Quiz: Use MFA, blocking functions, and cross-service Security Rules

1. Which of the following is the best way to protect users' accounts from being compromised?

   SAML sign-in methods

   OpenID Connect (OIDC) sign-in methods

   Multi-Factor Authentication (MFA)

   Blocking functions

2. True or false? Your app should give users the option to remove a factor.

   True

   False

3. Blocking functions can be triggered in which of the following?

   Choose as many answers as you see fit.

   Before an account is created.

   After an account is created.

   Before a registration request reaches Authentication.

   Before a user signs in.

4. Firebase Security Rules provides which of the following?

   Role-based access control

   Attribute-based access control

   Mandatory access control

   Discretionary access control

5. Which of the following is true about custom claims?

   Choose as many answers as you see fit.

   They're limited in size.

   You should store all group memberships for a user in the custom claims.

   You can store global data, like the administrator roles, in custom claims.

   Blocking functions can add custom claims.

6. The Firebase Local Emulator Suite is ideally suited for which of the following?

   Choose as many answers as you see fit.

   A private instance of Firebase on your servers

   A fast development environment

   A powerful testing environment

   A shared private instance for an entire team

7. True or false? If Firebase App Check isn't enforced, an attacker can send network requests to Firebase servers—such as Authentication, Cloud Firestore, and Cloud Storage for Firebase—without your app.

   True

   False

8. True or false? If you work on the first production versions for a given app, you can enforce App Check immediately.

   True

   False

9. To fully allow App Check to protect your Firebase resources, you need to do which of the following?

   Choose as many answers as you see fit.

   Register your apps with attestation providers.

   Add the App Check SDK to your apps.

   Have automated tests set up for your security rules.

   Enforce App Check on your Firebase services.

10. If you see a spike in security-rules denials in Cloud Monitoring, it could mean which of the following?

    Choose as many answers as you see fit.

    Users are running an old version of the app.

    You introduced a bug that denies legitimate access to real users.

    Your rules are insecure.

    You have traffic from people who don't use your app.

error_outline An error occurred when grading the quiz. Please try again.