assignment quiz module 12 authentication

• Find Flashcards
• Why It Works
• Tutors & resellers
• Content partnerships
• Teachers & professors
• Employee training

Brainscape's Knowledge Genome TM

Entrance exams, professional certifications.

• Foreign Languages
• Medical & Nursing

Humanities & Social Studies

Mathematics, health & fitness, business & finance, technology & engineering, food & beverage, random knowledge, see full index, security module 12 flashcards preview, cybersecurity > security module 12 > flashcards.

Which of the following does not take into consideration upper and lowercase letters during the cryptographic function?

LAN Manager hash

Which of the following is a secure methodology when using a password?

Never writing a password down

How do keystroke dynamics determine whether to authenticate an individual or not?

With dwell and flight time

Which of the following is NOT a hash?

How would a user view a list of non-keyboard characters?

Via charmap.exe

What device can be used to create an OTP?

Microsoft implemented the use of multiple password policies within one domain starting with which version of Windows?

Windows Server 2008

An attacker is least likely to use which password discovery method when compromising a strong password?

Brute-force

In respect to security, why is it better to use password management applications to store passwords rather than utilizing a web browser function?

Application store passwords in a user vault file

Which of the following is the fastest, most efficient offline password cracking technique

Rainbow Tables

Why would an administrator resort to key stretching algorithms as opposed to general-purpose algorithms such as MD5?

Key stretching algorithms are slower

Which of the following is a true statement about salts?

Salts can change identical passwords

Which of the following authentication methods are prone to errors?

Standard biometrics

Single sign-on allows users to authenticate across multiple networks and requires what to function?

Which of the following authentication method combinations is an example of multifactor authentication?

TOTP, password, and a username

What does Open Authorization rely on to function and share resources across sites?

Token credentials

Which of the following is considered the strongest password?

L*^dns22Oik

How does Windows manage credentials in an Active Directory environment?

With password setting objects

How is an HMAC-based OTP different from a TOTP?

HMAC requires an event to change values

Authentication factores or credentials assist in verifying which of the following?

Genuine identity

Decks in Cybersecurity Class (73):

• Threat Model
• First Look Into Computer Parts And Tools
• Computer Parts And Tools ( Part 2)
• Working Inside Desktop Computers And Laptops
• All About Mother Boards
• All About Motherboards ( Part 2)
• More Review
• More Review Part 2
• Review : Review
• Chapter 5 Homework
• Intro To Networking
• Intro To Networking 2
• Intro To Networkig 3
• Intro To Networking 4
• Intro To Networking 5
• Basics Of Device Driver Types
• Features Of A Linux System
• The Command Line
• Managing Rights
• Advance Networking
• The Linux Directory
• Introduction To Security
• Linux Module 2
• Linux Module 3
• Linux Module 4
• Security Module 3
• Security Module 4
• Security Module 5
• Security Module 6
• Security Module 9
• Security Module 10
• Linux Module 5 : Interactive Quiz
• Security Module 11
• Security+ Random Questions 1
• Security+ Random Questions 2
• Security+ Random Questions 3
• Comp Tia Security + Post Assessment
• Post Assessment 2
• Post Assessment 3
• Post Assessment 4
• Post Assessment 5
• Post Assessment 6
• Linux+ Midterm 1
• Linux+ Midterm 2
• Linux Midterm 3
• Security Module 2
• Security Module 7
• Security Module 8
• Security Module 12
• Ethical Hacking 1
• Ethical Hacking 1 Quiz
• Ethical Hacking 2
• Ethical Hacking 3
• Ethical Hacking 4
• Ethical Hacking 5
• Ethical Hacking 6
• Ethical Hacking 7
• Ethical Hacking 8
• Ethical Hacking 9
• Ethical Hacking 10
• Linux Module 9
• Linux Module 10
• Chapter 9 Quiz
• Linux Module 11
• Ethical Hacking 12a
• Ethical 12b
• Identify File Types
• Corporate Training
• Teachers & Schools
• Android App
• Help Center
• Law Education
• All Subjects A-Z
• All Certified Classes
• Earn Money!

Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) by Mike Meyers

Get full access to Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Understanding Authorization

We discussed authorization in Modules 3 and 11 , but in this module, we’ll go more in depth, detailing the concepts of authorization and how they relate to supporting the authorization processes. We will also look at access control models, which define how organizations frame and implement authorization.

Authorization Concepts

In Module 3 , you learned that authorization is a distinct part of the process of identification, authentication, authorization, and accountability. To recap, identification involves presenting credentials to a system. Authentication is the process of validating those credentials against a centralized database, to ensure that the user is who they say they are. Authorization takes it ...

Get Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Niyander Tech

Learn with fun

• All Coursera Quiz Answers

Module quiz: Active Directory access, protection, and governance management Quiz Answers

In this article i am gone to share Coursera Course: Cybersecurity Identity and Access Solutions using Azure AD by Microsoft Week 3 | Module quiz: Active Directory access, protection, and governance management Quiz Answers with you..

Enrol Link:   Cybersecurity Identity and Access Solutions using Azure AD

Cybersecurity Identity and Access Solutions using Azure AD Week 3 Quiz Answers

Question 1) True or False: Role-based access control (RBAC) is a security framework that assigns permissions to users based on their roles within an organization.

Question 2) An administrator wants to configure a Conditional Access policy that will prompt a user to go through multi-factor authentication (MFA) when certain signals are detected. Which of the following are common signals that Conditional Access policies can consider? Select all that apply.

• The length of time since the account password was last changed.
• Named location information.
• Real-time sign-in risk detection.
• Random application triggers.

Question 3) You have assigned a User Administrator role, which grants permissions for managing resources that live in Azure AD. Which of the following role categories does this fall under?

• Privileged roles
• Service-specific roles
• Azure AD-specific roles
• Cross-service roles

Question 4) True or False: Azure AD’s role-based access control (RBAC) allows you to define and manage roles with specific sets of permissions, granting access only to those who truly need it.

Question 5) The administrator at Sam’s Scoops has decided to build an access management approach for the company that is based on the Zero Trust model. Which of these security principles should be followed to align with this model? Select all that apply.

• Mandate regular password changes.
• Provide the least privileged access.
• Verify access attempts explicitly.
• Don’t allow external users.

Question 6) Complete the following sentence. Many experts believe that ______ is the new security perimeter.

Question 7) Which of the following statements about securing privileged access with Azure AD Privileged Identity Management (PIM) is true?

• Azure AD PIM requires Azure AD Premium P1 licenses to be enabled.
• Azure AD PIM does not support managing custom roles, only built-in Azure resource roles.
• Azure AD PIM does not provide any fine-grained access control options for role assignments.
• Azure AD PIM allows for permanent admin role assignments, with no expiration date.

Question 8) What can be managed using Azure AD PIM?

• Only built-in Azure resource roles.
• Only custom roles in Azure AD.
• Both built-in Azure resource roles and custom roles.
• Only Azure AD Premium P2 licenses.

Question 9) Which of the following statements is true regarding just-in-time (JIT) access?

• JIT access helps maintain security without sacrificing operational productivity.
• JIT access provides permanent access to privileged accounts.
• JIT access is not recommended for securing critical data and resources.
• JIT access requires users to authenticate multiple times for each application.

Question 10) Using Privileged Identity Management (PIM), you would like to assign a role to a user that applies immediately and provides access for an indefinite amount of time. Which of the following assignment types would you use?

• Permanent eligible
• Time-bound active
• Time-bound eligible
• Permanent active

Question 11) What is one of the benefits of using role-based access control (RBAC)?

• Centralized administration for individual user permissions.
• Increased security by limiting access to necessary resources.
• Increased complexity.

Question 13) You have assigned a Teams Administrator role, which enables the assignee to manage features in the Microsoft Teams application. This app, which resides separately of Azure AD, is used by employees in the organization for communication. Which of the following categories does the Teams Administrator role fall under?

Question 13) What is the main policy engine within the Zero Trust model?

• Intrusion Detection System (IDS)
• Zero Trust Application Gateway Conditional Access

Question 14) True or False: Identity governance involves managing and controlling access to resources based on least privilege principles.

Question 15) Which of the following best describes the concept of just-in-time (JIT) access?

• JIT access grants permanent access to applications and systems, ensuring continuous availability.
• JIT access limits privileged access based on location, actions, and timing, providing precise control over when and where users can access privileged accounts.
• JIT access provides immediate access to all applications and systems, without any restrictions.
• JIT access is a security practice that allows users to access applications and systems without any authentication.

Question 16) Consider an organization that uses cloud-based applications but does not yet have an access management system. It is considering Azure AD because of the capabilities made possible by Privileged Identity Management (PIM). Which Azure AD license should this organization acquire to enable PIM as a tool?

• Azure AD Free license
• Azure AD Premium P2 license
• Azure AD Basic license
• Azure AD Premium P1 license

Question 17) What does Privileged Identity Management (PIM) help minimize?

• The number of permissions granted to regular users.
• The number of applications and systems in Azure AD.
• The number of authentication methods required for users.
• The number of people with access to secure information.

Question 18) Consider an organization in which an employee is temporarily designated as a Project Manager for several days, while the true Project Manager is on vacation. As an administrator using Privileged Identity Management (PIM), you would like to assign a role to this user that requires activation and limits their access time to specific start and end dates. Which of the following assignment types would you use?

Question 19) After an audit revealed that certain employee accounts continued to have privileged access that was no longer needed, the administrator at Sam’s Scoops decided to implement role-based access control (RBAC). Which steps should be taken as part of this process? Select all that apply.

• Identify the roles that exist within an organization.
• Assign permissions to roles.
• Set the authentication method that applies to a role.
• Define what actions users are allowed to take.

Question 20) What is the purpose of using Conditional Access templates in Azure AD?

• To implement access controls only for remote work scenarios.
• To deploy preconfigured policies aligned with Microsoft’s recommendations.
• To create complex access control policies from scratch.

Question 21) The administrator at an organization worries about potential security issues due to poorly managed access and wants to use Privileged Identity Management (PIM) to take a more secure approach. Which statement best describes how PIM can help to accomplish this?

• PIM is a feature that grants permanent privileged access to all users in Azure AD, increasing flexibility.
• PIM helps minimize the number of people with access to secure information, reducing the risk of unauthorized access and inadvertent impact on sensitive resources.
• PIM only supports time-bound access to Azure resources, excluding other Microsoft Online services.
• PIM allows users to have unlimited access to resources in Azure AD, Azure, and other Microsoft Online services.

Question 22) True or False: Conditional Access policies in Azure AD are based on if-then statements, where a user must complete a specific action to access a resource.

Question 23) You have assigned a Security Administrator role, which allows for management of security features within Azure AD, as well as separate security services like Microsoft Defender for Cloud Apps. Which of the following role categories does this fall under?

Question 24) What are the two types of role definitions in Azure AD?

• Fixed roles and flexible roles.
• Built-in roles and custom roles.
• Basic roles and advanced roles.

Question 25) What is the primary benefit of just-in-time (JIT) access?

• JIT access eliminates the need for authentication when accessing applications and systems.
• JIT access grants permanent access to privileged accounts for all users.
• JIT access increases the availability of applications and systems for all users.
• JIT access reduces the risk of unauthorized access to critical data and resources.

Question 27) Imagine that an organization wants to change its security approach to provide the least access that users need to perform privileged operations. Which features does Privileged Identity Management (PIM) have that would assist in implementing this approach?

• Time-bound access to resources, self-service role assignment, and access reviews
• Time-bound access to resources, approval-based role activation, and multi-factor authentication enforcement.
• Permanent access to all resources, self-service role assignment, and access reviews
• Permanent access to all resources, multi-factor authentication enforcement, and access reviews.

Question 28) An employee at Sam’s Scoops needs a very specific set of permissions that isn’t covered by any of the built-in roles in Azure AD, so an administrator must create a custom role. Before the employee gains the permissions, which steps must the administrator follow? Select all that apply.

• Defining the role by selecting desired permissions from a preset list.
• Creating a new Azure AD tenant.
• Verifying the user’s identity through multi-factor authentication.
• Assigning the role to users or groups.

Question 29) Which of the follow can you manage in Privileged Identity Management (PIM)? Select all that apply.

• Conditional Access
• PIM for Groups
• Azure AD roles
• Self-service password reset (SSPR)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Save my name, email, and website in this browser for the next time I comment.

• GDPR Privacy Policy
• Privacy Policy
• Terms and Conditions

Greetings, Hey i am Niyander, and I hail from India, we strive to impart knowledge and offer assistance to those in need.