Microsoft 365 Certi...
Clear all

Microsoft 365 Certified: Security Administrator Associate - Knowledge Check

3 Posts
1 Users
0 Reactions
Posts: 108
Topic starter
Joined: 4 years ago

MCSAA Check your knowledge

1. Azure Active Directory doesn’t natively support mobile devices without third-party solutions.
Correct! Azure AD is integrated with Microsoft Intune, a Microsoft mobile device management solution.
2. Which of the following describes Azure Active Directory?
Microsoft’s evolution of identity and access management for the cloud

Correct! Azure AD provides organizations with Identity as a Service, and helps employees sign in and access resources within external and internal sources.

Controls and helps secure email, documents, and sensitive data inside and outside your company walls
Safeguards access to data and applications by requiring a second form of authentication and a range of easy to use authentication methods.

3. Which of the following is a reason that the network perimeter is no longer enough?
Organizational data is kept internal to the network boundaries.
Adversaries are using phishing attacks.

Correct! Adversaries have demonstrated a consistent and ongoing ability to penetrate network perimeters using phishing attacks..

Port and protocol definitions have kept up with the complexity of data.

2 Replies
Posts: 108
Topic starter
Joined: 4 years ago
1. All of these are identity management capabilities of Microsoft 365 except:
Conditional access
Automated investigation and response . V

Automated investigation and response are not an identity management feature; it’s a tool that automates investigation and remediation of well-known attack threats.

2. When you plan for identity governance in Azure AD, you should:
Determine which users and groups should have access to which resources at which time. V

When planning for identity governance, you should determine how soon a user has access to the resources they need and how their access changes over time.

Prioritize the right set of alerts for investigation.
Assess the risk levels and business readiness of your organization’s cloud apps.

3. Before you deploy a Microsoft 365 identity infrastructure, you should first:
Assign access policies to users.
Classify data security.
Categorize your users. v

You should first categorize users so you can secure access with controls that ensure strong assurances of identity and access from safe devices.


Posts: 108
Topic starter
Joined: 4 years ago
1. Legacy authentication supports enabling multi-factor authentication.

Legacy authentication does not support multi-factor authentication.

2.Which of the following describes how to enforce multi-factor authentication?
Create a Conditional Access policy with “Require multi-factor authentication” enabled. V

To enforce MFA, create a Conditional Access policy and select Require multi-factor authentication under Access controls.

Configure a Compliance policy in Intune with Require multi-factor authentication enabled.
Multi-factor authentication is automatically enforced for all modern authentication applications.

3.  Which of the following is a method of passwordless authentication?
Copying and pasting the password from a sticky note.
Biometric scan. V

A biometric scan or pin via Windows Hello, phone-as-a-token from the Microsoft Authenticator app, or a FIDO2 security key are all methods of passwordless authentication.

Gently whispering the password into a microphone