AZ-900 - Microsoft Azure Fundamentals Azure Identity and Security Questions and Answers

Question 1

A company wants to enhance the security of its user sign-ins to Azure services. They require users to provide a second form of verification, such as a code from their mobile phone, in addition to their password. Which Azure service should they implement to meet this requirement?

Accepted Answer

Microsoft Entra ID Multi-Factor Authentication (MFA)

Answer

Microsoft Entra ID Multi-Factor Authentication (MFA) provides an additional layer of security during user sign-in by requiring a second form of verification. This helps protect against unauthorized access, even if a user's password is compromised.

Question 2

Which security concept involves implementing a series of mechanisms that are layered to protect data and resources, so that if one layer is breached, subsequent layers are already in place to prevent further exposure?

Accepted Answer

Defense in Depth

Answer

Defense in Depth is a security strategy that uses multiple layers of security controls to protect resources. The idea is that if one security control fails, another layer of defense will be in place to stop an attack.

Question 3

Which of the following is the primary purpose of Azure Role-Based Access Control (RBAC)?

Accepted Answer

To manage who has access to Azure resources, what they can do with them, and what areas they can access.

Answer

Azure RBAC is an authorization system used to manage access to Azure resources. It allows you to grant specific permissions to users, groups, and services at a defined scope, ensuring they have only the access needed to perform their jobs.

Question 4

An organization wants a unified security management system that provides security posture recommendations and threat protection for their workloads running in Azure, on-premises, and in other clouds. Which Azure service provides these capabilities?

Accepted Answer

Microsoft Defender for Cloud

Answer

Microsoft Defender for Cloud is a solution for cloud security posture management (CSPM) and cloud workload protection (CWPP). It identifies weaknesses across cloud configurations, helps strengthen the security posture, and protects workloads in multi-cloud and hybrid environments from threats.

Question 5

What is the primary function of Azure Key Vault?

Accepted Answer

To securely store and manage access to secrets, keys, and certificates.

Answer

Azure Key Vault is a cloud service for securely storing and accessing secrets, such as API keys, passwords, certificates, or cryptographic keys. It centralizes the management of this sensitive information, enhancing security and control.

AZ-900 Practice Test

AZ-900 Practice Test

AZ-900 - Microsoft Azure Fundamentals Azure Identity and Security Questions and Answers