Azure Security and Management Quiz

True is correct as it is possible to add the Azure VM Antimalware extension. It is to be noted that Windows Server 2016 OS has Windows Defender built-in by default which protects against malware. However, if you run the Azure VM Antimalware extension on top of Windows Defender, the extension will apply any optional configuration policies to be used by Windows Defender and that the extension will not deploy any additional antimalware services. https://docs.microsoft.com/en-us/azure/security/azure-security-antimalware

All of the above are correct. When deploying Microsoft antimalware for Azure applications, some of the features are: real-time protection, malware remediation, exclusion of files, processes and drives, and automatic updates to the antimalware engine and platform. https://docs.microsoft.com/en-us/azure/security/azure-security-antimalware

Azure PowerShell, CLI and Rest API is correct and can be used to create custom RBAC roles in Azure. CMD is incorrect as this is not supported. https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles

Option 1 is correct as you need to define the allowed action as restart. Option 4 is correct as you need to define the action which is not allowed, in this case it is shutdown. Option 2 is incorrect as you do not want the third party to start the VM as this is not a requirement. Option 3 is incorrect as you should make use of the shutdown parameter instead of start as you want to prohibit the shutdown of the VM, not the starting of the VM. https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles-cli https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations

The correct answers are:

• A. Subnet

• C. Network Interface Card (NIC)

Network Security Groups (NSGs) can be associated with subnets and individual network interfaces to control inbound and outbound network traffic.

• Subnets: When associated with a subnet, the NSG rules apply to all resources within that subnet.

• Network Interfaces: When associated with a specific network interface, the NSG rules apply only to that particular interface.

Therefore, options A and C are the correct choices.

• https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

False is correct, you cannot create your own service tag or specify which IP’s are included within a tag.https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#service-tags

Azure monitor stores data in Logs and Metrics data stores. The other answers are examples of Azure storage products. See: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platform

All the options are true for Azure Monitor Metrics except for Text or numeric data. Metrics are only numeric data. Azure Monitor Logs can also contain Text data. See: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-platform#compare-azure-monitor-metrics-and-logs

The valid Azure Monitor data sources from the list provided are:A. Application Insights: This is a valid data source that collects application performance and usage data.B. Log Analytics Agent: This agent can be used to collect data from various sources, including on-premises systems, making it a valid data source.C. Azure Resource Diagnostic Log: This source provides logs related to the operations of Azure resources, thus it is valid.D. Azure Subscription: This is a valid data source as it includes monitoring data related to the operation and management of Azure subscriptions.E. Azure Tenant Audit Log: This is also a valid data source, providing insights into the operations and changes within the Azure tenant.F. On-Premises Operating System: This can be a valid data source if monitored through the Log Analytics agent or other means, but it is typically categorized under infrastructure monitoring.In summary, all options (A, B, C, D, E, F) can be considered valid Azure Monitor data sources depending on how they are implemented and integrated within the Azure ecosystem.

The advanced data security capability of Azure SQL Database provides data discovery and classification; vulnerability assessment and advanced threat protection. ADS is integrated with ASC where alerts and incidents are surfaced and managed. SQL Database firewall and dynamic data masking are valid SQL Database features, but they are not part of advanced data security. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-advanced-data-security#overview