Module quiz: Azure penetration testing :Cybersecurity Tools and Technologies (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. CLI enables faster penetration testing
✅ True
❌ False
Explanation:
Using CLI speeds up tasks by executing commands directly instead of navigating GUI menus.
2. Best practices for penetration testing in Azure (Select all that apply)
✅ Ensuring necessary permissions from stakeholders
✅ Documenting assets in scope for testing
❌ Disabling all services and applications
✅ Running vulnerability scanning tools
Explanation:
Pen testing must be authorized, scoped, and use scanning tools—shutting down apps is unnecessary and disruptive.
3. Offensive techniques identify vulnerabilities
✅ True
❌ False
Explanation:
Offensive testing simulates attacks to expose weaknesses.
4. Steps involved in performing Azure penetration testing (Select all that apply)
✅ Secure proper authorization and document the testing plan
✅ Execute the penetration test (scanning, app testing, etc.)
✅ Choose appropriate testing approach (black/white/grey box)
❌ Deploy resources in production environment
Explanation:
Testing should not be done directly on production—use isolated or controlled environments.
5. Steps in configuring Azure resources for penetration testing (Select all that apply)
✅ Configuring identity & access using Azure AD + RBAC
✅ Configuring resource settings (name, region, size, OS)
✅ Configuring networking settings (VNets, subnets, IPs, NSGs)
❌ Configuring data storage options (not required for pen testing setup)
❌ Creating a new Azure Web App
Explanation:
Pen testing typically requires secure identity, resource configuration, and network setup.
6. Primary function of PTES
❌ Design encryption
✅ Provide a structured approach for vulnerability assessment
❌ Network monitoring
❌ Develop software
Explanation:
PTES outlines standardized penetration testing methodology.
7. Azure service for automated, recurring security assessments
❌ Azure AD
❌ Azure Logic Apps
✅ Azure Security Center (Microsoft Defender for Cloud)
❌ Azure Automation
Explanation:
Defender for Cloud offers automated assessments, continuous monitoring, and security recommendations.
8. Notification channel in Azure Security Center
❌ Azure Logic Apps
❌ Azure Monitor
✅ Email
Explanation:
Defender for Cloud sends alerts via email, SMS, and Azure Monitor out of the box.
9. Goal of input validation testing
❌ Optimize database
❌ Test speed
✅ Identify SQL injection, XSS, and similar vulnerabilities
❌ Assess user experience
Explanation:
Input validation testing checks whether user input can exploit weaknesses.
10. Correct Azure CLI command to create a resource group
❌ az create group…
❌ az create resource-group…
✅ az group create –name “sams-scoop-RG” –location “East US”
❌ az resource-group add…
Explanation:
The correct structure for the command is:
az group create –name <RGName> –location <Region>
🧾 Summary Table
| Q | Correct Answer |
|---|---|
| 1 | True |
| 2 | Permissions, Scoped assets, Vulnerability scanning |
| 3 | True |
| 4 | Authorization, Execute test, Choose approach |
| 5 | IAM config, Resource config, Networking config |
| 6 | Structured vulnerability assessment |
| 7 | Azure Security Center (Defender for Cloud) |
| 8 | |
| 9 | Identify SQLi & XSS |
| 10 | az group create —name … —location … |