Module quiz: Compliance solutions :Cybersecurity Management and Compliance (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. CIS Benchmarks best description
❌ Proprietary Microsoft system
❌ Performance guidelines
✅ They offer configuration standards for securing a system.
Explanation:
CIS Benchmarks = industry-recognized security hardening guidelines.
2. Business impact classification of a credit-card-processing app
✅ High Business Impact (HBI)
❌ LBI
❌ MBI
Explanation:
Handles sensitive PCI data + critical to operations + high revenue → HBI.
3. Machine learning–driven data classification in Purview
✅ Trainable Classifiers
❌ Data Lineage
❌ Sensitive Information Types
Explanation:
Trainable classifiers learn from sample documents to classify unique data types.
4. Insider risks always come from malicious employees
❌ True
✅ False
Explanation:
Insider risks can be accidental, negligent, or malicious.
5. Alert dashboard shows alerts from the last 60 days
✅ True
❌ False
Explanation:
Purview’s alert dashboard displays alert totals and trends over the past 60 days.
6. Primary function of Purview Privileged Access Management (PAM)
✅ Safeguards organizations by controlling privileged tasks using just-in-time access
❌ Restricts Teams/SharePoint interactions
❌ Monitors communications
Explanation:
PAM limits privileged operations and reduces security risk.
7. Feature of customizable templates in Communication Compliance
✅ They use machine learning to detect communication violations.
❌ Third-party integration
❌ Auto-delete messages
Explanation:
Templates leverage ML models to detect risky communication patterns.
8. First step for Anna when handling credit card data
❌ Delete the document
❌ Share without labels
✅ Apply a sensitivity label to classify and protect it
Explanation:
Sensitivity labeling enforces encryption, DLP, access control, etc.
9. Who grants read/write permissions in Microsoft Purview?
❌ Data Curator
❌ Data Steward
✅ Data Owner
Explanation:
Data Owners control access permissions for assets.
10. Creating custom classification for Employee IDs
❌ Ignore and use built-in classification
❌ Request Microsoft to add one
✅ Create a custom classification using a regex pattern
Explanation:
Purview allows admins to build custom classifiers for unique patterns.
🧾 Summary Table
| Q | Correct Answer |
|---|---|
| 1 | Configuration standards for securing a system |
| 2 | High Business Impact |
| 3 | Trainable Classifiers |
| 4 | False |
| 5 | True |
| 6 | JIT privileged access control |
| 7 | ML-based violation detection |
| 8 | Apply sensitivity label |
| 9 | Data Owner |
| 10 | Create custom regex classification |