Is HTTPS an example of encryption in transit?

Encrypting data in transit protects it from outside observers and provides a mechanism to transmit data while limiting the risk of exposure.

Personally identifiable information

What is a benefit of single sign-on?

The user signs in once and can then access many applications or resources.

A central identity provider can be used.

Passwords always expire after 72 days.

Authentication is the process of doing what?

Verifying that a user or device is who they say they are.

The process of tracking user behavior.

Which security model uses a layered approach to security, providing mechanisms to stop a breach at the perimeter of each layer?

Payment Card Industry Data Security Standards (PCI DSS) compliance

What should you use for storing passwords in a protected format?

a combination of symmetric and asymmetric encryption

What are two characteristics of an identity as the primary security perimeter model? Each correct answer presents a complete solution.

Software as a service (SaaS) applications for business-critical workloads can be hosted outside of a corporate network.

Bring your own device (BYOD) can be used to complete corporate tasks.

Only corporate devices can be used to complete corporate tasks.

Software as a service (SaaS) applications for business-critical workloads that might be hosted cannot be hosted outside of a corporate network.

What is a feature of single sign-on (SSO)?

uses one credential to access multiple applications or resources

enables a user to sign in once, and then not have to sign in again

leverages individual identity providers

eliminates the need for password resets due centralized directory

An organization is migration to the Microsoft cloud. The plan is to use a hybrid identity model. What can be used to sync identities between Active Directory Domain Services (AD DS) and Azure AD?

Active Directory Federation Services (AD FS)

Azure AD Privileged Identity Management (PIM)

Which two additional forms of authentication are available in Azure AD for multi-factor authentication (MFA) from any device? Each correct answer presents a complete solution.

the Microsoft Authenticator app

What are three things that a user can use for Azure AD Multi-Factor Authentication (MFA)? Each correct answer presents a complete solution.

something the claimant can not reuse

Azure AD MFA works by requiring something you know (such as a password), and something you have (such as a phone), or something you are (biometrics).

Self-service password reset (SSPR)

A malicious user is attempting to access many user accounts by using commonly used passwords. The user repeats the action every 20 minutes to avoid triggering an account lockout. Which Azure AD feature can protect organizations from such attacks?

Self-service password reset (SSPR)

What can be used to enforce multi-factor authentication (MFA) when users access an application registered in Azure AD?

role-based access control (RBAC)

What can you use to receive alerts for potentially compromised user accounts without blocking the users from signing in?

real-time sign-in risk detection

What is the difference between Azure AD role-based access control (RBAC) and Azure RBAC?

Azure AD roles control access to resources such as users, groups, and applications. Azure roles control access to resources, such as virtual machines.

Azure AD roles control access to resources, such as virtual machines. Azure roles control access to resources, such as users, groups, and applications.

Users with Azure AD roles can make purchases and manage subscriptions. Users with Azure roles have access to all the administrative features in Azure AD.

Users with Azure AD roles have access to all the administrative features in Azure AD. Users with Azure roles can make purchases and manage subscriptions.

What feature can you use to assign users with access to resources based on the city attribute of the user?

Azure AD Privilege Identity Management (PIM)

Which service can help mitigate the impact of compromised user accounts?

Azure AD Privileged Identity Management (PIM)

Which three features reduce the chance of a malicious user accessing a sensitive resource or an authorized user inadvertently affecting a sensitive resource? Each correct answers presents a complete solution.

Azure AD Privileged Identity Management (PIM)

role-based access control (RBAC)

What Azure feature provides application-level filtering and SSL termination?

Azure Web Application Firewall (WAF)

distributed denial-of-service (DDoS) protection

You have the following inbound network security group (NSG) security rules in Azure: AllowVNetInBound with a priority of 65000 AllowAzureLoadBalancerInBound with a priority of 65001 DenyAllInBound with a priority of 65500 No other inbound rules were defined for the NSG. In which order will the rules be processed?

The AllowVNetInBound rule is processed first. The AllowAzureLoadBalancerInBound rule is processed second. The last rule that will be processed in the NSG, is the DenyAllInBound rule.

The DenyAllInBound rule is processed first. The AllowAzureLoadBalancerInBound rule is processed second. The last rule that will be processed in the NSG is the AllowVNetInBound rule.

The AllowAzureLoadBalancerInBound rule is processed first. The AllowVNetInBound rule is processed second. The last rule that will be processed in the NSG is the DenyAllInBound rule.

The DenyAllInBound rule is processed first. The AllowVNetInBound rule is processed second. The last rule that will be processed in the NSG is the AllowVNetInBound rule.

Which two industry frameworks are used in the Azure Security Benchmark? Each correct answer presents a complete solution.

National Institute of Standards and Technology (NIST)

Center for Internet Security (CIS)

Open Web Application Security Project (OWASP)

Federal Information Processing Standard (FIPS) 140

What are two characteristics of a security information and event management (SIEM) solution? Each correct answer presents a complete solution.

collection of data from IT estate

Which two characteristics are part of a security orchestration automated response (SOAR) solution? Each correct answer presents a complete solution.

collection of data from IT estate

Which two types of security systems make up Microsoft Sentinel? Each correct answer presents part of the solution.

security information and event management (SIEM)

security orchestration automated response (SOAR)

endpoint protection platform (EPP)

Which Microsoft Defender 365 solution safeguards against malicious email threats?

Microsoft Defender for Office 365

Microsoft Defender for Endpoint

Microsoft Defender for Identity

Microsoft Defender for Cloud Apps

What are the four pillars of a Cloud Access Security Broker (CASB)?

visibility, compliance, data security, and threat protection

control, compliance, platform security, and governance

discovery, protection, accessible cloud apps, and platform security

visibility, compliance, data security, and platform security

SC-900

Authored by Michael Nefzger

Computers

12th Grade

Used 8+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

63 questions

Show all answers

Data

Infrastructure

and

Networks

Saas

and

Paas

MULTIPLE SELECT QUESTION

1 min • 1 pt

What is the zero trust guiding principles?

Verify explicitly

Least privileged access

Assume breach

Do not verify

MULTIPLE SELECT QUESTION

45 sec • 1 pt

What are the two top-level types of encryption?

Symmetric encryption

uses the same key to encrypt and decrypt the data.

Asymmetric encryption

uses a public key and private key.

Either key can encrypt data, but a single key can not be used to decrypt encrypted data.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

60 questions

23-24 Cybersecurity II S1 Exam Review By Mr B

Quiz

•

12th Grade

68 questions

Computer science Study Guide

Quiz

•

9th - 12th Grade

65 questions

Bài 1 - Bài 5

Quiz

•

12th Grade

66 questions

CBSE Python Series Questions

Quiz

•

12th Grade - University

66 questions

Cambridge - IGCSE - Computer Science - Input Devices

Quiz

•

11th Grade - Professi...

61 questions

Website Optimisation Guide

Quiz

•

12th Grade

60 questions

MATIQ PUTRI KELAS X - I

Quiz

•

10th Grade - University

60 questions

Tin học nè mấy cdl

Quiz

•

12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

22 questions

El Imperfecto

Quiz

•

9th - 12th Grade

20 questions

SSS/SAS

Quiz

•

9th - 12th Grade

20 questions

verbos reflexivos en español

Quiz

•

9th - 12th Grade

14 questions

Making Inferences From Samples

Quiz

•

7th - 12th Grade

23 questions

CCG - CH8 Polygon angles and area Review

Quiz

•

9th - 12th Grade

8 questions

Momentum and Collisions

Lesson

•

9th - 12th Grade

28 questions

Ser vs estar

Quiz

•

9th - 12th Grade

SC-900

An organization has deployed Microsoft 365 applications to all employees. Considering the shared responsibility model, who is responsible for the accounts and identities relating to these employees?

In the shared responsibility model, the customer organization always has responsibility for their data, including information and data relating to employees, devices, and accounts and identities.

Which of the following measures might an organization implement as part of the defense in-depth security methodology?

Multifactor authentication is an example of defense in-depth at the identity and access layer.

The human resources organization wants to ensure that stored employee data is encrypted. Which security mechanism would they use?

Encryption at rest could be part of a security strategy to protect stored employee data.

Which of the following best describes the concept of data sovereignty?

Data sovereignty is the concept that data, particularly personal data, is subject to the laws and regulations of the country/region in which it's physically collected, held, or processed.

What are the six foundational pillars?

What is the zero trust guiding principles?

What are the two top-level types of encryption?

Is stored data such as on a server an example of "Data at rest"?
If an attacker obtained a hard drive with encrypted data and didn't have access to the encryption keys, could the attacker get access to the data?

Is HTTPS an example of encryption in transit?

Is Hashing often used to store passwords?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

SC-900

An organization has deployed Microsoft 365 applications to all employees. Considering the shared responsibility model, who is responsible for the accounts and identities relating to these employees?

In the shared responsibility model, the customer organization always has responsibility for their data, including information and data relating to employees, devices, and accounts and identities.

Which of the following measures might an organization implement as part of the defense in-depth security methodology?

Multifactor authentication is an example of defense in-depth at the identity and access layer.

The human resources organization wants to ensure that stored employee data is encrypted. Which security mechanism would they use?

Encryption at rest could be part of a security strategy to protect stored employee data.

Which of the following best describes the concept of data sovereignty?

Data sovereignty is the concept that data, particularly personal data, is subject to the laws and regulations of the country/region in which it's physically collected, held, or processed.

What are the six foundational pillars?

What is the zero trust guiding principles?

What are the two top-level types of encryption?

Is stored data such as on a server an example of "Data at rest"?If an attacker obtained a hard drive with encrypted data and didn't have access to the encryption keys, could the attacker get access to the data?

Is HTTPS an example of encryption in transit?

Is Hashing often used to store passwords?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

Is stored data such as on a server an example of "Data at rest"?
If an attacker obtained a hard drive with encrypted data and didn't have access to the encryption keys, could the attacker get access to the data?