Module quiz: Active Directory access, protection, and governance management :Cybersecurity Identity and Access Solutions using Azure AD (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. Conditional access example
❌ Assigning temporary permissions
❌ Denying admin role access
✅ Requiring MFA for accessing payroll software
❌ Allowing unrestricted access
Explanation:
Conditional Access applies rules based on conditions like location, device, or MFA.
2. How RBAC minimizes risks
❌ Tracks sign-ins
❌ Enforces MFA
❌ Allows admin bypass
✅ Adheres to least privilege
Explanation:
RBAC limits users to only the access they need to do their job.
3. Identity lifecycle management
❌ Enforcing MFA
❌ Assigning admin permissions
❌ Monitoring logs
✅ Automating creation, management, and deactivation
Explanation:
This avoids orphaned accounts and reduces access risk.
4. Conditional Access signal
❌ Device performance
❌ Employment type
✅ Named location information
❌ Password strength
Explanation:
Conditional Access uses signals like locations, devices, risk levels.
5. Time-bound PIM assignment
❌ Unlimited access
❌ Auto-assign built-in roles
✅ Temporary access based on specified dates
❌ Permanent admin access
Explanation:
PIM allows access that expires automatically.
6. How JIT reduces risks
❌ Unlimited access
❌ Dynamic behavior access
❌ Log activities
✅ Grants access only when needed & for limited time
Explanation:
Minimizes attack surface by removing standing privileges.
7. Identity Protection action for high-risk activity
❌ Grant access
✅ Require multi-factor authentication
❌ Disable all users
❌ Just notify admins
Explanation:
Risk policies can require MFA, block access, or force password reset.
8. Azure service supporting Managed Identities
❌ Network Monitoring
✅ Azure App Services
❌ Traffic Manager
❌ Billing
Explanation:
App Services integrates directly with system-assigned or user-assigned identities.
9. What lifecycle management automates
❌ External resource provisioning
✅ Account creation, management, deactivation
❌ Continuous monitoring
❌ Temporary privileged access
10. Benefit of regular access reviews
❌ Detect network threats
✅ Identify & remove excessive access rights
❌ Automate onboarding
❌ Assign admin roles
Explanation:
Access reviews help ensure least privilege and reduce risk.
🧾 SUMMARY TABLE
| Q | Correct Answer |
|---|---|
| 1 | Requiring MFA for payroll access |
| 2 | Least privilege (RBAC) |
| 3 | Automate account lifecycle |
| 4 | Named location information |
| 5 | Temporary, time-bound access |
| 6 | Access only when needed (JIT) |
| 7 | Require MFA |
| 8 | Azure App Services |
| 9 | Automate user account lifecycle |
| 10 | Remove excessive access rights |