For each of the following statements, select Yes if the statement is true. Otherwise, select No. - GitHub is a cloud-based identity provider - Federation provides single sign-on (SSO) with multiple service providers - A central identity provider manages all modern authentication services, such as authentication, authorization, and auditing

- GitHub is a cloud-based identity provider → Yes - Federation provides single sign-on (SSO) with multiple service providers → Yes - A central identity provider manages all modern authentication services, such as authentication, authorization, and auditing → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Microsoft Sentinel uses logic apps to identify anomalies across resources - Microsoft Sentinel uses workbooks to correlate alerts into incidents - The hunting search-and-query tools of Microsoft Sentinel are based on the MITRE ATT&CK framework

- Microsoft Sentinel uses logic apps to identify anomalies across resources → No - Microsoft Sentinel uses workbooks to correlate alerts into incidents → No - The hunting search-and-query tools of Microsoft Sentinel are based on the MITRE ATT&CK framework → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - You can restrict communication between users in Exchange Online by using Information Barriers - You can restrict accessing a SharePoint Online site by using Information Barriers - You can prevent sharing a file with another user in Microsoft Teams by using Information Barriers

- You can restrict communication between users in Exchange Online by using Information Barriers → Yes - You can restrict accessing a SharePoint Online site by using Information Barriers → Yes - You can prevent sharing a file with another user in Microsoft Teams by using Information Barriers → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Communication compliance is configured by using the Microsoft 365 admin center - Microsoft SharePoint Online supports communication compliance - Communication compliance can remediate compliance issues

- Communication compliance is configured by using the Microsoft 365 admin center → No - Microsoft SharePoint Online supports communication compliance → Yes - Communication compliance can remediate compliance issues → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Retention policies assign the same retention settings to all the files in a Microsoft SharePoint Online library - Retention labels can be assigned to individual files and email messages - You can assign multiple retention labels to an email message or a document

- Retention policies assign the same retention settings to all the files in a Microsoft SharePoint Online library → Yes - Retention labels can be assigned to individual files and email messages → Yes - You can assign multiple retention labels to an email message or a document → No

Topic 5 Flashcards by Mauro Di Grazia

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

GitHub is a cloud-based identity provider
Federation provides single sign-on (SSO) with multiple service providers
A central identity provider manages all modern authentication services, such as authentication, authorization, and auditing

GitHub is a cloud-based identity provider → Yes
Federation provides single sign-on (SSO) with multiple service providers → Yes
A central identity provider manages all modern authentication services, such as authentication, authorization, and auditing → Yes

How well did you know this?

Not at all

Perfectly

You need to identify which cloud service models place the most responsibility on the customer in a shared responsibility model.

In which order should you list the service models from the most customer responsibility to the least?

-Models-
- platform as a service (PaaS)
- software as a service (SaaS)
- on-premises datacenter
- infrastructure as a service (IaaS)

1) on-premises datacenter
2) infrastructure as a service (IaaS)
3) platform as a service (PaaS)
4) software as a service (SaaS)

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

You can assign _________ to an Azure AD role.
↘
- a management group
- a resource group
- a security principal
- an administrative unit

a security principal

How well did you know this?

Not at all

Perfectly

You have an Azure subscription.

You need to implement approval-based, time-bound role activation.

What should you use?

A. access reviews in Azure AD
B. Azure AD Privileged Identity Management (PIM)
C. Azure AD Identity Protection
D. Conditional access in Azure AD

B. Azure AD Privileged Identity Management (PIM)

How well did you know this?

Not at all

Perfectly

What should you use in the Microsoft 365 Defender portal to view security trends and track the protection status of identities?

A. Reports
B. Incidents
C. Hunting
D. Secure score

A. Reports

Keywords = trends and track = Reports

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Azure Application Insights
Azure Network Watcher
Log Analytics workspaces
Microsoft cloud security benchmark
↘
provides baseline recommendations and guidance for protecting Azure services.

Microsoft cloud security benchmark

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Microsoft Sentinel uses logic apps to identify anomalies across resources
Microsoft Sentinel uses workbooks to correlate alerts into incidents
The hunting search-and-query tools of Microsoft Sentinel are based on the MITRE ATT&CK framework

Microsoft Sentinel uses logic apps to identify anomalies across resources → No
Microsoft Sentinel uses workbooks to correlate alerts into incidents → No
The hunting search-and-query tools of Microsoft Sentinel are based on the MITRE ATT&CK framework → Yes

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You can restrict communication between users in Exchange Online by using Information Barriers
You can restrict accessing a SharePoint Online site by using Information Barriers
You can prevent sharing a file with another user in Microsoft Teams by using Information Barriers

You can restrict communication between users in Exchange Online by using Information Barriers → Yes
You can restrict accessing a SharePoint Online site by using Information Barriers → Yes
You can prevent sharing a file with another user in Microsoft Teams by using Information Barriers → Yes

How well did you know this?

Not at all

Perfectly

Which portal contains the solution catalog?

A. Microsoft Purview compliance portal
B. Microsoft 365 Defender portal
C. Microsoft 365 admin center
D. Microsoft 365 Apps admin center

A. Microsoft Purview compliance portal

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

In the Microsoft Purview compliance portal, you can use _____ to remove features from the navigation pane.
↘
- Compliance Manager
- Customize navigation
- Policies
- Settings

Customize navigation

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Communication compliance is configured by using the Microsoft 365 admin center
Microsoft SharePoint Online supports communication compliance
Communication compliance can remediate compliance issues

Communication compliance is configured by using the Microsoft 365 admin center → No
Microsoft SharePoint Online supports communication compliance → Yes
Communication compliance can remediate compliance issues → Yes

How well did you know this?

Not at all

Perfectly

You implement Compliance Manager.
You need to retrieve status information for a control task.
Which two options can you use?

Select “Conditions for Collection and Processing”: This option is located in the lower left corner and indicates that 1 out of 7 conditions have been assessed.
Select the Export Option: This option is located in the upper right corner and allows you to export the status information.

How well did you know this?

Not at all

Perfectly

When you enable Azure AD Multi-Factor Authentication (MFA), how many factors are required for authentication?

A. 1
B. 2
C. 3
D. 4

B. 2

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Microsoft Defender for Cloud assesses Azure resources ________ for security issues.
↘
- continuously
- daily
- every 15 minutes
- hourly

continuously

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Retention policies assign the same retention settings to all the files in a Microsoft SharePoint Online library
Retention labels can be assigned to individual files and email messages
You can assign multiple retention labels to an email message or a document

Retention policies assign the same retention settings to all the files in a Microsoft SharePoint Online library → Yes
Retention labels can be assigned to individual files and email messages → Yes
You can assign multiple retention labels to an email message or a document → No

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

A certificate
A service principal
A system-assigned managed identity
A user-assigned managed identity
↘
is used when Azure web apps must use the same identity

A user-assigned managed identity

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Conditional Access policies are enforced _____ first-factor authentication.
↘
- after
- before
- during
- instead of

after

How well did you know this?

Not at all

Perfectly

You are the Microsoft 365 administrator for a company.
You need to identify available cloud security features.
Match each feature to the correct description.

-Features-
- Cloud Discovery dashboard (now Microsoft Defender for Cloud Apps)
- Microsoft Azure AD Conditional Access
- Microsoft Azure Security Center (now Microsoft Defender for Cloud)
- Microsoft Azure Information Protection (now Microsoft Purview Information Protection)

-Description-
- Classify and label emails and documents in the organization
- Block users from accessing cloud apps from certain devices
- Provide insight into which apps are being used in the organization and risk levels for the apps
- Manage security policies, monitor attacks against virtual machines, and provide remediation for vulnerabilities

Cloud Discovery dashboard → Provide insight into which apps are being used in the organization and risk levels for the apps.

Microsoft Azure AD Conditional Access → Block users from accessing cloud apps from certain devices.

Microsoft Azure Security Center → Manage security policies, monitor attacks against virtual machines, and provide remediation for vulnerabilities.

Microsoft Azure Information Protection → Classify and label emails and documents in the organization

Which Microsoft Purview solution can be used to identify data leakage?

A. insider risk management
B. Compliance Manager
C. communication compliance
D. eDiscovery

A. insider risk management

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Conditional Access is implemented by using policies in Microsoft Entra ID
A Conditional Access policy can block or allow Microsoft Entra ID connections based upon the specific platform of a user’s device
A Conditional Access policy can be applied to a Microsoft 365 group

Conditional Access is implemented by using policies in Microsoft Entra ID → Yes
A Conditional Access policy can block or allow Microsoft Entra ID connections based upon the specific platform of a user’s device → Yes
A Conditional Access policy can be applied to a Microsoft 365 group → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You can assign apps to devices that are not enrolled with Microsoft Intune
You can assign wrapped apps, or apps that incorporate the Intune SDK, only if the device is enrolled with Intune
You can install available apps from the web-based Company Portal app regardless of whether the device if enrolled with Intune

You can assign apps to devices that are not enrolled with Microsoft Intune → Yes
You can assign wrapped apps, or apps that incorporate the Intune SDK, only if the device is enrolled with Intune → No
You can install available apps from the web-based Company Portal app regardless of whether the device if enrolled with Intune → Yes

A company needs to protect documents and emails by automatically applying classifications and labels. You must minimize costs.
What should the company implement?

The company should implement
↘
- Azure Information Protection P1
- Azure Information Protection P2
- Microsoft 365 E3

Azure Information Protection P2

Select the answer that correctly completes the sentence.

Microsoft Entra Permissions Management is
↘
- a cloud infrastructure entitlement management (CIEM) solution
- a cloud security posture management (CSPM) solution
- a security information and event management (SIEM) solution
- an extended detection and response (XDR) solution

a cloud infrastructure entitlement management (CIEM) solution

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Microsoft Entra Permissions Management can be managed by using the Microsoft Purview compliance portal
Microsoft Entra Permissions Management can be used to manage permissions in Amazon Web Services (AWS)
Microsoft Secure Score can be reviewed from Permissions Management in the Microsoft Entra admin center

Microsoft Entra Permissions Management can be managed by using the Microsoft Purview compliance portal → No
Microsoft Entra Permissions Management can be used to manage permissions in Amazon Web Services (AWS) → Yes
Microsoft Secure Score can be reviewed from Permissions Management in the Microsoft Entra admin center → No

Which service includes Microsoft Secure Score for Devices? A. Microsoft Defender for IoT B. Microsoft Defender for Endpoint C. Microsoft Defender for Identity D. Microsoft Defender for Office 365

B. Microsoft Defender for Endpoint

Which Microsoft portal provides information about how Microsoft cloud services comply with regulatory standard, such as International Organization for Standardization (ISO)? A. the Microsoft 365 admin center B. Azure Cost Management + Billing C. Microsoft Service Trust Portal D. the Microsoft Purview compliance portal

C. Microsoft Service Trust Portal

Select the answer that correctly completes the sentence. You can ______ the default security rules of a network security group (NSG). ↘ - copy - delete - override

override

You have an Azure subscription that contains a Log Analytics workspace. You need to onboard Microsoft Sentinel. What should you do first? A. Create a hunting query. B. Correlate alerts into incidents. C. Connect to your data sources. D. Create a custom detection rule.

C. Connect to your data sources.

What is Azure Key Vault used for? A. to deploy a cloud-based network security service that protects Azure virtual network resources B. to protect cloud-based applications from cyber threats and vulnerabilities C. to safeguard cryptographic keys and other secrets used by cloud apps and services D. to provide secure and seamless RDP/SSH connectivity to Azure virtual machines via TLS from the Azure portal

C. to safeguard cryptographic keys and other secrets used by cloud apps and services

When a user authenticates by using passwordless sign-in, what should the user select in the Microsoft Authenticator app? A. an answer to a security question B. a number C. an alphanumeric key D. a passphrase

B. a number

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Microsoft Defender for Cloud is a development security operations (DevSecOps) solution - Microsoft Defender for Cloud is a cloud security posture management (CSPM) solution - Microsoft Defender for Cloud is a cloud workload protection platform (CWPP) solution

- Microsoft Defender for Cloud is a development security operations (DevSecOps) solution → Yes - Microsoft Defender for Cloud is a cloud security posture management (CSPM) solution → Yes - Microsoft Defender for Cloud is a cloud workload protection platform (CWPP) solution → Yes

Select the answer that correctly completes the sentence. Microsoft provides the _______ as a public site for publishing audit reports and other compliance-related information associated with Microsoft cloud services. ↘ - Azure EA portal - Microsoft Purview compliance portal - Microsoft Purview governance portal - Microsoft Service Trust Portal

Microsoft Service Trust Portal

What feature supports email as a method of authenticating users? A. Microsoft Entra ID Protection B. Microsoft Entra Multi-Factor Authentication (MFA) C. self-service password reset (SSPR) D. Microsoft Entra Password Protection

C. self-service password reset (SSPR)

What Microsoft Purview feature can use machine learning algorithms to detect and automatically protect sensitive items? A. eDiscovery B. Data loss prevention C. Information risks D. Communication compliance

B. Data loss prevention (DLP)

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - eDiscovery (Standard) search results can be exported - eDiscovery (Standard) can be integrated with insider risk management - eDiscovery (Standard) can be used to search Microsoft Exchange Online public folders

- eDiscovery (Standard) search results can be exported → Yes - eDiscovery (Standard) can be integrated with insider risk management → No - eDiscovery (Standard) can be used to search Microsoft Exchange Online public folders → Yes

Select the answer that correctly completes the sentence. How to create a virtual network is part of the ______ information in the Microsoft cloud security benchmark (MCSB) ↘ - Azure Guidance - mapping to industry frameworks - recommendation - Security Principle

Azure Guidance

Which two actions can you perform by using Azure Key Vault? A. Store secrets. B. Store Azure Resource Manager (ARM) templates. C. Implement network security groups (NSGs). D. Implement Azure DDoS Protection. E. Store keys.

A. Store secrets. E. Store keys.

Which feature is included in Microsoft Entra ID Governance? A. Identity Protection B. Privileged Identity Management C. Permissions Management D. Verifiable credentials

B. Privileged Identity Management (PIM)

What should you create to search and export content preserved in an eDiscovery hold? A. a Microsoft SharePoint Online site B. a case C. a Microsoft Exchange Online public folder D. Azure Files

B. a case

Which Microsoft Purview data classification type supports the use of regular expressions? A. exact data match (EDM) B. fingerprint classifier C. sensitive information types (SITs) D. trainable classifier

C. sensitive information types (SITs)

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Microsoft Entra Access Review evaluates user and group permissions for Azure resources. - A user can be removed from a group automatically after a Microsoft Entra Access Review evaluation. - The Microsoft Entra Access Review feature is available in all Microsoft Entra ID service plans.

- Microsoft Entra Access Review evaluates user and group permissions for Azure resources. → Yes - A user can be removed from a group automatically after a Microsoft Entra Access Review evaluation. → Yes - The Microsoft Entra Access Review feature is available in all Microsoft Entra ID service plans. → No

Select the answer that correctly completes the sentence. Using your company credentials to access a partner company's resources requires a ______ solution between the two companies. ↘ - federation - hybrid - multi-factor authentication (MFA) - pass-through authentication

federation

Which two types of devices can be managed by using Endpoint data loss prevention (Endpoint DLP)? A. Windows 11 B. Linux C. iOS D. macOS E. Android

A. Windows 11 D. macOS

Select the answer that correctly completes the sentence. Microsoft Sentinel uses _______ to correlate alerts into incidents. ↘ - analytics - hunting - notebooks - workbooks

analytics