Course quiz: Cybersecurity tools and technologies :Cybersecurity Tools and Technologies (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. The blue team manages cloud infrastructure.
❌ True
✅ False
Explanation: Blue team defends systems (detection/response); infrastructure management is an operational role.
2. Primary objective of the red team
❌ Monitoring network traffic
❌ Developing security policies
✅ Identifying vulnerabilities and weaknesses in an organization’s defenses
❌ Assessing regulatory compliance
Explanation: Red team performs offensive testing to find gaps.
3. Primary activities of reconnaissance
❌ Vulnerability assessment, escalation, remediation
❌ Social engineering, malware analysis, intrusion detection
❌ Enumeration, exploitation, reporting
✅ Information gathering, footprinting, and scanning
Explanation: Recon is the information-gathering phase before active testing.
4. Nessus and vulnerability scanning uncover config/software weaknesses
✅ True
❌ False
Explanation: Nessus is a common vulnerability scanner for configs/software.
5. Method used to manipulate database queries
❌ Buffer overflow
❌ Payload injection
✅ SQL injection
❌ Cross-site scripting (XSS)
Explanation: SQLi targets database query logic.
6. Goal of escalation stage
❌ Extract sensitive data
❌ Consolidate access
✅ Achieving privilege escalation
❌ All of the above
Explanation: Escalation focuses on gaining higher privileges (may enable other actions).
7. Best practice in reporting & remediation
❌ Include tester background
❌ Share only with IT
❌ Use only technical language
✅ Provide specific and actionable recommendations
Explanation: Clear, actionable remediation is the most valuable output.
8. Primary goal of MITRE ATT&CK tactics section
❌ Listing threat names
❌ Describing impact
❌ Explaining techniques
✅ Providing a knowledge base of adversary tactics and techniques
Explanation: ATT&CK is a structured knowledge base of tactics/techniques.
9. Step in black box testing that executes test cases
❌ Requirement analysis
❌ Defect reporting
❌ Test case design
✅ Test execution
Explanation: Execution runs the tests and compares actual vs expected results.
10. White box technique using malformed inputs
❌ Branch testing
❌ Code review
❌ Path testing
✅ Fuzz testing
Explanation: Fuzzing feeds malformed/edge inputs to find crashes or validation issues.
11. Grey box testing approaches (Select all that apply)
✅ API testing
❌ Functional testing
❌ Code review
✅ Data flow analysis
Explanation: Grey box uses partial knowledge — API and data-flow analysis are common.
12. Purpose of Azure Firewall Premium IDPS
❌ Manage cloud infra
❌ Automate provisioning
❌ Optimize performance
✅ Protect Azure resources from malicious traffic
Explanation: Premium adds IDPS and advanced inspection to block attacks.
13. Purpose of the bypass list in Azure IDPS
❌ Remove private IP ranges
✅ Add specific IP addresses as safe zones
❌ List private IP ranges for identification
❌ Edit private IP ranges
Explanation: Bypass list designates trusted sources that skip IDPS inspection.
14. Correct IDPS responses to a DDoS attack (Select all that apply)
❌ Start social media campaign
✅ Implement failover to redirect traffic
✅ Engage a cybersecurity firm for investigation
✅ Activate DDoS mitigation (filtering, rate limiting, diversion)
Explanation: Technical mitigation, failover, and expert response are appropriate actions.
15. Main purpose of traffic segmentation
❌ Reduce number of VNets
❌ Accelerate data transfer
❌ Ensure backward compatibility
✅ Prevent lateral movement of threats and reduce the attack surface
Explanation: Segmentation limits attacker movement and exposure.
16. Azure Firewall feature that controls rule order
❌ Rule conditions
❌ Rule actions
✅ Rule priorities
❌ Rule types
Explanation: Priorities determine evaluation order of firewall rules.
17. Key design considerations when integrating NSGs & Firewall (Select all that apply)
❌ Limiting use of Azure Firewall
❌ Enabling logging on on-prem firewall
✅ Create non-overlapping rules between NSGs and Azure Firewall
✅ Ensure rule prioritization
Explanation: Avoid conflicting rules and ensure deterministic priority handling; logging/monitoring is recommended but on-prem logging is not specific to this integration.
18. Encryption methods used by Point-to-Site VPN
✅ Both SSL and IPsec
❌ PPTP only
❌ IPsec only
❌ SSL only
Explanation: P2S supports SSTP (SSL/TLS) and IPsec/IKE variants depending on client and configuration.
19. P2S authentication mechanisms that work across platforms (Select all that apply)
✅ Certificate authentication
❌ SMTP authentication
❌ Active Directory Domain Server authentication
✅ Azure Active Directory authentication
Explanation: Certificates and Azure AD work across major OS platforms; SMTP/AD DS are not P2S auth methods.
20. Primary purpose of vulnerability scanning
✅ To identify potential vulnerabilities in networks, systems, and applications.
❌ To identify all vulnerabilities
❌ To continuously evolve threats
❌ To simulate attacks
Explanation: Scanning finds potential weaknesses to be triaged and remediated.
21. Tool protecting web apps from SQLi/XSS
✅ Azure Web Application Firewall (WAF)
❌ Azure Information Protection (AIP)
❌ Azure Application Gateway
❌ Microsoft Defender for Identity
Explanation: WAF is designed to block common web exploits (often deployed with Application Gateway).
22. CLI tool designed for web app security testing
✅ Burp Suite
❌ Metasploit
❌ Nmap
❌ Wireshark
Explanation: Burp is the go-to for web app testing (interception, scanning, fuzzing).
23. PowerShell command to list active VMs
❌ Get-AZNetworkSecurityGroup
❌ Get-AzKeyVault
❌ Get-AZSQLDatabase
✅ Get-AZVM
Explanation: Get-AzVM returns VM instances in a subscription/resource group.
24. Activities NOT allowed per Microsoft’s RoE for Azure (Select all that apply)
✅ Attempt phishing attacks on Microsoft employees.
❌ Running vulnerability scanning on your own VM. (allowed on your own assets)
✅ Scanning other Azure customers’ assets.
✅ Conducting DDoS attacks.
Explanation: Phishing MS employees, targeting other tenants, and DDoS are prohibited.
25. Primary objective of offensive techniques in Azure pentesting
❌ To develop IR plan
✅ To identify vulnerabilities and potential security gaps
❌ Implement access control
❌ Strengthen measures (outcome, not primary objective)
Explanation: Offensive testing’s core goal is to find weaknesses to fix.
26. Penetration testing steps (Select all that apply)
❌ Select clear box only
✅ Choose tools aligned with Azure policies
❌ Conduct testing without setup
✅ Obtain proper authorization and document the testing plan
Explanation: Authorization and policy-aligned tooling are mandatory; do not test without setup.
27. Steps for configuring Azure resources for pentesting (Select all that apply)
✅ Configuring storage options and access controls
❌ Setting up auto-scaling for VMs (not necessary for pentest config)
✅ Creating resources (VMs, DBs, etc.)
✅ Configuring identity & access using Azure AD and RBAC
Explanation: Prepare resources, storage, and IAM; auto-scaling is optional and not a core config step.
28. Main objective of setting up Metasploit on Azure
✅ To customize and prepare the framework for penetration testing on Azure resources.
❌ To create admin accounts
❌ To immediately start testing (preparation required)
❌ To ensure compatibility
Explanation: Setup readies the framework to run tests against Azure targets in a controlled way.
29. Steps in web app pentesting using CLI/PowerShell (Select all that apply)
❌ Automating input validation tests (possible but not an out-of-the-box CLI step)
✅ Installing additional web app security tools
✅ Prioritizing vulnerabilities based on impact
✅ Analyzing security headers
Explanation: Tool installation, header analysis, and prioritization are standard; automation of tests may require custom scripts.
30. Purpose of configuring alert policies in Defender for Cloud during pentesting
❌ Specify start time
✅ To track and respond to security issues.
❌ Create schedule
❌ Publish runbook
Explanation: Alerts detect test-related findings and enable swift response/triage.
🧾 Summary Table (Quick reference)
| Q | Answer (short) |
|---|---|
| 1 | False |
| 2 | Identify vulnerabilities |
| 3 | Info gathering / footprinting / scanning |
| 4 | True |
| 5 | SQL injection |
| 6 | Achieve privilege escalation |
| 7 | Provide actionable recommendations |
| 8 | Knowledge base of tactics & techniques |
| 9 | Test execution |
| 10 | Fuzz testing |
| 11 | API testing; Data flow analysis |
| 12 | Protect Azure resources from malicious traffic |
| 13 | Add IPs as safe zones |
| 14 | Failover; Engage firm; Activate mitigation |
| 15 | Prevent lateral movement / reduce attack surface |
| 16 | Rule priorities |
| 17 | Non-overlapping rules; rule prioritization |
| 18 | SSL + IPsec |
| 19 | Certificate auth; Azure AD auth |
| 20 | Identify potential vulnerabilities |
| 21 | Azure WAF |
| 22 | Burp Suite |
| 23 | Get-AzVM |
| 24 | Phishing MS employees; scanning other tenants; DDoS |
| 25 | Identify vulnerabilities & gaps |
| 26 | Tools aligned to Azure; obtain authorization |
| 27 | Storage & access controls; create resources; IAM/RBAC |
| 28 | Prepare/customize framework for Azure testing |
| 29 | Install tools; prioritize vulns; analyze headers |
| 30 | Track & respond to security issues |