Microsoft Certified: Azure Fundamentals Practice Questions: Security, Privacy, Compliance, and Trust Domain

Correct Answer: undefined

Explanation: The Azure Shared Responsibility Model outlines the division of security responsibilities between Microsoft and the customer. Microsoft manages the security of the cloud infrastructure, while customers are responsible for securing their data, applications, and operating systems. Option A is incorrect as it does not relate to pricing, C is incorrect as it does not list services, and D is incorrect as it does not ensure high availability.

Correct Answer: undefined

Explanation: Azure Multi-Factor Authentication (MFA) enhances security by requiring users to provide two or more verification factors to gain access to resources. It does not improve network performance, automate deployments, or manage billing.

Correct Answer: undefined

Explanation: Azure Resource Manager enables you to control who can perform actions on the resources by using role-based access control (RBAC). Azure Key Vault is used for managing cryptographic keys and secrets, Azure Firewall is a managed, cloud-based network security service, and Azure Virtual Network is used for networking in Azure.

Correct Answer: undefined

Explanation: Azure Policy helps organizations maintain compliance by defining and enforcing rules and effects for resources. This ensures that resources are compliant with corporate standards and service level agreements. Options A, B, and D describe functionalities that are not related to Azure Policy.

Correct Answer: undefined

Explanation: Network Security Groups (NSGs) are used to filter network traffic to and from Azure resources in an Azure virtual network. They contain security rules that allow or deny inbound and outbound network traffic. Azure Firewall is a managed, cloud-based network security service. Azure Key Vault is used for managing secrets, and Azure Logic Apps is a workflow integration service.

Correct Answer: undefined

Explanation: Azure Key Vault is designed to store and manage cryptographic keys, secrets, and certificates. It helps enhance security by centralizing the management of sensitive information. It does not manage virtual machines, monitor application performance, or act as a network firewall.

Correct Answer: undefined

Explanation: Azure Information Protection is a cloud-based solution that helps an organization to classify and protect its documents and emails by applying labels. These labels can enforce protection settings such as encryption. Options A, C, and D describe functionalities that are not related to Azure Information Protection.

Correct Answer: undefined

Explanation: Azure Policy is used to create, assign, and manage policies that enforce rules and effects for resources. Azure Blueprints help with deployment of resources, Azure Monitor focuses on monitoring, and Azure Security Center provides security recommendations.

Correct Answer: undefined

Explanation: Azure Blueprints enable you to define a repeatable set of Azure resources that implement and adhere to an organization's standards, patterns, and requirements. It helps in setting up governed environments. Azure Resource Manager is for deploying and managing resources, Azure Policy is for policy enforcement, and Azure DevOps is for development and CI/CD.

Correct Answer: undefined

Explanation: Azure Key Vault is a cloud service for securely storing and accessing secrets, such as API keys, passwords, certificates, and encryption keys. It helps enhance data protection and compliance by centralizing application secrets. Azure Active Directory is for identity management, Azure Security Center is for security posture management, and Azure Information Protection is for data classification and labeling.