# [Knowledge check] Describe Azure identity, access, and security

This module covers some of the authorization and authentication methods available with Azure.

## **Learning objectives**

By the end of this module, you will be able to:

* Describe directory services in Azure, including Microsoft Entra ID and Microsoft Entra Domain Services
    
* Describe authentication methods in Azure, including single sign-on (SSO), multifactor authentication (MFA), and passwordless
    
* Describe external identities and guest access in Azure
    
* Describe Microsoft Entra Conditional Access
    
* Describe Azure Role Based Access Control (RBAC)
    
* Describe the concept of Zero Trust
    
* Describe the purpose of the defense in depth model
    
* Describe the purpose of Microsoft Defender for Cloud
    

## **Prerequisites**

* Basic familiarity with IT terms and concepts
    

[https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/](https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/)

---

1. **Which Microsoft Entra tool can vary the credentials needed to log in based on signals, such as where the user is located?**
    
    **<mark>A. Conditional Access</mark>**
    
    B. Guest access
    
    C. Passwordless
    
2. **Which security model assumes the worst-case security scenario, and protects resources accordingly?**
    
    **<mark>A. Zero trust</mark>**
    
    B. Defense-in-depth
    
    C. Role-based access control
    
3. **A user is simultaneously assigned multiple roles that use role-based access control. What are their actual permissions? The role permissions are: Role 1 - read || Role 2 - write || Role 3 - read and write.**
    
    A. Read only
    
    B. Write only
    
    **<mark>C. Read and write</mark>**
    

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1718960566365/90c55ada-e63a-45ae-ae14-28b4be0cc2bc.png align="center")