Secure compute Questions
Practice questions for Secure compute topic in Microsoft Certified: Cloud and AI Security Engineer Associate. 48 questions covering this domain.
A platform team wants per-project token limits and governance for model requests in Microsoft Foundry. Which feature should it enable?
A security lead wants one Defender for Cloud view for AI discovery, AI threat protection, and attack paths tied to data and AI resources. Which view s...
You want applications and users to connect to Azure SQL by using Microsoft Entra identities. What must be configured first at the server or instance l...
An operations team enables the admin user on Azure Container Registry so a single tester can push and pull images. Which statement about this account ...
A security architect must protect temp disks, caches, and the data flow between compute and storage for a virtual machine. Which disk encryption optio...
You need to determine which route Azure will use from a VM to a specific destination IP. Which Azure Network Watcher tool should you use?
A newly deployed Application Gateway WAF should log attacks but avoid blocking legitimate traffic until tuning is complete. Which mode should be used ...
A Foundry team wants controls that reduce unsafe outputs and prompt injection across an agent. Which feature should it configure?
An Application Gateway WAF policy is running in prevention mode with OWASP anomaly scoring. A single matched rule has severity Critical. What is the e...
What does Microsoft Defender for Cloud just-in-time VM access do to management ports when no access request is active?
A WAF policy on Application Gateway is in prevention mode using OWASP CRS 3.2 with anomaly scoring. Legitimate API requests fail with rule 942100 (SQL...
Which Microsoft Purview experience inventories AI apps and agents and highlights sensitive interactions and high-risk agents?
Which Microsoft Defender for Cloud protection should be enabled to surface detections for AI workloads and AI services?
A regulated organization mandates that all outbound internet traffic from Azure VMs be encrypted and inspected for data exfiltration (including inspec...
An AKS cluster must pull images only from a private Azure Container Registry, blocking public registries. Which two AKS configurations achieve this?
Which Microsoft 365 control plane gives administrators a centralized registry to observe, govern, and secure agents?
An AKS team must restrict pod egress to a specific allow list of FQDNs in production without granting cluster-wide internet access. Which Microsoft-su...
An autonomous agent accesses a corporate resource with its own identity and no signed-in user. Which Conditional Access pattern applies?
A workload uses a Disk Encryption Set with a customer-managed key. The team accidentally deletes the key version. What does Microsoft documentation sa...
Which Azure WAF SKU is integrated with Azure Front Door to protect global, edge-delivered web applications?
Sign in to see all 48 questions
Create a free account to browse all questions — completely free during our launch phase.