|
| 1 | +### YamlMime:ModuleUnit |
| 2 | +uid: learn.wwl.apply-governance-controls-ai-ready-workloads.knowledge-check |
| 3 | +title: "Module assessment" |
| 4 | +metadata: |
| 5 | + title: "Knowledge check" |
| 6 | + description: "Knowledge check" |
| 7 | + ms.date: 02/02/2026 |
| 8 | + author: wwlpublish |
| 9 | + ms.author: bradj |
| 10 | + ms.topic: unit |
| 11 | + module_assessment: true |
| 12 | +durationInMinutes: 6 |
| 13 | +content: "Choose the best response for each of the following questions." |
| 14 | +quiz: |
| 15 | + questions: |
| 16 | + - content: "Your data science team trained an Azure Machine Learning model using a dataset that Purview classified as **Internal Use Only**. After deployment, Purview's automated classification detects that the source dataset now contains customer email addresses, upgrading the classification to **Confidential - personal data**. What governance action should you take first?" |
| 17 | + choices: |
| 18 | + - content: "Review lineage in Purview to identify all models trained from this dataset, verify that deployed endpoints use private network access, and flag models for security review to confirm access controls match the upgraded sensitivity level." |
| 19 | + isCorrect: true |
| 20 | + explanation: "Purview lineage identifies affected models so you can validate that existing security controls (private endpoints, access policies) match the elevated sensitivity. Security review confirms whether current protections suffice or require enhancement before taking disruptive action." |
| 21 | + - content: "Immediately delete all models trained from this dataset and redeploy them after removing personal data from the training data, as any model exposure represents a compliance violation requiring immediate remediation." |
| 22 | + isCorrect: false |
| 23 | + explanation: "Immediate deletion disrupts production without assessing actual risk—existing controls mayovide adequate protection for the upgraded classification. Downgrading classification ignores the discovered personal data and creates compliance risk by misrepresenting the data's true sensitivity level." |
| 24 | + - content: "Change the Purview classification back to **Internal Use Only** since the model was trained before the personal data was discovered, maintaining the original classification to avoid disrupting production services." |
| 25 | + isCorrect: false |
| 26 | + explanation: "Immediate deletion disrupts production without assessing actual risk—existing controls mayovide adequate protection for the upgraded classification. Downgrading classification ignores the discovered personal data and creates compliance risk by misrepresenting the data's true sensitivity level." |
| 27 | + - content: "You need to deploy an Azure Policy that enforces encryption with customer-managed keys for all Azure Machine Learning workspaces. Development teams report this requirement slows their experimentation because provisioning Key Vault and keys adds 15-20 minutes to workspace setup. Which policy enforcement strategy balances governance requirements with developer productivity?" |
| 28 | + choices: |
| 29 | + - content: "Assign the policy with DeployIfNotExists effect at the management group level, configuring automatic Key Vault and key provisioning so encryption is enforced transparently without manual developer configuration steps." |
| 30 | + isCorrect: false |
| 31 | + explanation: "DeployIfNotExists with automatic Key Vault provisioning still adds 15-20 minutes regardless of automation, and may create cost concerns with numerous test Key Vaults. Exemptions eliminate protection during development when data leaks often occur through experiment artifacts, creating unnecessary risk that staged enforcement avoids." |
| 32 | + - content: "Assign the policy with Audit effect to development subscriptions and Deny effect to production subscriptions, allowing developers to experiment freely while enforcing strict encryption controls before production deployment." |
| 33 | + isCorrect: true |
| 34 | + explanation: "Different policy effects for different environments balance security with productivity—Audit provides visibility in development without blocking work, while Deny enforces compliance in production where customer data risk is highest." |
| 35 | + - content: "Create a policy exemption for all development workspaces to eliminate the encryption requirement during experimentation, then require manual security review and encryption enablement before promoting workspaces to production." |
| 36 | + isCorrect: false |
| 37 | + explanation: "DeployIfNotExists with automatic Key Vault provisioning still adds 15-20 minutes regardless of automation, and may create cost concerns with numerous test Key Vaults. Exemptions eliminate protection during development when data leaks often occur through experiment artifacts, creating unnecessary risk that staged enforcement avoids." |
| 38 | + - content: "Your compliance team asks for a report showing which customer records influenced predictions made by your fraud detection model during August 2024. You need to provide this audit trail within 48 hours. Which Microsoft Purview capability enables you to meet this requirement efficiently?" |
| 39 | + choices: |
| 40 | + - content: "Use Purview's data lineage viewer to trace the model's inference endpoint back through registered model versions to the specific training dataset version used during August retraining, then query that dataset's lineage to identify source customer records." |
| 41 | + isCorrect: true |
| 42 | + explanation: "Purview lineage automatically captures version-specific relationships between inference endpoints, models, training datasets, and source records, letting you trace backwards from predictions to input data within minutes rather than days." |
| 43 | + - content: "Generate a Purview Data Catalog export showing all assets classified as **Confidential - Customer Data** and manually filter by creation dates in August, assuming these represent the records used for model training that month." |
| 44 | + isCorrect: false |
| 45 | + explanation: "Catalog exports show asset inventory but not data flow relationships, requiring manual correlation that takes days and introduces human error. Audit logs capture execution events but not data lineage—knowing a training job ran doesn't reveal which specific records it consumed without querying lineage metadata." |
| 46 | + - content: "Configure Purview audit logs to track all Azure Machine Learning training job executions during August, then contact data scientists to manually document which customer records they included in training datasets for that period." |
| 47 | + isCorrect: false |
| 48 | + explanation: "Catalog exports show asset inventory but not data flow relationships, requiring manual correlation that takes days and introduces human error. Audit logs capture execution events but not data lineage—knowing a training job ran doesn't reveal which specific records it consumed without querying lineage metadata." |
0 commit comments