Module quiz: Security management in Azure :Cybersecurity Solutions and Microsoft Defender (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. Feature of Entra ID that provides an additional security layer
✅ Multi-factor authentication
❌ DDoS protection
❌ Real-time threat detection
❌ Third-party integration
Explanation:
MFA adds a second verification step, strengthening identity security.
2. What Microsoft Defender for Cloud provides
✅ Continuous monitoring and threat detection
❌ Encryption at rest
❌ Key rotation
❌ Role assignments
Explanation:
Defender for Cloud is a cloud security posture + threat detection system.
3. How Azure Bastion reduces attack surface
❌ Firewall automation
❌ VM data encryption
✅ Removes need to expose RDP/SSH ports to the internet
❌ Detects login attempts
Explanation:
Bastion allows secure remote access without public IP ports.
4. What Azure Policy can do to existing non-compliant resources
❌ Disable access
❌ Delete resources
❌ Auto-fix immediately
✅ Flag non-compliant resources without changes
Explanation:
Azure Policy evaluates compliance; remediation is optional, not automatic.
5. Microsoft Sentinel’s primary function
❌ Manage permissions
✅ Collect and analyze enterprise security data (SIEM)
❌ Backup automation
❌ Encrypt stored data
Explanation:
Sentinel is Microsoft’s cloud-native SIEM.
6. One primary function of Azure Key Vault
❌ Encrypt all Azure DB data
❌ Assign roles
❌ Detect logins
✅ Secure storage and management of cryptographic keys & secrets
Explanation:
Key Vault safeguards keys, secrets, and certificates.
7. How Azure Blueprints help large organizations
✅ Enable consistent policy enforcement across multiple subscriptions
❌ Simplify key rotation
❌ Threat monitoring
❌ Resource scaling
Explanation:
Blueprints bundle policies, RBAC, templates for standardized deployment.
8. How Azure DDoS Protection safeguards applications
❌ Real-time anomaly detection
❌ Compliance reports
✅ Scales automatically to absorb large attack traffic
❌ Deploy SSL certificates
Explanation:
Azure DDoS Protection uses Microsoft’s global network to absorb attacks.
9. AI role in SIEM systems
✅ Analyzing huge amounts of security data to reduce analyst workload
❌ Create RBAC policies
❌ Deploy encryption keys
❌ Scale VNets
Explanation:
AI helps detect threats, analyze logs, and reduce alert fatigue.
10. Primary function of SOAR in Sentinel
❌ Manage RBAC
✅ Automate incident response workflows
❌ Detect user behavior
❌ Encrypt data
Explanation:
SOAR automates playbooks, containment, notifications, and remediation.
🧾 Summary Table
| Q | Correct Answer | Key Concept |
|---|---|---|
| 1 | Multi-factor authentication | Entra security |
| 2 | Continuous monitoring & detection | Defender for Cloud |
| 3 | Removes exposed ports | Bastion |
| 4 | Flags non-compliance | Azure Policy |
| 5 | Analyze security data | Sentinel SIEM |
| 6 | Secure key storage | Key Vault |
| 7 | Consistent policy enforcement | Blueprints |
| 8 | Scales to absorb attack traffic | DDoS Protection |
| 9 | AI reduces analysis workload | SIEM AI |
| 10 | Automates incident response | SOAR |