Microsoft SCI fundamentals Assessment 2 Flashcards

1
Q

Azure Firewall

A

Provides Network Address Translation (NAT) services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Azure Bastion

A

Provides secure and seamless Remote Desktop connectivity to Azure virtual machines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network security group (NSG)

A

Provides traffic filtering that can be applied to specific network interfaces on a virtual network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

__________ is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response.

A

Azure Sentinel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Yes or No
Azure Defender can detect vulnerabilities and threats for Azure Storage

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Yes or No
Cloud Security Posture Management (CSPM) is available for all Azure subscriptions

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You can use _____ in the Microsoft 365 security center to view an aggregation of alerts that relate to the same attack

A

Incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Yes or No
With Advanced Audit in Microsoft 365, you can identify when email items were accessed

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Yes or No
Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Yes or No
Advanced Audit in Microsoft 365 allocates customer- dedicated bandwidth for accessing audit data

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Yes or No
Azure Active Directory ( Azure AD) Identify Protection can add users to groups based on the users’ risk level

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Yes or No
Azure Active Directory (Azure AD) Identity Protection can detect whether user credentials were leaked to the public

A

YEs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Yes or No
Azure Active Directory (Azure AD) Identity Protection can be used to invoke Multi-Factor Authentication based on a user’s risk level

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Compliance Manager assesses compliance data ____ for an organization

A

continually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Yes or No
Sensitivity labels can be used to encrypt documents

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Yes or No
Sensitivity labels can add headers and footers to documents

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Yes or No
Sensitivity labels can apply watermarks to emails

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Yes or No
Compliance Manager tracks only customer-managed controls

A

no

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Yes or No
Compliance Manager provides predefined templates for creating assessments

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Yes or No
Compliance Manager can help you assess whether data adheres to specific data protection standards

A

yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Yes or No
Azure Security Center can evaluate the security of workloads deployed to Azure or on-premises

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

You can use ____ in the Microsoft 365 security center to view an aggregation of alerts that relate to the same attack

A

Incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Yes or No
Azure Active Directory (Azure AD) Identity Protection can add users to groups based on the users’ risk level

A

No

24
Q

Yes or No
Azure Policy supports automatic remediation.

A

yes

25
Q

Yes or No
Azure policy can be used to ensure that new resources adhere to corporate standards.

A

Yes

26
Q

Yes or No
Compliance evaluation in Azure Policy occur only when a target resource is created or modified.

A

No

27
Q

Which three authentication methods can be used by Azure Multi-Factor Authentication (MFA)?

A

-A text message (SMS)
-Microsoft Authenticator app
-Phone call

28
Q

Yes or No
All Azure Active Directory (Azure AD) license include the same features.

A

No

29
Q

yes or no
You can manage an Azure Active Directory (Azure AD) tenant by using the Azure portal.

A

yes

30
Q

yes or no
You must deploy Azure virtual machines to host an Azure Active Directory (Azure AD) tenant.

A

No

31
Q

yes or no
Network security groups (NSGs) can deny inbound traffic from the internet.

A

yes

32
Q

yes or no
Network security groups (NSGs) can deny outbound traffic to the internet.

A

yes

33
Q

yes or no
Network security groups (NSGs) can deny outbound traffic to the internet.

A

yes

34
Q

yes or no
Network security groups (NSGs) can filter traffic based on IP address, protocol, and port.

A

yes

35
Q

yes or no
Microsoft Intune can be used to manage Android devices.

A

yes

36
Q

Microsoft Intune can be used to provision Azure subscriptions.

A

no

37
Q

yes or no
Microsoft Intune can be used to manage organization-owned devices and personal devices.

A

yes

38
Q

You can create one Azure Bastion per virtual network.

A

yes

39
Q

yes or no
Azure Bastion provides a secure connection to an Azure virtual machine by using the Azure portal.

A

yes

40
Q

A company wants to make use of Windows Hello for business when it comes to authentication. Which of the following are the authentication techniques available for Windows Hello for business?

A

-A pin
-Facial recognition
-Fingerprint recognition

41
Q

Which of the following can be used to provide a secure score for the resources defined as part of your Azure account?

A

Azure Security Center

42
Q

Your company has just setup an Azure subscription. They have the following requirements

– Be able to deploy a set of resources, resource groups, role assignments to a set of subscriptions.
– Be able to ensure no one can delete resources defined in a resource group named lead2pass-staging
– Ensure that all Windows Servers defined as Azure virtual machines should have the Microsoft IaaS Antimalware extension installed

Which of the following can be used for the following requirement?

– Be able to ensure no one can delete resources defined in a resource group named lead2pass-rg

A

Azure Resource locks

43
Q

You are considering the use of sensitivity labels in Microsoft 365. Can sensitivity labels can be used to encrypt the contents in documents?

A

yes

44
Q

You are planning on making use of the Azure Bastion service. Can you use the Azure Bastion service to restrict traffic from the Internet onto an Azure virtual machine?

A

no

45
Q

You are looking at the capabilities of Azure Active Directory. Can you use Azure Active Directory to manage device registrations in Azure Active Directory?

A

yes

46
Q

Your company is planning on using Azure Cloud services. Which of the following can be used to ensure that data can be read only by authorized users?

A

Encryption

47
Q

Your company is planning on using Azure Active Directory for the storage of identities. They want to make use of the self-service password reset feature.
Which of the following authentication methods are available for self-service password reset? Choose 3 answers from the options given below.

A

-Email
-Mobile app notification
-Mobile app code

48
Q

Your company wants to start making use of Azure. They are looking at different security aspects when it comes to using Azure.
Which of the following could be used for the following requirement?

– Enforce Multi-Factor authentication based on the sign-in risk

A

Azure AD Identity Management

49
Q

Which of the following is a scalable, cloud-native, security information event management and security orchestration automated response solution?

A

Azure Sentinel

50
Q

Which of the following provides advanced and intelligent protection of Azure and hybrid resources and workloads?

A

Azure Defender

51
Q

Which of the following is available for the Azure Application Gateway service that helps to protect web applications from common exploits and vulnerabilities?

A

Azure Web Application Firewall

52
Q

You are evaluating the different services available in Azure when it comes to security. Which of the following can be accomplished with the use of the Azure Privileged Identity Managed service?

A

Provide just-in-time access to resource roles in Azure

53
Q

You are evaluating the different discovery tools that are available with Microsoft 365. You need to map the tool that can be used for desired requirement below:

– Be able to quickly find email in Exchange mailboxes

Which of the following would you use for this requirement?

A

Content search

54
Q

You are evaluating the different discovery tools that are available with Microsoft 365. You need to map the tool that can be used for desired requirement below:

– Provide basic capabilities on searching and exporting of content in Microsoft 365

Which of the following would you use for this requirement?

A

Core eDiscovery

55
Q

In the Microsoft Cloud Adoption Framework for Azure, which two phases are addressed before the Ready phase? Each correct answer presents a complete solution.

A

-Plan
-Define Strategy