Microsoft Security, Compliance, and Identity Fundamentals v1.0
Question 1
HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer : 
Box 1: No -
Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Box 2: Yes -
Microsoft 365 uses Azure Active Directory (Azure AD). Azure Active Directory (Azure AD) is included with your Microsoft 365 subscription.
Box 3: Yes -
Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/about-microsoft-365-identity?view=o365-worldwide
Question 2
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
Biometrics templates are stored locally on a device.
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview
Question 3
What is the purpose of Azure Active Directory (Azure AD) Password Protection?
- A. to control how often users must change their passwords
- B. to identify devices to which users can sign in without using multi-factor authentication (MFA)
- C. to encrypt a password by using globally recognized encryption standards
- D. to prevent users from using specific words in their passwords
Answer : D
Question 4
Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group?
- A. access reviews
- B. managed identities
- C. conditional access policies
- D. Azure AD Identity Protection
Answer : A
Question 5
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
Multi-factor authentication is a process where a user is prompted during the sign-in process for an additional form of identification, such as to enter a code on their cellphone or to provide a fingerprint scan.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks
Question 6
HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer : 
Box 1: Yes -
Box 2: No -
Conditional Access policies are enforced after first-factor authentication is completed.
Box 3: Yes -
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
Question 7
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
Reference:
https://docs.microsoft.com/en-us/defender-for-identity/what-is
Question 8
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
Microsoft Defender for Identity is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Reference:
https://docs.microsoft.com/en-us/defender-for-identity/what-is
Question 9
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/about-microsoft-365-identity?view=o365-worldwide
Question 10
Which Azure Active Directory (Azure AD) feature can you use to provide just-in-time (JIT) access to manage Azure resources?
- A. conditional access policies
- B. Azure AD Identity Protection
- C. Azure AD Privileged Identity Management (PIM)
- D. authentication method policies
Answer : C
Question 11
Which three authentication methods can be used by Azure Multi-Factor Authentication (MFA)? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
- A. text message (SMS)
- B. Microsoft Authenticator app
- C. email verification
- D. phone call
- E. security question
Answer : ABD
Question 12
Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization?
- A. sensitivity label policies
- B. Customer Lockbox
- C. information barriers
- D. Privileged Access Management (PAM)
Answer : C
Question 13
HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer : 
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
Question 14
HOTSPOT -
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer : 
Box 1: Yes -
Conditional access policies can be applied to all users
Box 2: No -
Conditional access policies are applied after first-factor authentication is completed.
Box 3: Yes -
Users with devices of specific platforms or marked with a specific state can be used when enforcing Conditional Access policies.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
Question 15
HOTSPOT -
Select the answer that correctly completes the sentence.
Hot Area:
Answer : 
When you register an application through the Azure portal, an application object and service principal are automatically created in your home directory or tenant.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal