Module quiz: Preventative tools :Cybersecurity Tools and Technologies (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. IDPS can only detect known attack patterns and cannot detect zero-day attacks.
❌ True
✅ False
Explanation:
IDPS can detect threats using anomaly-based + behavior-based detection, which can identify zero-day attacks.
2. Types of IDPS
❌ Network-based, Host-based, Wireless
❌ Cloud-based, Hybrid, Virtual
❌ IDS and IPS
✅ Network-based IDPS, Cloud-based IDPS, and Host-based IDPS
Explanation:
Azure and modern environments include network, cloud, and host-based IDPS solutions.
3. IDPS only uses signature-based detection
❌ True
✅ False
Explanation:
IDPS uses signature, anomaly, behavior, and heuristic detection methods.
4. Why is network segmentation important in firewall design?
❌ Allows direct VNet communication
✅ Adds extra security by controlling traffic flow & reducing attack surface
❌ Reduces unnecessary routes
❌ Enhances scalability
Explanation:
Segmentation prevents attackers from moving freely across the network.
5. True statement about traffic segmentation
❌ NSGs exclusively do segmentation
❌ Only affects outbound
❌ Increases attack surface
✅ Helps prevent lateral movement of threats
Explanation:
Segmentation limits how far a threat can spread inside the environment.
6. True feature of Azure Firewall Premium
✅ Offers built-in high availability with an SLA
❌ Free Private Link access
❌ Only in specific regions
❌ Free add-on
Explanation:
Firewall Premium provides TLS inspection, IDPS, HA and SLA guarantees.
7. Primary purpose of a virtual network gateway
❌ Create VNet connections inside Azure
❌ Private connection only
✅ Provide a managed VPN solution between on-prem and Azure VNets
Explanation:
A VNet Gateway enables VPN or ExpressRoute connectivity.
8. Purpose of vulnerability assessments
❌ Create vulnerabilities
✅ Identify, assess, and manage vulnerabilities
❌ Exploit vulnerabilities
❌ Ignore weaknesses
Explanation:
VA is used to find and prioritize security issues.
9. Strategy described (adjusting system settings to minimize exploitation)
❌ Configuration changes
❌ Ignoring vulnerabilities
❌ Patching
❌ Vulnerability scans
✅ Hardening (configuration changes aligned with best practices)
Explanation:
This is known as system hardening—reducing attack surfaces via secure configurations.
10. Configuration vulnerabilities result from programming errors
❌ True
✅ False
Explanation:
Programming errors cause software vulnerabilities, while configuration vulnerabilities come from incorrect or insecure settings.
🧾 Summary Table
| Q | Correct Answer |
|---|---|
| 1 | False |
| 2 | Network-based, Cloud-based, Host-based IDPS |
| 3 | False |
| 4 | Controls traffic & reduces attack surface |
| 5 | Prevents lateral movement |
| 6 | High availability with SLA |
| 7 | Managed VPN between on-prem & Azure |
| 8 | Identify/assess/manage vulnerabilities |
| 9 | Hardening (secure configuration) |
| 10 | False |