Manage and monitor security posture Questions
Practice questions for Manage and monitor security posture topic in Microsoft Certified: Cloud and AI Security Engineer Associate. 46 questions covering this domain.
A Key Vault firewall is enabled and a user can browse to the vault in the Azure portal but can't list secrets. What best explains this behavior?
A policy assignment uses the deployIfNotExists effect to add a missing diagnostic setting to existing resources. What additional requirement must be s...
A security team wants to understand the effect of a new Azure Policy before it starts blocking deployments. Which effect should be used first?
A company still uses the Key Vault access policy model. Why does Microsoft recommend moving to Azure RBAC for Key Vault data plane access?
Security analysts want to extend Microsoft Security Copilot with additional capabilities and external systems. Which Security Copilot component should...
Your SOC wants ready-made data connectors, analytics, and monitoring content for Microsoft Sentinel. Where should analysts start?
Which Defender for Cloud plan provides protections such as just-in-time VM access, file integrity monitoring, and advanced server defenses?
What platform are Microsoft Sentinel playbooks built on?
A security architect wants to use Cloud Security Explorer and attack path analysis in Defender for Cloud. Which plan is required?
For Azure Key Vault data plane authorization, which access model does Microsoft recommend?
Which Defender for Cloud capability summarizes your organization's security posture based on recommendations?
In a scheduled Microsoft Sentinel analytics rule, which relationship between the query interval and the lookback period is valid?
A custom scheduled analytics rule in Microsoft Sentinel returns zero results even though matching events exist in the workspace. The rule query omits ...
Which Defender for Cloud feature shows a graph of how an attacker could move from initial access to a critical asset?
A subscription administrator can enable or disable Defender for Cloud plans, but some plan capabilities still cannot be fully turned on. Which role is...
Microsoft Sentinel ingests logs into which underlying Azure service?
Your team is planning its long-term Microsoft Sentinel portal strategy. According to Microsoft guidance, when will Microsoft Sentinel no longer be sup...
Which Microsoft Sentinel construct converts repeated alerts on the same entity into a single investigatable container?
Which Defender for Cloud role can view recommendations, alerts, and policies but cannot make changes?
Where can administrators review Microsoft Security Copilot administrative activity for auditing purposes?
Sign in to see all 46 questions
Create a free account to browse all questions — completely free during our launch phase.