[Knowledge check] Describe Azure identity, access, and security

[Knowledge check] Describe Azure identity, access, and security

This module covers some of the authorization and authentication methods available with Azure.

Learning objectives

By the end of this module, you will be able to:

  • Describe directory services in Azure, including Microsoft Entra ID and Microsoft Entra Domain Services

  • Describe authentication methods in Azure, including single sign-on (SSO), multifactor authentication (MFA), and passwordless

  • Describe external identities and guest access in Azure

  • Describe Microsoft Entra Conditional Access

  • Describe Azure Role Based Access Control (RBAC)

  • Describe the concept of Zero Trust

  • Describe the purpose of the defense in depth model

  • Describe the purpose of Microsoft Defender for Cloud


  • Basic familiarity with IT terms and concepts


  1. Which Microsoft Entra tool can vary the credentials needed to log in based on signals, such as where the user is located?

    A. Conditional Access

    B. Guest access

    C. Passwordless

  2. Which security model assumes the worst-case security scenario, and protects resources accordingly?

    A. Zero trust

    B. Defense-in-depth

    C. Role-based access control

  3. A user is simultaneously assigned multiple roles that use role-based access control. What are their actual permissions? The role permissions are: Role 1 - read || Role 2 - write || Role 3 - read and write.

    A. Read only

    B. Write only

    C. Read and write