Practice Test
True or False: In Azure, a role represents a set of permissions for access to resources.
Answer: True
Explanation: A role in Azure represents a set of permissions to access resources that is assigned to users, groups, and applications.
Which of the following is not a type of role in Azure?
- a) Built-in roles
- b) Custom roles
- c) Public roles
- d) Azure AD Power roles
Answer: c) Public roles
Explanation: Azure supports: Built-in roles which are managed by Azure, Custom roles which users create, and Azure AD Power roles which are managed by Microsoft.
True or False: Assigning fewer roles to a user grants more access to Azure resources.
Answer: False
Explanation: The level of access to Azure resources a user has is directly proportional to the number and type of roles assigned to that user.
Permissions to access resources in Azure are granted at which levels?
- a) Resource level
- b) Resource group level
- c) Subscription level
- d) Management group level
Answer: a) Resource level, b) Resource group level, c) Subscription level and d) Management group level.
Explanation: Permissions can be granted at all listed levels – resource, resource group, subscription, and management group level.
True or False: Azure Active Directory (Azure AD) enables users to manage authorization and permissions within Azure.
Answer: True
Explanation: Azure AD lets the administrators manage how users gain access to specific resources by providing identity and access management capabilities in the cloud.
What does the “Owner” role in Azure permissions allow?
- a) Full access to all resources
- b) Read-only access to all resources
- c) Access to only modify resources
- d) Limited access to specific resources
Answer: a) Full access to all resources
Explanation: An Owner has full access rights to all resources including the right to delegate access to others.
Which Azure role grants the user permission to manage RBAC role assignments?
- a) Contributor
- b) User Access Administrator
- c) Reader
- d) Owner
Answer: b) User Access Administrator
Explanation: The User Access Administrator role lets the user manage access to Azure resources up to the level of RBAC role assignments.
In Azure RBAC, if a user has Read access at the subscription level and no access at the resource group level, what access does the user have on the resources in the resource group?
- a) Full Access
- b) Read Access
- c) No Access
- d) Write Access
Answer: b) Read Access
Explanation: Azure RBAC is an additive model so the permissions are combined. If a user has Read access at the subscription level, they have Read access to everything within the subscription despite having no access at the resource group level.
True or False: Azure Blueprints is a service to manage permissions and governance in Azure.
Answer: True
Explanation: Azure Blueprints helps organizations maintain standards, patterns, and compliance through governance subscriptions.
Which of the following Azure services is designed to manage and control identities and their roles?
- a) Azure Active Directory (Azure AD)
- b) Azure Monitor
- c) Azure Security Center
- d) Azure DevOps
Answer: a) Azure Active Directory (Azure AD)
Explanation: Azure Active Directory (Azure AD) provides identity management and access control capabilities for applications on Azure.
Interview Questions
1. How can you check for available security updates for a Windows virtual machine in Azure?
You can check for available security updates for a Windows virtual machine by connecting to the virtual machine and going to the “Windows Update” settings.
2. What is the recommended method in Azure for automating security updates for virtual machines?
Azure Automation Update Management is the recommended method for automating security updates for virtual machines in Azure.
3. How can you enable the Azure Security Center’s Just-in-Time VM access to limit exposure to attacks during maintenance activities?
You can enable the Azure Security Center’s Just-in-Time VM access by configuring the settings in the Security Center’s policy.
4. In Azure, what is Azure Security Center’s role in managing security updates for virtual machines?
Azure Security Center helps in managing security updates for virtual machines by providing recommendations and remediation steps for vulnerabilities.
5. How does Azure Automation Update Management help in managing security updates for VMs in a hybrid environment?
Azure Automation Update Management allows you to manage security updates for VMs in a hybrid environment by providing a centralized view and control of update deployment.
6. What are maintenance windows in Azure and how can they help manage security updates for VMs?
Maintenance windows in Azure allow you to define a schedule when updates can be installed on a virtual machine, assisting in managing security updates without impacting critical operations.
7. How can you ensure compliance with security update policies in Azure for virtual machines?
You can ensure compliance with security update policies in Azure for virtual machines by setting up Azure Policy to enforce specific update configurations.
8. What role does Azure Security Center’s Secure Score play in managing security updates for VMs?
Azure Security Center’s Secure Score provides recommendations and best practices to improve the security posture of virtual machines, including managing security updates effectively.
9. How does Azure Defender for Servers enhance security update management for virtual machines?
Azure Defender for Servers offers advanced threat protection, including vulnerability management, to improve security update management for virtual machines.
10. How can you track the compliance status of security updates applied to Azure VMs?
You can track the compliance status of security updates applied to Azure VMs using the Security Center dashboard or by leveraging Azure Monitor logs for monitoring.
extutorials.com