WhizLabs Flashcards
Your company is planning on using Azure Cloud services.
They are looking at the different security aspects when it comes to Microsoft privacy.
Is Control a key Microsoft privacy principal?
A. Yes
B. No
A. Yes
Explanation:
Below are the key privacy principals as addresses by Microsoft:
Control
Transparency
Security
Strong legal protections
No content based targeting
Benefits to you
Your company is planning on using Azure Cloud Services.
They are looking at the different security aspects when it comes to Microsoft privacy.
Is Transparency a key Microsoft privacy principal?
A. Yes
B. No
A. Yes
Your company is planning on using Azure Cloud services. They are looking at the concept of the Zero Trust Principle. Is Verify Explicitly a Zero Trust Principle?
A. Yes
N. No
A. Yes
Explanation:
The principles when it comes to Zero trust are:
- Verify Explicitly
-Use least privileged access - Assume Breach
Your company is planning on using Azure Cloud services. They are looking at the concept of the Zero Trust Principle. Is Verify Explicitly a Zero Trust Principle?
A. Yes
B. No
A. Yes
Explanation:
The principles when it comes to Zero trust are:
- Verify Explicitly
-Use least privileged access - Assume Breach
Your company is planning on using Azure Cloud services. Which of the following can be used to ensure that data can be read only by authorized users?
A. Encryption
B. Deduplication
C. Archiving
D. Compression
A. Encryption
Explanation:
You can ensure data is encrypted. Then only authorized users would have the encryption key. The encryption key can then be used to decrypt and read the data
Your company is planning on using Azure Active Directory for the storage identities. They want to make use of the self service password reset feature. Which of the following authentication methods are available for self service password reset?
A. Mobile App Notification
B. Mobile App Code
C. Iris Recognition
D. Fingerprint Recognition
E. Email
F. Security questions
A. Mobile App Notification
B. Mobile App Code
E. Email
F. Security questions
Explanation:
SSPR provides users with the ability to change or reset their password, without administrator or help desk involvement. If a users account is locked or they forget their password, they can unblock themselves and follow the prompts to get back to work.
Your company is planning on using Azure AD. They already have user identities stored in their on premises AD. They want to sync the user identities from their on premises AD onto Azure AD. Which of the following could be used for this purpose?
A. Azure Blueprints
B. Azure AD Connect
C. Azure Identity Protection
D. Azure Privileged Identity Management
B. Azure AD Connect
Explanation:
Azure AD Connect is used to synchronize identities from the on premises AD onto Azure AD
Your company is planning on making use of Azure AD. Does the company need to create a virtual machine in Azure for hosting AD?
A. Yes
B. No
B. No
Explanation:
Azure AD is a completely managed service. The underlying infrastructure is managed by Azure.
Your company is planning on making use of NSGs. Can you make use of network security groups to filter traffic based on the IP address, protocol and port number?
A. Yes
B. No
A. Yes
Explanation:
For a network security group rule, you can create a rule that is based on the IP address, the protocol and the port number
Which of the following can be used to provide just in time access to resources?
A. Azure AD Identity Protection
B. Azure AD Privileged Identity Management
C. Azure MFA
D. Azure Blueprints
B. Azure AD Privileged Identity Management
Explanation:
Azure AD PIM can be sued to provide just in time access to your resources
In Azure AD PIM, you can add assignments to resources to users in Azure
Your company is planning on using Azure AD Identity Protection. Can you use Azure AD Identity Protection to provide access to resources in Azure?
A. Yes
B. No
A. Yes
Explanation:
Azure AD Identity Protection is used to identify risks based on the user sign in process. It is not used to provide access to resources in Azure
Your company is planning on using Azure AD Identity Protection.
Can you use Azure AD Identity Protection to enforce MFA for users based on a sign in risk policy?
A. Yes
B. No
A. Yes
Explanation:
In Azure AD Identity Protection, you can configure the sign in risk policy to allow access and enforce the use of MFA
Your company is planning on using Azure AD Identity Protection.
Does Azure AD Identity protection categorize events into Low, Medium and High?
A. Yes
B. No
A. Yes
Explanation:
When you configure a risk policy in Azure AD Identity Protection, you can decide on the category of risks.
This is because all of the identified risks are categorized into High Medium or Low risks
Which of the following can be used to provide a secure score for the resources defined as part of your Azure account?
A. Microsoft Defender for Cloud
B. Azure Key Vaults
C. Microsoft Sentinel
D. Azure Information Protection
A. Microsoft Defender for Cloud
Explanation:
You have to decide on the right service to use based on the requirement.
Which of the following would you use for the below requirement?
Provide Network Address Translation
A. Azure Bastion
B. Azure Firewall
C. Network Security Groups
D. Azure DDoS Protection
B. Azure Firewall
Explanation:
The Azure Firewall service has the facility to translate traffic via its public IP address to private IP addresses to virtual networks