Microsoft Security, Compliance, and Identity Fundamentals v1.0

Answer :

Biometrics templates are stored locally on a device.
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview

Answer : D

Azure AD Password Protection detects and blocks known weak passwords and their variants, and can also block additional weak terms that are specific to your organization.
With Azure AD Password Protection, default global banned password lists are automatically applied to all users in an Azure AD tenant. To support your own business and security needs, you can define entries in a custom banned password list.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

Answer : A

Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

Answer :

Multi-factor authentication is a process where a user is prompted during the sign-in process for an additional form of identification, such as to enter a code on their cellphone or to provide a fingerprint scan.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks

Answer :

Box 1: Yes -

Box 2: No -
Conditional Access policies are enforced after first-factor authentication is completed.

Box 3: Yes -
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Answer :

Reference:
https://docs.microsoft.com/en-us/defender-for-identity/what-is

Answer :

Microsoft Defender for Identity is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Reference:
https://docs.microsoft.com/en-us/defender-for-identity/what-is

Answer :

Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/about-microsoft-365-identity?view=o365-worldwide

Answer : C

Azure AD Privileged Identity Management (PIM) provides just-in-time privileged access to Azure AD and Azure resources
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Answer : ABD

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods

Answer : C

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers

Answer :

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Answer :

Box 1: Yes -
Conditional access policies can be applied to all users

Box 2: No -
Conditional access policies are applied after first-factor authentication is completed.

Box 3: Yes -
Users with devices of specific platforms or marked with a specific state can be used when enforcing Conditional Access policies.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Answer :

When you register an application through the Azure portal, an application object and service principal are automatically created in your home directory or tenant.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal