Module quiz: Security conscious modeling :Advanced Cybersecurity Concepts and Capstone Project (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. Question 1
Which is not a common attack surface?
❌ Browsers
❌ Social media
❌ Databases
✅ Printer firmware
Explanation:
Printer firmware is less common as a primary attack surface compared to widely used browsers, social media, and databases.
2. Question 2
Correct explanation of ransomware:
❌ Disguises as legitimate application
❌ Spreads via spam emails to steal credentials
❌ Network protocol vulnerability attack
✅ A form of malware that encrypts data and demands ransom
Explanation:
Ransomware encrypts or locks data, and attackers demand payment to restore access.
3. Question 3
Best approach for email threat mitigation:
✅ Email filters + SPF/DMARC + phishing simulation
❌ Hardware red-team
❌ Backup and recovery
❌ Allow lists only
Explanation:
Email security requires filtering, authentication protocols, and user awareness training.
4. Question 4
Zero trust emphasizes implicit trust?
❌ True
✅ False
Explanation:
Zero Trust = Never trust, always verify. Nothing is trusted by default.
5. Question 5
Purpose of the Subprocess layer in defense in depth:
❌ Detailed analysis of tasks
❌ Strategic threat models
❌ High-level process examination
✅ To perform tactical threat modeling
Explanation:
Subprocess layer handles tactical, step-by-step threat modeling of specific workflows.
6. Question 6
First step in defining defense steps for cloud infrastructure:
❌ Establish policies
❌ Identify threats
❌ Develop layered approach
✅ Assess your assets
Explanation:
Security starts by identifying and valuing your assets before designing protections.
7. Question 7
Azure Policy ________ to enforce industry-specific compliance:
❌ Templates
❌ Procedures
❌ Blueprints
✅ Initiatives
Explanation:
Initiatives group multiple policy definitions to enforce compliance requirements.
8. Question 8
Key architectural focus areas for modern authentication:
❌ Federation…
❌ Authorization…
❌ SSO + MFA + threat detection
✅ Token management, session control, security protocols
Explanation:
Modern auth architecture revolves around secure token handling, session lifespan, and protocol configuration.
9. Question 9
Best practices for network security rules in Azure (Select all):
✅ Implement Azure Bastion for RDP/SSH
✅ Prioritize NSG rule order
❌ Application Gateway custom policies
✅ Leverage service tags
Explanation:
Bastion eliminates public IP access, NSG rule order matters, and service tags simplify secure outbound traffic.
10. Question 10
Best practice supporting least privilege:
❌ Regular auditing
❌ Strong authentication
❌ Data classification
✅ Role-based access control (RBAC)
Explanation:
RBAC ensures users receive only the minimum permissions required.
🧾 Summary Table
| Q# | Correct Answer |
|---|---|
| 1 | Printer firmware |
| 2 | Ransomware = encrypts & demands ransom |
| 3 | Email filters + SPF/DMARC + simulations |
| 4 | False |
| 5 | Tactical threat modeling |
| 6 | Assess your assets |
| 7 | Initiatives |
| 8 | Token management, session control, security protocols |
| 9 | Azure Bastion, NSG rule order, service tags |
| 10 | RBAC |