Koo Practice Questions (GPT-Generated)

Section 1: AWS Academy Cloud Foundations (Questions 1–70)

Module 1: Cloud Concepts (1–9)

1. Which principle of cloud computing enables automatic augmentation or diminution of resources to match workload exigencies?
   A) Elasticity
   B) High availability
   C) Scalability
   D) Durability
   Answer: A

2. What term denotes the capacity to access computing resources on demand without upfront capital investment?
   A) Pay-as-you-go
   B) Reserved pricing
   C) Spot pricing
   D) Dedicated instance
   Answer: A

3. Which cloud deployment model provides services exclusively over the private network infrastructure of an organization?
   A) Private cloud
   B) Public cloud
   C) Hybrid cloud
   D) Community cloud
   Answer: A

4. In the context of cloud economics, which model charges customers solely for resources actually consumed?
   A) Consumption-based billing
   B) Subscription model
   C) License fee
   D) Upfront payment
   Answer: A

5. Which attribute ensures seamless interoperability among disparate cloud services?
   A) Standardization
   B) Isolation
   C) Proprietary interfaces
   D) Gatekeeping
   Answer: A

6. What paradigm mitigates latency by provisioning resources proximal to end users?
   A) Edge computing
   B) Centralized processing
   C) Batch computing
   D) Mainframe computing
   Answer: A

7. Which characteristic of cloud services denotes the ability to recover from infrastructure failures without service interruption?
   A) Resilience
   B) Elasticity
   C) Scalability
   D) Portability
   Answer: A

8. Which model amalgamates pairing of private and public cloud infrastructures for operational flexibility?
   A) Hybrid cloud
   B) Community cloud
   C) Dedicated cloud
   D) Multi-cloud
   Answer: A

9. What concept permits instantaneous transference of workloads across disparate data centers?
   A) Global reach
   B) Local area networking
   C) On-premises hosting
   D) Data sovereignty
   Answer: A

Module 2: AWS Security (10–18)
10. Which AWS service administers user identities and enforces permissions for AWS resources?
A) AWS Identity and Access Management (IAM)
B) AWS Shield
C) AWS Config
D) AWS WAF
Answer: A

11. Which mechanism in AWS encrypts data at rest for S3 buckets?
    A) Server-side encryption (SSE-S3)
    B) Client-side encryption
    C) AWS Shield
    D) AWS Inspector
    Answer: A

12. Which AWS service provides managed Distributed Denial of Service (DDoS) protection for applications?
    A) AWS Shield
    B) AWS Inspector
    C) AWS Macie
    D) AWS Certificate Manager
    Answer: A

13. In the AWS shared responsibility model, which domain is exclusively managed by the customer?
    A) Data protection
    B) Physical security of the data center
    C) Hardware maintenance
    D) Facility power management
    Answer: A

14. Which AWS service continuously assesses applications for vulnerabilities and deviations from best practices?
    A) AWS Inspector
    B) AWS Macie
    C) AWS GuardDuty
    D) AWS Shield
    Answer: A

15. What is the principal service for discovering sensitive data using pattern matching and machine learning?
    A) Amazon Macie
    B) AWS Config
    C) AWS CloudTrail
    D) AWS GuardDuty
    Answer: A

16. Which AWS service provides network intrusion detection capabilities for VPC traffic?
    A) AWS GuardDuty
    B) AWS Shield
    C) AWS WAF
    D) AWS Inspector
    Answer: A

17. Which AWS service issues and manages SSL/TLS certificates for securing your domains?
    A) AWS Certificate Manager
    B) AWS WAF
    C) AWS Shield
    D) AWS IAM
    Answer: A

18. Which policy type in IAM grants extensive privileges across multiple AWS services?
    A) AdministratorAccess
    B) ReadOnlyAccess
    C) Billing
    D) ViewOnlyAccess
    Answer: A

Module 3: AWS Core Services (19–27)
19. Which AWS service orchestrates containerized applications at scale?
A) Amazon EKS
B) Amazon S3
C) Amazon RDS
D) Amazon Redshift
Answer: A

20. Which managed database service is optimized for analytical data warehousing?
    A) Amazon Redshift
    B) Amazon RDS
    C) Amazon DynamoDB
    D) Amazon ElastiCache
    Answer: A

21. Which AWS service facilitates object lifecycle management and archival?
    A) Amazon S3
    B) Amazon EBS
    C) Amazon Glacier
    D) Amazon FSx
    Answer: A

22. Which AWS service is the principal network content delivery mechanism?
    A) Amazon CloudFront
    B) Amazon Route 53
    C) AWS Direct Connect
    D) AWS Transit Gateway
    Answer: A

23. Which AWS service abstracts server management for running containerized tasks?
    A) Amazon ECS
    B) AWS Fargate
    C) AWS Lambda
    D) Amazon EC2
    Answer: A

24. Which AWS service simplifies deployment and orchestration of microservices?
    A) AWS Step Functions
    B) Amazon API Gateway
    C) AWS CodeDeploy
    D) AWS CloudFormation
    Answer: A

25. Which AWS service provision virtual private clouds with logically isolated network segments?
    A) Amazon VPC
    B) AWS Lambda
    C) AWS Batch
    D) Amazon SQS
    Answer: A

26. Which AWS service offers a fully managed NoSQL key-value and document database?
    A) Amazon DynamoDB
    B) Amazon RDS
    C) Amazon Aurora
    D) Amazon Redshift
    Answer: A

27. Which AWS service enables event-driven compute without server provisioning?
    A) AWS Lambda
    B) Amazon EC2
    C) AWS Elastic Beanstalk
    D) Amazon Lightsail
    Answer: A

Module 4: AWS Architecting (28–35)
28. What comprises the five pillars of the AWS Well-Architected Framework?
A) Operational excellence, security, reliability, performance efficiency, cost optimization
B) Scalability, availability, security, governance, compliance
C) Resilience, agility, latency, throughput, redundancy
D) Usability, maintainability, extensibility, portability, cost
Answer: A

29. Which approach ensures that resources are defined and provisioned through version-controlled templates?
    A) Infrastructure as Code (IaC)
    B) Manual provisioning
    C) Stateful design
    D) Transactional deployment
    Answer: A

30. In AWS architecture, what concept refers to decoupling components using messaging or event mechanisms?
    A) Loose coupling
    B) Tight integration
    C) Monolithic architecture
    D) Stateful coupling
    Answer: A

31. Which AWS service automates infrastructure deployment through templated scripts?
    A) AWS CloudFormation
    B) AWS Config
    C) AWS OpsWorks
    D) AWS Service Catalog
    Answer: A

32. Which design principle advocates for distributing workloads across multiple availability zones?
    A) Fault tolerance
    B) Cost minimization
    C) Single point of failure
    D) Data sovereignty
    Answer: A

33. What architectural pattern leverages multiple services to process tasks asynchronously?
    A) Event-driven architecture
    B) Monolithic architecture
    C) Waterfall architecture
    D) Lean architecture
    Answer: A

34. Which architectural pillar emphasizes the continuous improvement of processes and procedures?
    A) Operational Excellence
    B) Reliability
    C) Security
    D) Performance Efficiency
    Answer: A

35. Which AWS service allows governance of multiple accounts with consolidated policy enforcement?
    A) AWS Control Tower
    B) AWS IAM
    C) AWS Organizations
    D) AWS Config
    Answer: C

Module 5: AWS Pricing & Support (36–43)
36. Which AWS support plan provides 24/7 access to Cloud Support Engineers for critical issues?
A) Enterprise
B) Business
C) Developer
D) Basic
Answer: A

37. Which AWS pricing model offers a substantial discount in exchange for a one- or three-year commitment?
    A) Reserved Instances
    B) On-Demand Instances
    C) Spot Instances
    D) Dedicated Hosts
    Answer: A

38. Which AWS feature allows you to monitor service usage and forecast costs?
    A) AWS Cost Explorer
    B) AWS CloudTrail
    C) AWS Config
    D) AWS Budgets
    Answer: A

39. Which AWS instance purchasing option leverages unused capacity at steep discounts?
    A) Spot Instances
    B) On-Demand Instances
    C) Dedicated Instances
    D) Reserved Instances
    Answer: A

40. What AWS service informs you when usage or spending exceeds predefined thresholds?
    A) AWS Budgets
    B) AWS Cost Explorer
    C) AWS Billing Dashboard
    D) AWS Cost and Usage Reports
    Answer: A

41. Which AWS support plan includes a technical account manager (TAM)?
    A) Enterprise
    B) Business
    C) Developer
    D) Basic
    Answer: A

42. Which tool aggregates AWS service events and provides scheduled reports?
    A) AWS CloudWatch
    B) AWS CloudTrail
    C) Amazon SNS
    D) AWS Config
    Answer: A

43. Which billing option enables pooling of usage across multiple accounts to reduce cost?
    A) Consolidated billing
    B) Volume discount
    C) Cost allocation tags
    D) Pay-as-you-go
    Answer: A

Module 6: AWS Compute (44–53)
44. Which AWS service is most suitable for deploying a simple web application with minimal configuration?
A) AWS Elastic Beanstalk
B) Amazon EC2
C) AWS Lambda
D) Amazon ECS
Answer: A

45. Which instance type is optimized for compute-intensive workloads such as high-performance computing?
    A) C-series
    B) M-series
    C) R-series
    D) T-series
    Answer: A

46. What AWS feature allows you to provision EC2 instances with predictable pricing for a specified term?
    A) Reserved Instances
    B) On-Demand Instances
    C) Dedicated Instances
    D) Spot Instances
    Answer: A

47. Which AWS service vends on-demand ephemeral compute executed in response to events?
    A) AWS Lambda
    B) Amazon EC2
    C) AWS Batch
    D) AWS Elastic Beanstalk
    Answer: A

48. Which AWS offering provides bare-metal servers without virtualization for specialized workloads?
    A) Bare Metal Instances
    B) Dedicated Hosts
    C) Regional Instances
    D) Spot Instances
    Answer: A

49. Which mechanism enables you to automatically adjust compute capacity based on demand?
    A) Auto Scaling
    B) Load Balancer
    C) CloudFront
    D) Elastic Beanstalk
    Answer: A

50. Which AWS service facilitates container orchestration compatible with Kubernetes?
    A) Amazon EKS
    B) Amazon ECS
    C) AWS Fargate
    D) AWS Batch
    Answer: A

51. Which service enables scheduling of periodic tasks on Lambda without an HTTP trigger?
    A) Amazon EventBridge
    B) AWS CloudTrail
    C) AWS Config
    D) AWS Step Functions
    Answer: A

52. Which AWS compute service charges based on the number of requests and duration of code execution?
    A) AWS Lambda
    B) Amazon EC2
    C) AWS Batch
    D) AWS Elastic Beanstalk
    Answer: A

53. Which reserved capacity offering allows modifications to attributes like instance size?
    A) Convertible Reserved Instances
    B) Standard Reserved Instances
    C) Spot Instances
    D) On-Demand Instances
    Answer: A

Module 7: AWS Networking (54–63)
54. Which AWS service acts as a DNS service for domain management and health checking?
A) Amazon Route 53
B) Amazon VPC
C) AWS Direct Connect
D) AWS VPN
Answer: A

55. Which component in a VPC defines a private network range and subnets?
    A) CIDR block
    B) Route table
    C) Internet gateway
    D) Security group
    Answer: A

56. What is the function of an Internet gateway in a VPC?
    A) Enables communication between instances and the internet
    B) Blocks inbound traffic
    C) Performs network address translation for private instances
    D) Logs network activity
    Answer: A

57. Which AWS service provides low-latency, dedicated connections between on-premises and AWS?
    A) AWS Direct Connect
    B) AWS VPN
    C) Amazon CloudFront
    D) Amazon Route 53
    Answer: A

58. Which VPC construct acts as a virtual firewall for controlling inbound and outbound traffic at the instance level?
    A) Security group
    B) Network ACL
    C) Route table
    D) Internet gateway
    Answer: A

59. What resource enables stateless filtering of inbound and outbound traffic at the subnet level?
    A) Network ACL
    B) Security group
    C) Route table
    D) NAT gateway
    Answer: A

60. Which AWS service distributes inbound traffic across multiple targets to enhance availability?
    A) Elastic Load Balancing
    B) Amazon Route 53
    C) AWS Direct Connect
    D) Amazon VPC
    Answer: A

61. Which AWS service caches frequently accessed content at edge locations to reduce latency?
    A) Amazon CloudFront
    B) AWS WAF
    C) AWS Shield
    D) AWS Glue
    Answer: A

62. In a hybrid network scenario, which AWS service establishes an IPsec connection over the internet?
    A) AWS VPN
    B) AWS Direct Connect
    C) AWS Transit Gateway
    D) Amazon Route 53
    Answer: A

63. Which AWS service enables simplified connection of multiple VPCs and on-premises networks?
    A) AWS Transit Gateway
    B) AWS VPN
    C) AWS Direct Connect
    D) Amazon Route 53
    Answer: A

Module 8: AWS Databases (64–70)
64. Which AWS database service is a fully managed relational database compatible with MySQL?
A) Amazon Aurora
B) Amazon DynamoDB
C) Amazon Redshift
D) Amazon RDS for MySQL
Answer: A

65. Which AWS database service is a managed, in-memory data store for caching?
    A) Amazon ElastiCache
    B) Amazon DynamoDB
    C) Amazon RDS
    D) Amazon Neptune
    Answer: A

66. Which AWS service offers graph database capabilities for relationship-based queries?
    A) Amazon Neptune
    B) Amazon RDS
    C) Amazon Redshift
    D) Amazon DynamoDB
    Answer: A

67. Which AWS database service provides a petabyte-scale data warehouse solution?
    A) Amazon Redshift
    B) Amazon RDS
    C) Amazon DynamoDB
    D) Amazon Aurora
    Answer: A

68. Which AWS database offering automates replication across multiple Availability Zones for high availability?
    A) Amazon RDS Multi-AZ
    B) Amazon DynamoDB Global Tables
    C) Amazon Aurora Replica
    D) Amazon Redshift Spectrum
    Answer: A

69. Which mechanism allows DynamoDB to maintain eventual consistency for distributed data?
    A) Multi-region replication
    B) Multi-AZ deployment
    C) Cross-region read replicas
    D) On-demand backups
    Answer: A

70. Which AWS service enables offline analysis of large datasets stored in S3 using serverless SQL queries?
    A) Amazon Athena
    B) Amazon Redshift
    C) AWS Glue
    D) Amazon EMR
    Answer: A

Section 2: Microsoft Azure Fundamentals (AZ-900) (Questions 71–100)

71. Which term describes the model wherein responsibilities are divided between the cloud provider and the customer?
    A) Shared responsibility model
    B) Exclusive liability model
    C) Managed services model
    D) Proprietary governance model
    Answer: A

72. Which Azure service offers object storage for unstructured data?
    A) Azure Blob Storage
    B) Azure Files
    C) Azure Queues
    D) Azure Tables
    Answer: A

73. What tool in Azure provides a unified portal for resource deployment and management?
    A) Azure Resource Manager
    B) Azure Monitor
    C) Azure Advisor
    D) Azure Policy
    Answer: A

74. Which Azure service enables global content distribution through edge caching?
    A) Azure Content Delivery Network (CDN)
    B) Azure Front Door
    C) Azure Traffic Manager
    D) Azure ExpressRoute
    Answer: A

75. Which Azure pricing calculator estimates monthly costs for deployed resources?
    A) Azure Pricing Calculator
    B) Azure Cost Management
    C) Azure Advisor
    D) Azure Monitor
    Answer: A

76. Which governance tool in Azure enforces organizational policies at scale?
    A) Azure Policy
    B) Azure Blueprints
    C) Azure Security Center
    D) Azure Monitor
    Answer: A

77. Which feature provides recommendations for optimizing Azure resources?
    A) Azure Advisor
    B) Azure Monitor
    C) Azure Sentinel
    D) Azure Automation
    Answer: A

78. Which service aggregates logs and metrics for comprehensive monitoring?
    A) Azure Monitor
    B) Azure Log Analytics
    C) Azure Application Insights
    D) Azure Security Center
    Answer: A

79. Which SLA metric ensures at least 99.9% uptime for a single-instance virtual machine?
    A) 99.9%
    B) 99.5%
    C) 99%
    D) 95%
    Answer: A

80. Which Azure service orchestrates containerized applications with Kubernetes?
    A) Azure Kubernetes Service (AKS)
    B) Azure Container Instances (ACI)
    C) Azure Service Fabric
    D) Azure Container Registry
    Answer: A

81. Which Azure replication option ensures data residency compliance by storing copies in two or more regions?
    A) Geo-redundant Storage (GRS)
    B) Locally redundant Storage (LRS)
    C) Zone-redundant Storage (ZRS)
    D) Read-access Geo-redundant Storage (RA-GRS)
    Answer: A

82. Which Azure service provides Infrastructure as Code capabilities?
    A) Azure Resource Manager templates
    B) Azure DevOps Pipelines
    C) Azure Automation
    D) Azure Functions
    Answer: A

83. What is the primary benefit of using Azure Reserved Instances for VMs?
    A) Cost savings for long-term commitments
    B) Instantaneous scalability
    C) Enhanced security
    D) Automated backups
    Answer: A

84. Which Azure service allows private connectivity from on-premises networks without traversing the internet?
    A) Azure ExpressRoute
    B) Azure VPN Gateway
    C) Azure Application Gateway
    D) Azure Traffic Manager
    Answer: A

85. Which Azure service centralizes identity and access management as a cloud-based directory?
    A) Azure Active Directory
    B) Azure Key Vault
    C) Azure Identity Protection
    D) Azure AD B2C
    Answer: A

86. Which tool helps manage cost allocation across subscriptions and resource groups?
    A) Azure Cost Management and Billing
    B) Azure Portal
    C) Azure CLI
    D) Azure Monitor
    Answer: A

87. Which Azure service provides threat detection and vulnerability assessment for your resources?
    A) Azure Security Center
    B) Azure Sentinel
    C) Azure Firewall
    D) Azure Key Vault
    Answer: A

88. Which Azure database service is a fully managed, intelligent, scalable relational database?
    A) Azure SQL Database
    B) Azure Database for MySQL
    C) Azure Cosmos DB
    D) Azure Database for PostgreSQL
    Answer: A

89. Which Azure service offers a globally distributed, multi-model database?
    A) Azure Cosmos DB
    B) Azure SQL Database
    C) Azure Table Storage
    D) Azure Cache for Redis
    Answer: A

90. Which Azure service ensures compliance by enforcing access controls and automating policy remediation?
    A) Azure Policy
    B) Azure RBAC
    C) Azure Blueprints
    D) Azure Security Center
    Answer: A

91. Which service allows you to manage cryptographic keys and secrets in Azure?
    A) Azure Key Vault
    B) Azure Confidential Ledger
    C) Azure AD Key Protection
    D) Azure Security Center
    Answer: A

92. Which Azure feature protects applications from Distributed Denial of Service attacks?
    A) Azure DDoS Protection
    B) Azure Firewall
    C) Azure Security Center
    D) Azure WAF
    Answer: A

93. Which Azure service identifies and correlates suspicious activities across your cloud environment?
    A) Azure Sentinel
    B) Azure Security Center
    C) Azure Monitor
    D) Azure Advisor
    Answer: A

94. Which concept refers to grouping Azure resources for coherent management and billing?
    A) Resource group
    B) Subscription
    C) Management group
    D) Tenant
    Answer: A

95. Which capability allows delegating granular permissions to users for specific resources in Azure?
    A) Role-based access control (RBAC)
    B) Shared keys
    C) SAS tokens
    D) Managed identities
    Answer: A

96. What Azure service provides a private registry for storing container images?
    A) Azure Container Registry
    B) Azure Artifacts
    C) Azure DevTest Labs
    D) Azure Image Builder
    Answer: A

97. Which service transforms telemetry data into actionable insights with AI analytics?
    A) Azure Monitor
    B) Azure Data Explorer
    C) Application Insights
    D) Azure Log Analytics
    Answer: D

98. Which service automates the deployment and orchestration of resources through version-controlled templates?
    A) Azure Resource Manager templates
    B) Azure DevOps Services
    C) Azure Automation
    D) Azure Functions
    Answer: A

99. Which offering provides an SLA credit if uptime falls below the guaranteed threshold?
    A) Service Level Agreement
    B) Service Health Advisory
    C) Resource Health
    D) Azure Monitor
    Answer: A

100. Which service allows developers to test and deploy code in a managed environment with minimal infrastructure management?
     A) Azure App Service
     B) Azure Functions
     C) Azure Container Instances
     D) Azure Kubernetes Service
     Answer: A

Section 3: Microsoft Security, Compliance, and Identity Fundamentals (Questions 101–120)

101. Which Learn module elucidates identity paradigms in cybersecurity?
     A) Describe identity concepts
     B) Introduction to Git
     C) Describe security management capabilities
     D) Describe governance and compliance
     Answer: A

102. Which authentication factor is predicated on something you know?
     A) Password
     B) Fingerprint
     C) Smart card
     D) Physical token
     Answer: A

103. Which identity service provides single sign-on for cloud and on-premises applications?
     A) Azure Active Directory
     B) Active Directory Federation Services
     C) Azure AD B2C
     D) Azure AD Domain Services
     Answer: A

104. Which principle ensures individuals operate with the minimum privileges necessary?
     A) Principle of least privilege
     B) Dual control
     C) Separation of duties
     D) Job rotation
     Answer: A

105. Which concept pertains to validating the legitimacy of a principal’s assertions?
     A) Authentication
     B) Authorization
     C) Accounting
     D) Auditing
     Answer: A

106. What is the process of assigning permissions to authenticated users called?
     A) Authorization
     B) Authentication
     C) Encryption
     D) Decryption
     Answer: A

107. Which module covers security and compliance terminologies and frameworks?
     A) Describe security and compliance concepts
     B) Describe identity concepts
     C) Introduction to GitHub
     D) Describe data governance solutions
     Answer: A

108. Which compliance program is tailored to the European Union’s data protection regulations?
     A) GDPR
     B) HIPAA
     C) CCPA
     D) PCI DSS
     Answer: A

109. What mechanism ensures data remains tamper-evident and traceable?
     A) Audit logs
     B) Encryption at rest
     C) Traffic mirroring
     D) Auto-scaling
     Answer: A

110. Which security principle involves isolating resources to curtail lateral movement?
     A) Network segmentation
     B) Elasticity
     C) Scalability
     D) Redundancy
     Answer: A

111. Which compliance framework governs credit card transactions?
     A) PCI DSS
     B) ISO 27001
     C) NIST SP 800-53
     D) GDPR
     Answer: A

112. Which Learn module explicates security management functionalities in Azure?
     A) Describe security management capabilities in Azure
     B) Describe core infrastructure security services in Azure
     C) Describe identity concepts
     D) Introduction to Git
     Answer: A

113. What service in Azure provides unified security management and threat protection?
     A) Microsoft Defender for Cloud
     B) Azure DDoS Protection
     C) Azure Key Vault
     D) Azure AD
     Answer: A

114. Which capability enables automated assessment of security configurations and vulnerabilities?
     A) Vulnerability assessment in Microsoft Defender for Cloud
     B) Azure Policy
     C) Azure Monitor
     D) Azure Security Center
     Answer: A

115. Which Azure module remains partially completed pertaining to security management?
     A) Describe the security management capabilities in Azure
     B) Describe cost management in Azure
     C) Introduction to GitHub
     D) Describe identity concepts
     Answer: A

116. Which Azure service streamlines the management of encrypted keys and secrets?
     A) Azure Key Vault
     B) Azure AD B2C
     C) Azure Information Protection
     D) Azure Sentinel
     Answer: A

117. What paradigm safeguards data as it traverses networks?
     A) TLS encryption
     B) Data caching
     C) API management
     D) Automated scaling
     Answer: A

118. Which component in Azure governs role assignments and access scopes?
     A) Role-based access control (RBAC)
     B) Azure Policy
     C) Conditional Access
     D) Azure Blueprints
     Answer: A

119. Which Learn module includes taxonomy for security alerts and incident investigations?
     A) Describe core infrastructure security services in Azure
     B) Describe data security solutions
     C) Introduction to Git
     D) Describe security and compliance concepts
     Answer: A

120. Which tool in Azure centralizes the correlation of alerts to facilitate threat hunting?
     A) Azure Sentinel
     B) Azure Security Center
     C) Azure Policy
     D) Azure Monitor
     Answer: A

Section 4: Microsoft Purview Modules (Questions 121–140)

121. Which module elaborates on data governance capabilities within Purview?
     A) Describe the data governance solutions of Microsoft Purview
     B) Describe the data compliance solutions of Purview
     C) Describe the data security solutions of Purview
     D) Describe Microsoft Service Trust portal
     Answer: A

122. What capability in Purview enables classification and cataloging of data assets?
     A) Data catalog
     B) Data lake
     C) Data warehouse
     D) Data virtualization
     Answer: A

123. Which Purview feature ensures adherence to data protection regulations by enforcing policies?
     A) Data compliance solutions
     B) Data encryption at rest
     C) Data replication
     D) Data backup
     Answer: A

124. Which module focuses on data compliance frameworks and labeling?
     A) Describe the data compliance solutions of Microsoft Purview
     B) Describe identity concepts
     C) Describe security and compliance concepts
     D) Introduction to GitHub
     Answer: A

125. What mechanism in Purview applies sensitivity labels to data at creation time?
     A) Automatic classification
     B) Manual tagging
     C) Data masking
     D) Data sharding
     Answer: A

126. Which Purview component encrypts data in transit and at rest?
     A) Data security solutions
     B) Data catalog
     C) Data classification
     D) Data lineage
     Answer: A

127. Which module delineates advanced encryption and access control patterns in Purview?
     A) Describe the data security solutions of Microsoft Purview
     B) Describe data compliance solutions
     C) Describe data governance solutions
     D) Describe Microsoft Priva capabilities
     Answer: A

128. What feature in Purview signals unauthorized access attempts on sensitive data?
     A) Access monitoring
     B) Snapshot backups
     C) Data replication pipelines
     D) Query acceleration
     Answer: A

129. Which Microsoft Learn badge is awarded upon completing the Purview governance module?
     A) Describe the data governance solutions of Microsoft Purview
     B) Describe security management capabilities in Azure
     C) Introduction to Git
     D) Describe cost management in Azure
     Answer: A

130. Which process in Purview ensures metadata lineage and provenance tracking?
     A) Data lineage
     B) Data catalog
     C) Data encryption
     D) Data masking
     Answer: A

131. Which module remains fully completed on April 24 and concerns Purview compliance?
     A) Describe the data compliance solutions of Microsoft Purview
     B) Describe cost management in Azure
     C) Describe identity concepts
     D) Describe governance and compliance
     Answer: A

132. Which report provides insights into classification coverage and policy enforcement?
     A) Compliance report
     B) Audit log
     C) Access review
     D) Cost analysis
     Answer: A

133. Which functionality automates remediation of noncompliant data assets?
     A) Policy enforcement rules
     B) Manual intervention
     C) Lifecycle policies
     D) Data archival
     Answer: A

134. Which module addresses the facets of data security within Purview?
     A) Describe the data security solutions of Microsoft Purview
     B) Describe data governance solutions
     C) Introduction to GitHub
     D) Describe identity concepts
     Answer: A

135. What method secures data at rest in Purview?
     A) Encryption with customer-managed keys
     B) Third-party encryption
     C) Data sharding
     D) File-level compression
     Answer: A

136. Which mechanism logs all data access events for forensic analysis?
     A) Activity logs
     B) Performance metrics
     C) Usage dashboards
     D) Cost Explorer
     Answer: A

137. Which advanced classification technique in Purview employs machine learning?
     A) Sensitive data discovery
     B) Manual tagging
     C) Data profiling
     D) Data visualization
     Answer: A

138. Which prerequisite is essential for applying retention policies in Purview?
     A) Data classification
     B) Virtual network integration
     C) API management
     D) Azure AD Premium subscription
     Answer: D

139. Which concept ensures end-to-end traceability of data transformations?
     A) Data lineage
     B) Data encryption
     C) Data replication
     D) Data caching
     Answer: A

140. Which feature in Purview provides a unified map of data estate and its relationships?
     A) Data map
     B) Data vault
     C) Data lake
     D) Data warehouse
     Answer: A

Section 5: Microsoft Service Trust Portal & Privacy (Questions 141–150)

141. Which module expounds on Microsoft’s trust portal and privacy assurances?
     A) Describe Microsoft’s Service Trust portal and privacy capabilities
     B) Describe identity concepts
     C) Describe Purview governance
     D) Describe cost management in Azure
     Answer: A

142. What resource provides access to Microsoft compliance documentation and audit reports?
     A) Service Trust portal
     B) Azure Portal
     C) Microsoft Learn
     D) Compliance Manager
     Answer: A

143. Which certification demonstrates adherence to ISO/IEC 27001 standards?
     A) ISO/IEC 27001
     B) SOC 2
     C) HIPAA
     D) PCI DSS
     Answer: A

144. Which feature allows customers to review Microsoft’s audit reports for their regional datacenters?
     A) Trust Center
     B) Azure Monitor
     C) Azure Policy
     D) Compliance Score
     Answer: A

145. Which compliance offering in the portal provides continuous monitoring of regulatory requirements?
     A) Compliance Manager
     B) Azure Defender
     C) Azure Sentinel
     D) Azure Advisor
     Answer: A

146. Which tool helps assess data residency obligations in the portal?
     A) Data residency map
     B) Azure Maps
     C) Azure Arc
     D) Azure Advisor
     Answer: A

147. What privacy capability ensures customers can manage data subject requests under GDPR?
     A) Data Subject Request API
     B) Azure Data Factory
     C) Azure Logic Apps
     D) Azure Functions
     Answer: A

148. Which document delineates privacy practices and data handling policies at Microsoft?
     A) Privacy Statement
     B) SLA
     C) Whitepaper
     D) Case study
     Answer: A

149. Which section of the portal provides information on Microsoft’s adherence to regional regulations?
     A) Regulatory compliance section
     B) Pricing page
     C) Technical documentation
     D) Developer blog
     Answer: A

150. Which mechanism enables encryption key management within the Service Trust portal?
     A) Bring Your Own Key (BYOK)
     B) Azure Key Vault
     C) HSM cluster
     D) Soft keys
     Answer: A

Section 6: Azure Infrastructure & Security Modules (Questions 151–180)

151. Which module instructs on implementing threat protection using Defender for Office 365?
     A) Implement threat protection by using Microsoft Defender for Office 365
     B) Describe core infrastructure security services
     C) Describe security management capabilities
     D) Introduction to Git
     Answer: A

152. Which Defender feature analyzes email attachments for malicious content?
     A) Safe Attachments
     B) Safe Links
     C) Anti-phishing policies
     D) DLP policies
     Answer: A

153. Which Defender capability rewrites URLs in emails to prevent malicious links?
     A) Safe Links
     B) Safe Attachments
     C) Anti-spoofing
     D) Anti-malware
     Answer: A

154. Which policy in Defender thwarts impersonation attempts?
     A) Anti-phishing
     B) Anti-spam
     C) Safe Links
     D) Safe Attachments
     Answer: A

155. Which service provides zero-trust network segmentation using microsegmentation policies?
     A) Azure Firewall Manager
     B) Network Security Groups (NSGs)
     C) Azure Traffic Manager
     D) Azure DDoS Protection
     Answer: B

156. Which Azure service offers DDoS mitigation at scale?
     A) Azure DDoS Protection
     B) Azure Firewall
     C) Azure Sentinel
     D) Azure Security Center
     Answer: A

157. In core infrastructure security, what construct isolates Azure resources within a virtual network?
     A) Network Security Group
     B) Application Gateway
     C) Azure Firewall
     D) Azure Bastion
     Answer: A

158. Which module addresses foundational network security services in Azure?
     A) Describe core infrastructure security services in Azure
     B) Describe security management capabilities in Azure
     C) Describe identity concepts
     D) Describe data security solutions
     Answer: A

159. Which Azure feature inspects and filters traffic at the application layer?
     A) Azure Application Gateway WAF
     B) Network Security Group
     C) Azure VPN Gateway
     D) Azure Front Door
     Answer: A

160. Which service centralizes logs and security alerts across hybrid environments?
     A) Azure Sentinel
     B) Azure Monitor
     C) Azure Policy
     D) Azure Advisor
     Answer: A

161. Which module covers security management at the subscription and resource-group level?
     A) Describe security management capabilities in Azure
     B) Describe core infrastructure security services
     C) Describe identity concepts
     D) Describe Purview data security
     Answer: A

162. Which feature in Defender for Cloud enables just-in-time VM access to reduce exposure?
     A) JIT VM access
     B) NSG flow logs
     C) Azure Bastion
     D) PKI certificates
     Answer: A

163. Which offering delivers centralized management of security policies and configurations?
     A) Microsoft Defender for Cloud
     B) Azure Firewall Manager
     C) Azure Sentinel
     D) Azure Policy
     Answer: A

164. Which process continuously assesses security postures and recommends improvements?
     A) Secure Score
     B) Compliance Score
     C) Advisor recommendations
     D) Performance recommendations
     Answer: A

165. What is the principal purpose of Azure Blueprints?
     A) Provision governed environment templates
     B) Monitor resource performance
     C) Manage cost allocations
     D) Configure network routing
     Answer: A

166. Which service secures keys within a hardware-protected boundary?
     A) Azure Key Vault with HSM
     B) Azure Disk Encryption
     C) Azure Information Protection
     D) Azure Confidential Computing
     Answer: A

167. Which module remains partially completed regarding security management?
     A) Describe the security management capabilities in Azure
     B) Describe cost management in Azure
     C) Describe identity concepts
     D) Describe governance and compliance
     Answer: A

168. Which service enables establishment of private endpoints for PaaS resources?
     A) Azure Private Link
     B) Azure VPN Gateway
     C) Azure ExpressRoute
     D) Azure Bastion
     Answer: A

169. Which feature helps detect anomalous VM logins and privilege escalations?
     A) Azure Defender for Servers
     B) Azure Monitor Logs
     C) Azure Policy
     D) Azure Key Vault
     Answer: A

170. Which solution enforces file-level encryption for Azure Storage accounts?
     A) Azure Storage Service Encryption
     B) Azure Disk Encryption
     C) Azure Key Vault
     D) Azure Confidential Ledger
     Answer: A

171. Which feature provides centralized review and remediation of security alerts?
     A) Security alerts in Microsoft Defender for Cloud
     B) Azure Monitor metrics alerts
     C) Advisor alerts
     D) Activity log alerts
     Answer: A

172. Which module covers deployment of threat protection mechanisms in Exchange Online?
     A) Implement threat protection by using Microsoft Defender for Office 365
     B) Describe core infrastructure security services in Azure
     C) Describe security management capabilities in Azure
     D) Describe data security solutions
     Answer: A

173. Which tool automates patch management for Windows and Linux VMs?
     A) Azure Automation Update Management
     B) Azure Policy
     C) Azure Defender
     D) Azure Monitor
     Answer: A

174. Which service provides network virtual appliances marketplace integration?
     A) Azure Marketplace
     B) Azure Compute Gallery
     C) Azure Container Registry
     D) Azure Blueprints
     Answer: A

175. Which offering protects Kubernetes clusters from network intrusions?
     A) Azure Defender for Kubernetes
     B) Azure Security Center
     C) Azure Firewall
     D) Azure Policy
     Answer: A

176. Which capability enforces encrypted connections (HTTPS/TLS) at the application gateway?
     A) SSL termination
     B) End-to-end encryption
     C) TLS passthrough
     D) HTTP redirection
     Answer: A

177. Which service helps define compliance requirements for regulatory standards within Azure?
     A) Azure Policy
     B) Azure Blueprints
     C) Azure Security Center
     D) Azure Advisor
     Answer: A

178. Which module is partially completed at 20% and pertains to threat protection?
     A) Implement threat protection by using Microsoft Defender for Office 365
     B) Describe core infrastructure security services in Azure
     C) Describe security management capabilities
     D) Describe identity concepts
     Answer: A

179. Which feature automatically applies security updates to your VMs on a schedule?
     A) Automatic VM guest patching
     B) Azure AutoScale
     C) Azure Update Manager
     D) Azure Policy
     Answer: A

180. Which solution integrates security with DevOps pipelines to detect vulnerabilities early?
     A) Azure DevSecOps with GitHub Advanced Security
     B) Azure Monitor
     C) Azure Arc
     D) Azure Boot
     Answer: A

Section 7: Introduction to Git & GitHub (Questions 181–200)

181. Which module provides foundational knowledge of distributed version control?
     A) Introduction to Git
     B) Introduction to GitHub
     C) Describe identity concepts
     D) Describe Purview data governance
     Answer: A

182. Which command initializes a Git repository in a local directory?
     A) git init
     B) git clone
     C) git commit
     D) git status
     Answer: A

183. Which command stages modified files for commit?
     A) git add
     B) git commit
     C) git push
     D) git merge
     Answer: A

184. Which Git concept allows you to maintain diverging lines of development?
     A) Branching
     B) Tagging
     C) Forking
     D) Rebasing
     Answer: A

185. Which command submits committed changes to a remote repository?
     A) git push
     B) git pull
     C) git clone
     D) git fetch
     Answer: A

186. Which file typically contains ignore rules for untracked files?
     A) .gitignore
     B) README.md
     C) LICENSE
     D) .gitattributes
     Answer: A

187. Which GitHub feature enables collaborative pull requests and code reviews?
     A) Pull Requests
     B) Issues
     C) Actions
     D) Packages
     Answer: A

188. Which Git command merges changes from a feature branch into the current branch?
     A) git merge
     B) git rebase
     C) git cherry-pick
     D) git checkout
     Answer: A

189. Which GitHub functionality automates workflows triggered by repository events?
     A) GitHub Actions
     B) GitHub Pages
     C) GitHub Packages
     D) GitHub Issues
     Answer: A

190. Which Git concept refers to a lightweight, movable pointer to a commit?
     A) Tag
     B) Branch
     C) Commit
     D) Head
     Answer: A

191. Which command displays the commit history of the current branch?
     A) git log
     B) git diff
     C) git status
     D) git show
     Answer: A

192. Which Git file stores versioned content logs and metadata?
     A) .git directory
     B) index file
     C) commit object
     D) head file
     Answer: A

193. Which GitHub repository visibility allows only collaborators to view and contribute?
     A) Private
     B) Public
     C) Internal
     D) Organizational
     Answer: A

194. Which Git command fetches changes from a remote repository without merging?
     A) git fetch
     B) git pull
     C) git clone
     D) git sync
     Answer: A

195. Which Git operation reapplies commits on top of another base tip?
     A) git rebase
     B) git merge
     C) git cherry-pick
     D) git revert
     Answer: A

196. Which GitHub feature supports project management with boards and automation?
     A) GitHub Projects
     B) GitHub Wiki
     C) GitHub Actions
     D) GitHub Codespaces
     Answer: A

197. Which command creates a new branch and switches to it immediately?
     A) git checkout -b
     B) git branch -m
     C) git switch -c
     D) git init
     Answer: A

198. Which protocol can be used for secure communication between Git client and server?
     A) SSH
     B) HTTP
     C) FTP
     D) Telnet
     Answer: A

199. Which command reverts a repository to a previous commit, preserving changes in the working directory?
     A) git reset --soft
     B) git revert
     C) git reset --hard
     D) git checkout
     Answer: A

200. Which GitHub feature allows hosting static websites directly from a repository?
     A) GitHub Pages
     B) GitHub Actions
     C) GitHub Packages
     D) GitHub Codespaces
     Answer: A