Module assessment

1.

After discovering that an AI model endpoint was left publicly accessible, what's the first step the Contoso security team should take to begin assessing AI-related risks in Microsoft Defender for Cloud?

Enable the AI workloads plan to discover AI services and configurations across the environment.

Enable Defender for Storage to scan data repositories for malware.

Use Cloud Workload Protection (CWP) to detect runtime threats.

Create an automation rule in Microsoft Defender XDR to handle alerts.

2.

After enabling the AI workloads plan, the team reviews the Data & AI security dashboard and sees an exposed storage account linked to the AI model. Which Defender for Cloud feature should they use next to analyze and fix configuration issues?

Cloud Workload Protection (CWP)

Cloud Security Posture Management (CSPM)

Azure Policy

Microsoft Defender XDR

3.

While reviewing CSPM findings, the team wants to understand how exposed storage accounts and unsecured endpoints could be exploited together. Which Defender for Cloud capability provides this visualization?

AI closer look

Top issues panel

Attack path analysis

Cloud Security Explorer

4.

Later, Defender for Cloud detects suspicious behavior in the AI container and generates an alert for a possible prompt injection attempt. Which Defender for Cloud capability provides this detection?

Microsoft Purview

Cloud Workload Protection (CWP)

Cloud Security Posture Management (CSPM)

Data & AI security dashboard

5.

The alert is correlated with other activity and surfaces as an incident in Microsoft Defender XDR. The team wants to confirm what triggered the alert. Where can they view the captured portion of the suspicious prompt?

In Cloud Security Explorer

In Azure Policy

In the Data & AI security dashboard

In Microsoft Defender XDR under the Prompt Suspicious Segment field

Check your knowledge

Feedback