

  • Azure AD is only used for accessing Microsoft cloud applications
  • Azure AD is a cloud-based identity and access management service (correct)
  • Azure AD can only be used for on-premises Active Directory deployments
  • Azure AD does not provide any security features

    • What is the main purpose of Azure AD for IT administrators?

  • To control access to applications and resources based on business requirements (correct)
  • To authenticate into Microsoft 365 and Microsoft Office 365
  • To provide a standards-based approach for adding functionality to applications
  • To manage user identities and perform maintenance actions

    • What benefit does connecting Active Directory with Azure AD provide?

  • Enabling self-service password reset
  • Detecting suspicious sign-in attempts (correct)
  • Adding SSO functionality to applications
  • Monitoring sign-in attempts

    • Which authentication method simplifies the security model by granting access across applications to a single identity?

    <p>Single sign-on (SSO)</p> Signup and view all the answers

    What is the purpose of multifactor authentication (MFA)?

    <p>To protect against a password compromise</p> Signup and view all the answers

    Which authentication method requires the user to provide two or more elements to fully authenticate?

    <p>Multifactor authentication (MFA)</p> Signup and view all the answers

    What does Azure AD Multi-Factor Authentication provide?

    <p>Multifactor authentication (MFA)</p> Signup and view all the answers

    Which of the following is NOT a passwordless authentication method offered by Microsoft Azure?

    <p>Azure AD External Identities</p> Signup and view all the answers

    Which of the following is a feature of Windows Hello for Business?

    <p>Ability to use a PIN for authentication</p> Signup and view all the answers

    What is the main advantage of using FIDO2 security keys for passwordless authentication?

    <p>Increased security with no exposed or guessed passwords</p> Signup and view all the answers

    What can external identities in Azure AD be used for?

    <p>Collaborating with partners and vendors</p> Signup and view all the answers

    What is one of the services provided by Azure AD?

    <p>Authentication</p> Signup and view all the answers

    What is the purpose of single sign-on (SSO)?

    <p>To simplify the security model</p> Signup and view all the answers

    How can you connect your on-premises AD with Azure AD?

    <p>By using Azure AD Connect</p> Signup and view all the answers

    What are the benefits of using Azure AD DS?

    <p>Enables legacy applications to use modern authentication methods</p> Signup and view all the answers

    Which of the following best describes Azure AD B2B collaboration?

    <p>Collaborating with external users using their preferred identity to sign in to Microsoft applications and other enterprise applications.</p> Signup and view all the answers

    Which of the following is NOT a capability of Azure External Identities?

    <p>Azure AD B2B</p> Signup and view all the answers

    Conditional Access in Azure Active Directory allows access to resources based on which of the following signals?

    <p>User's role, location, and network</p> Signup and view all the answers

    What is the purpose of Conditional Access in Azure Active Directory?

    <p>To allow or deny access to resources based on identity signals</p> Signup and view all the answers

    Which of the following is true about Azure role-based access control (Azure RBAC)?

    <p>Azure RBAC allows you to control access to cloud resources based on the principle of least privilege.</p> Signup and view all the answers

    What is the purpose of Azure role-based access control (Azure RBAC)?

    <p>To manage access permissions for multiple IT and engineering teams in a cloud environment.</p> Signup and view all the answers

    Which of the following is a scope to which Azure role-based access control (Azure RBAC) can be applied?

    <p>A management group</p> Signup and view all the answers

    How does Azure RBAC enforce access permissions?

    <p>Azure RBAC enforces access permissions on actions initiated against an Azure resource through Azure Resource Manager.</p> Signup and view all the answers

    Which of the following best describes Azure Active Directory (Azure AD)?

    <p>A directory service that enables you to sign in and access both Microsoft cloud applications and cloud applications that you develop.</p> Signup and view all the answers

    Which of the following is NOT a user of Azure AD?

    <p>Online service subscribers</p> Signup and view all the answers

    What benefit does connecting Active Directory with Azure AD provide?

    <p>Detecting suspicious sign-in attempts for on-premises Active Directory.</p> Signup and view all the answers

    Which of the following is NOT a passwordless authentication method offered by Microsoft Azure?

    <p>Azure AD Multi-Factor Authentication</p> Signup and view all the answers

    What is the main advantage of using FIDO2 security keys for passwordless authentication?

    <p>They eliminate the need for a username and password</p> Signup and view all the answers

    Which of the following is NOT a capability of Azure External Identities?

    <p>Enabling single sign-on for external users</p> Signup and view all the answers

    What is the purpose of Conditional Access in Azure Active Directory?

    <p>To enforce access permissions based on certain signals</p> Signup and view all the answers

    Which of the following is a service provided by Azure AD DS?

    <p>Domain join</p> Signup and view all the answers

    What is the purpose of Azure AD Connect?

    <p>To synchronize user identities between on-premises Active Directory and Azure AD</p> Signup and view all the answers

    How does Azure AD DS handle domain controllers in the managed domain?

    <p>They are deployed as a replica set in the selected Azure region</p> Signup and view all the answers

    Is information synchronized between Azure AD and Azure AD DS in both directions?

    <p>No, information is only synchronized from Azure AD DS to Azure AD</p> Signup and view all the answers

    Which of the following is NOT an authentication method supported by Azure?

    <p>Single sign-on (SSO)</p> Signup and view all the answers

    What is the purpose of single sign-on (SSO)?

    <p>To enable a user to sign in one time and use that credential to access multiple resources and applications from different providers</p> Signup and view all the answers

    What elements fall into the category of 'Something the user knows' in multifactor authentication?

    <p>A challenge question</p> Signup and view all the answers

    What is the purpose of Azure AD Multi-Factor Authentication?

    <p>To provide multifactor authentication capabilities</p> Signup and view all the answers

    Which of the following best describes the purpose of Azure AD B2C?

    <p>To publish modern SaaS apps or custom-developed apps to consumers and customers</p> Signup and view all the answers

    What is the purpose of Azure conditional access?

    <p>To allow (or deny) access to resources based on identity signals</p> Signup and view all the answers

    When can Conditional Access be useful?

    <p>When you need to require multifactor authentication depending on the requester's role, location, or network</p> Signup and view all the answers

    What is the purpose of enforcement in Azure conditional access?

    <p>To carry out the decision made based on the signals</p> Signup and view all the answers

    Which of the following best describes Azure role-based access control (Azure RBAC)?

    <p>A. Azure RBAC allows you to control access to your cloud resources based on the principle of least privilege.</p> Signup and view all the answers

    When is role-based access control applied to resources in Azure?

    <p>D. When a user is assigned a role at the resource level.</p> Signup and view all the answers

    How does Azure RBAC enforce access permissions?

    <p>C. Azure RBAC uses an allow model, allowing users to perform actions within the scope of their assigned role.</p> Signup and view all the answers

    What is the hierarchy of Azure RBAC?

    <p>A. Management group &gt; Subscription &gt; Resource group &gt; Resource</p> Signup and view all the answers

    Which of the following is a guiding principle of the Zero Trust security model?

    <p>Authenticate and authorize based on all available data points</p> Signup and view all the answers

    According to the text, how does the Zero Trust model differ from traditional corporate networks?

    <p>It requires everyone to authenticate</p> Signup and view all the answers

    What is the main goal of the Zero Trust security model?

    <p>To protect resources based on the assumption of breach</p> Signup and view all the answers

    Which layer of defense-in-depth is responsible for securing access to virtual machines?

    <p>Compute</p> Signup and view all the answers

    What is the purpose of the network layer in defense-in-depth?

    <p>To limit communication between resources</p> Signup and view all the answers

    Which layer of defense-in-depth focuses on physically securing access to buildings and controlling access to computing hardware?

    <p>Physical security</p> Signup and view all the answers

    What is the main objective of defense-in-depth?

    <p>To protect information and prevent unauthorized access</p> Signup and view all the answers

    Which of the following is NOT a feature provided by Microsoft Defender for Servers?

    <p>Vulnerability assessment</p> Signup and view all the answers

    What is the purpose of Defender for Cloud?

    <p>To continuously assess the security posture of your environment</p> Signup and view all the answers

    What is the role of Azure Security Benchmark in Defender for Cloud?

    <p>To provide guidelines for security and compliance best practices</p> Signup and view all the answers

    What does Defender for Cloud's secure score indicate?

    <p>The overall health of your security posture</p> Signup and view all the answers

    Which of the following best describes the purpose of Microsoft Defender for Cloud?

    <p>It is a monitoring tool for security posture management and threat protection</p> Signup and view all the answers

    What does Defender for Cloud help you detect threats across?

    <p>Azure PaaS services, Azure data services, and networks</p> Signup and view all the answers

    How can you extend Defender for Cloud's protection to on-premises servers?

    <p>Deploy Azure Arc and enable enhanced security features</p> Signup and view all the answers

    Which of the following is NOT a capability of Defender for Cloud in protecting resources in other clouds?

    <p>Container threat detection for Amazon EKS Linux clusters</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser