Conditional Access enables you to require users to access your applications only from approved, or managed, devices.

Multifactor authentication

Authenticating through multifactor authentication can include something the user knows, something the user has, and something the user is.

SSO enables a user to remember only one ID and one password to access multiple applications.

That's correct. Azure RBAC enables you to create roles that define access permissions. You might create one role that limits access only to virtual machines and a second role that provides administrators with access to everything.

That's correct. After you enable this policy, that policy is applied when you create new virtual machines or resize existing ones. Azure Policy also evaluates any current virtual machines in your environment.

That's correct. Tags provide extra information, or metadata, about your resources. The team might create a tag that's named BillingDept whose value would be the name of the billing department. You can use Azure Policy to ensure that the proper tags are assigned when resources are provisioned.

That's correct. The Microsoft Privacy Statement provides information that's relevant to specific services, including Cortana.

That's correct. The Trust Center is a great resource for people in your organization who might play a role in security, privacy, and compliance..

That's correct. The compliance documentation provides reference blueprints, or policy definitions, for common standards that you can apply to your Azure subscription.