Principles of Identity, Security, and Compliance
This concept defines the level of access a user has to resources.
(administration, authentication, authorization, or auditing)
What is authorization?
Which of these is not a factor in multi-factor authentication (MFA)?
(something you know, something you do, something you have, something you are)
What is something you do?
Which of these Zero Trust assets is not protected by Microsoft Defender XDR?
(identity, data, device, network, apps)
What is network?
Which of the following is not a Microsoft privacy principle?
(control, transparency, security, assume breach, strong legal protections, no content-based targeting)
What is assume breach?
This Microsoft Entra feature helps reduce helpdesk calls by allowing users to change their own passwords.
What is self-service password reset (SSPR)?
This model “de-perimeterizes” security by protecting assets no matter where they are located (inside our outside of the corporate network).
What is Zero Trust?
A tool used to sync on-premises identities (Active Directory) with the cloud (Microsoft Entra).
Two acceptable answers.
What is either Microsoft Entra Cloud Sync and Microsoft Entra Connect?
This Microsoft security solution can be used to safeguard against malicious email threats?
What is Defender for Office 365 (MDO)?
In Microsoft Purview, this product allows you to categorize and protect data with sensitivity labels.
What is Information Protection?
What is the minimum edition of Microsoft Entra needed to use Microsoft Entra Privilege Identity Management (PIM)?
Microsoft Entra ID P2
This security model uses a layered approach to security. Each layer provides protection so that, if breached, a subsequent layer will prevent access.
What is defense in depth?
This Entra ID feature protects users from password spray attacks and bans them from using weak passwords contained in a global list of banned passwords.
What is Password Protection?
This Microsoft security solution can be used to detect, investigate, and respond to threats to an organization’s on-premises Active Directory.
What is Defender for Identity (MDI)?
In Microsoft Purview, this label type allows you to tag items as regulatory records, maintain proof of item deletion, and export information about disposed items?
What is a retention label?
This encryption method uses the same key to encrypt and decrypt data.
What is symmetric encryption?
This Zero Trust pillar is considered the new perimeter for security.
What is identity?
This type of policy can be used to enforce multi-factor authentication (MFA) when users access an app registered in Microsoft Entra.
What is a Conditional Access policy?
This Microsoft security solution allows you to meet compliance standards for General Data Protection Regulation (GDPR) and Payment Card Industry (PCI)?
What is Defender for Cloud Apps?
In Microsoft Purview, this policy type allows you to prevent documents that contain personal identification from being shared outside your organization.
What is a data loss prevention (DLP) policy?
This score measures an organization's progress in implementing security recommendations.
What is Secure Score?
This identity provider feature (e.g. Entra ID) allows users to authenticate once and access resources everywhere.
What is SSO (single-sign on)?
This Entra ID feature enforces the Zero Trust principle, Least Privileged Access, on administrative roles for Just-in-time and Just-enough-access.
What is Privileged Identity Management (PIM)?
This Microsoft Defender for Endpoint feature regulates access to malicious IP addresses, domains and URLs
What is attack surface reduction (ASR)?
Which public website contains information, tools, and other resources about Microsoft security, privacy, and compliance practices?
Microsoft Service Trust Portal
Name one of the three types of controls used in Microsoft Purview Compliance Manager?
What is Microsoft-managed controls, shared controls, or customer managed-controls?