MCQs on Security and Compliance | Azure Disk Storage
Enhance your knowledge with these 30 MCQs on Security and Compliance for Azure Disk Storage. Explore disk encryption options, Role-based Access Control (RBAC), and how to monitor and audit disk activities securely.
MCQs on Security and Compliance | Azure Disk Storage
Disk Encryption Options (Encryption-at-Rest, BitLocker)
- What does “encryption-at-rest” refer to in the context of Azure Disk Storage?
- a) Encryption applied when data is transmitted
- b) Encryption of data while stored on disk
- c) Encryption during user login
- d) Encryption for application-level data
- Which of the following is a disk encryption option provided by Azure for data at rest?
- a) BitLocker
- b) SSL/TLS
- c) AES-256
- d) RSA
- How does BitLocker protect data on Azure disks?
- a) By encrypting data in transit
- b) By encrypting the entire disk volume
- c) By preventing access to unauthorized users
- d) By compressing disk data
- What is the key benefit of using encryption-at-rest in Azure Disk Storage?
- a) It accelerates data processing
- b) It prevents unauthorized access to data while stored
- c) It improves application performance
- d) It reduces network traffic
- Which Azure service automatically encrypts disks by default?
- a) Azure Blob Storage
- b) Azure Virtual Machines (VMs)
- c) Azure Disk Storage
- d) Azure App Services
- What encryption standard does Azure use for disk encryption-at-rest?
- a) AES-128
- b) AES-256
- c) RSA
- d) SHA-256
- What is the purpose of Azure-managed keys in disk encryption?
- a) They help in reducing costs associated with encryption
- b) They automatically manage encryption keys for Azure services
- c) They offer higher encryption standards than customer-managed keys
- d) They are used to store backups of encrypted data
- In Azure Disk Storage, who has control over the encryption keys when using customer-managed keys?
- a) Azure administrators
- b) The disk owner or organization’s security team
- c) Microsoft
- d) The customer’s network team
- Which Azure feature enables encryption of disks using customer-managed keys?
- a) Azure Key Vault
- b) Azure Active Directory
- c) Azure Monitor
- d) Azure Security Center
- Which type of data is protected by BitLocker in Azure?
- a) Only application data
- b) Only operating system data
- c) All data on the disk, including operating system and user data
- d) Network traffic
Role-Based Access Control (RBAC) for Disks
- What is Role-Based Access Control (RBAC) in Azure used for?
- a) To assign network access to Azure services
- b) To manage access to Azure resources based on roles
- c) To configure encryption settings for disks
- d) To monitor disk usage and health
- Which of the following is a default RBAC role in Azure for managing disk resources?
- a) Contributor
- b) Virtual Machine User
- c) Storage Blob Data Owner
- d) Owner
- What type of Azure RBAC role allows a user to assign disk encryption policies?
- a) Owner
- b) Security Admin
- c) Contributor
- d) Reader
- Which Azure RBAC role provides permissions to view disk resources but not modify them?
- a) Contributor
- b) Reader
- c) Owner
- d) Storage Blob Data Contributor
- How can you use RBAC to enhance disk security in Azure?
- a) By assigning different roles to users based on the level of access needed
- b) By encrypting disks with stronger encryption algorithms
- c) By disabling public access to disks
- d) By increasing the storage capacity
- What is a key advantage of using RBAC for disk access management in Azure?
- a) It ensures encryption compliance for all users
- b) It limits the number of disks in use
- c) It allows fine-grained access control to disk resources
- d) It speeds up disk provisioning
- What is the role of the “Owner” in Azure RBAC with respect to disks?
- a) They can create and modify disks but cannot delete them
- b) They have full access to manage, assign, and configure disks
- c) They can only monitor disk performance
- d) They can assign roles to other users
- What happens when you assign the “Reader” RBAC role to a user for disk resources?
- a) They can edit disk settings
- b) They can view but not modify disk configurations
- c) They can deploy new disks
- d) They can delete disks
- In Azure RBAC, what does the “Contributor” role allow a user to do with disks?
- a) Only view disk configurations
- b) Create, modify, and delete disks but not manage access
- c) Assign roles to other users
- d) Encrypt disks using customer-managed keys
- Which of the following actions would require the “Owner” role in Azure RBAC?
- a) Viewing disk properties
- b) Encrypting disk data using BitLocker
- c) Assigning RBAC roles to other users for disk access
- d) Monitoring disk performance metrics
Disk Auditing and Monitoring
- What does Azure Disk Auditing provide for monitoring disk activity?
- a) Access to detailed logs of disk operations
- b) Automatic backup creation
- c) Real-time disk performance data
- d) Alerts for storage limits
- Which service in Azure helps you monitor disk performance and health?
- a) Azure Monitor
- b) Azure Security Center
- c) Azure Disk Analytics
- d) Azure Key Vault
- What can you track with Azure Disk Auditing?
- a) Disk usage trends over time
- b) Access and modification of disk resources
- c) Disk encryption keys
- d) Virtual Machine configurations
- How does Azure Security Center contribute to disk security?
- a) By providing a secure storage environment for all disks
- b) By auditing disk activity and suggesting security improvements
- c) By providing real-time encryption updates
- d) By increasing disk performance
- What type of activity does Azure Monitor primarily track regarding disks?
- a) Only disk encryption events
- b) CPU usage associated with disk activity
- c) Read/write operations, latency, and disk capacity
- d) User login history
- What is the role of Azure Activity Log in disk auditing?
- a) It tracks changes made to disk configurations and access
- b) It monitors disk health and performance
- c) It encrypts disks automatically
- d) It provides disk backup functionality
- Which Azure tool allows setting up alerts based on disk performance?
- a) Azure Resource Manager
- b) Azure Alerts
- c) Azure Activity Logs
- d) Azure Storage Explorer
- What type of alerts can you set up in Azure Monitor for disk resources?
- a) Alerts for cost overruns
- b) Alerts for disk health and performance issues
- c) Alerts for user access violations
- d) Alerts for network congestion
- Which of the following can you monitor using Azure Disk Analytics?
- a) Disk space usage
- b) User login activity
- c) Disk encryption status
- d) Resource provisioning times
- Why is auditing disk activity important in a cloud environment like Azure?
- a) To improve disk performance
- b) To ensure security and compliance with regulations
- c) To reduce the cost of storage
- d) To optimize virtual machine usage
Answer Key
| Qno | Answer |
|---|---|
| 1 | b) Encryption of data while stored on disk |
| 2 | a) BitLocker |
| 3 | b) By encrypting the entire disk volume |
| 4 | b) It prevents unauthorized access to data while stored |
| 5 | c) Azure Disk Storage |
| 6 | b) AES-256 |
| 7 | b) They automatically manage encryption keys for Azure services |
| 8 | b) The disk owner or organization’s security team |
| 9 | a) Azure Key Vault |
| 10 | c) All data on the disk, including operating system and user data |
| 11 | b) To manage access to Azure resources based on roles |
| 12 | a) Contributor |
| 13 | a) Owner |
| 14 | b) Reader |
| 15 | a) By assigning different roles to users based on the level of access needed |
| 16 | c) It allows fine-grained access control to disk resources |
| 17 | b) They have full access to manage, assign, and configure disks |
| 18 | b) They can view but not modify disk configurations |
| 19 | b) Create, modify, and delete disks but not manage access |
| 20 | c) Assigning roles to other users |
| 21 | a) Access to detailed logs of disk operations |
| 22 | a) Azure Monitor |
| 23 | b) Access and modification of disk resources |
| 24 | b) By auditing disk activity and suggesting security improvements |
| 25 | c) Read/write operations, latency, and disk capacity |
| 26 | a) It tracks changes made to disk configurations and access |
| 27 | b) Azure Alerts |
| 28 | b) Alerts for disk health and performance issues |
| 29 | a) Disk space usage |
| 30 | b) To ensure security and compliance with regulations |