You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
summary: Azure Health Bot enables users to build a health bot by using built-in scenarios or custom ones. The information that each instance of the Health Bot service handles is privacy protected to HIPAA standards. It also meets Microsoft's high standards for privacy and security.
summary: In the previous module, you created a basic informative bot without any interrupting or breaking scenario involved. This module shows you how to enhance the bot with advanced functionalities.
summary: In the previous module, you integrated a bot with a database hosted on Azure. This module shows you how to make the bot available on Teams and build a basic app.
summary: The Health Bot service is a cloud platform that empowers developers in healthcare organizations to build and deploy compliant, AI-powered virtual health assistants and health bots that help them improve processes and reduce costs.
summary: Azure Health Bot supports many built-in scenarios. Examples include triaging a medical condition, finding information about a disease or types of drugs, and getting user consent.
title: Create intelligent health bots with Azure Health Bot
5541
+
summary: Azure Health Bot enables users to build a health bot by using built-in or custom scenarios. The information that each instance of the Health Bot service handles is privacy protected to HIPAA standards. It also meets Microsoft's high standards for privacy and security. The modules in this Learning path guide you through the creation of both a basic and enhanced health bot. You'll learn about language understanding and how to use both built-in and template scenarios.
summary: This module starts with a basic informative bot that has no interrupting or breaking scenario involved. It shows you how to enhance the bot with more advanced functionalities.
Copy file name to clipboardExpand all lines: learn-pr/advocates/top-5-security-items-to-consider/3-inputs-and-outputs.yml
+27-27Lines changed: 27 additions & 27 deletions
Original file line number
Diff line number
Diff line change
@@ -5,8 +5,8 @@ metadata:
5
5
title: Inputs and Outputs
6
6
description: Inputs and Outputs
7
7
author: patridge
8
-
ms.author: adpatrid
9
-
ms.date: 05/26/2023
8
+
ms.author: robmcm
9
+
ms.date: 03/14/2025
10
10
ms.topic: unit
11
11
durationInMinutes: 10
12
12
content: |
@@ -15,44 +15,44 @@ quiz:
15
15
title: Check your knowledge
16
16
questions:
17
17
18
-
- content: 'Which of the following data sources need to be validated?'
18
+
- content: "Which of the following data sources need to be validated?"
19
19
choices:
20
-
- content: 'Data from a 3rd party API'
20
+
- content: "Data from a third-party API"
21
21
isCorrect: false
22
-
explanation: 'This is just one of many sources that needs to be validated.'
23
-
- content: 'Data from the URL parameter'
22
+
explanation: "This is just one of many sources that needs to be validated."
23
+
- content: "Data from the URL parameter"
24
24
isCorrect: false
25
-
explanation: 'This is just one of many sources that needs to be validated'
26
-
- content: 'Data collected from the user via an input field'
25
+
explanation: "This is just one of many sources that needs to be validated."
26
+
- content: "Data collected from the user via an input field"
27
27
isCorrect: false
28
-
explanation: 'This is just one of many sources that needs to be validated.'
29
-
- content: 'All of the above'
28
+
explanation: "This is just one of many sources that needs to be validated."
29
+
- content: "All of the above"
30
30
isCorrect: true
31
-
explanation: 'All these sources of data need to be validated. Never trust any data that could have been modified.'
31
+
explanation: "All these sources of data need to be validated. Never trust any data that could have been modified."
32
32
33
-
- content: 'Parameterized queries (stored procedures in SQL) are a secure way to talk to the database because:'
33
+
- content: "Parameterized queries (stored procedures in SQL) are a secure way to talk to the database because:"
34
34
choices:
35
-
- content: 'They're more organized than inline database commands, and therefore less confusing for users.'
35
+
- content: "They're more organized than inline database commands, and therefore less confusing for users."
36
36
isCorrect: false
37
-
explanation: 'Organization of the code is not the reason that parameterized queries are more secure than inline SQL.'
38
-
- content: 'There's a clear outline of the script in the stored procedure, ensuring better visibility.'
37
+
explanation: "Organization of the code isn't the reason that parameterized queries are more secure than inline SQL."
38
+
- content: "There's a clear outline of the script in the stored procedure, ensuring better visibility."
39
39
isCorrect: false
40
-
explanation: 'Clear outline of the script is not the reason that parameterized queries are more secure than inline SQL.'
41
-
- content: 'Parameterized queries substitute variables before running queries, meaning it avoids the opportunity for code to be submitted in place of a variable.'
40
+
explanation: "Clear outline of the script isn't the reason that parameterized queries are more secure than inline SQL."
41
+
- content: "Parameterized queries substitute variables before running queries, meaning it avoids the opportunity for code to be submitted in place of a variable."
42
42
isCorrect: true
43
-
explanation: 'Parameter fields used in parameterized queries are treated as data, not code, protecting against injection vulnerabilities. For more information on how to implement parameterized queries please see the [OWASP Query Parameterization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html).'
43
+
explanation: "Parameter fields used in parameterized queries are treated as data, not code, protecting against injection vulnerabilities. For more information on how to implement parameterized queries please see the [OWASP Query Parameterization Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html)."
44
44
45
-
- content: 'Which of the following data needs to be output encoded?'
45
+
- content: "Which of the following data needs to be output encoded?"
46
46
choices:
47
-
- content: 'Data saved to the database'
47
+
- content: "Data saved to the database"
48
48
isCorrect: false
49
-
explanation: 'Although data saved to the database needs to be validated to ensure the data is good, we don't need to encode it for output.'
50
-
- content: 'Data to be output to the screen'
49
+
explanation: "Although data saved to the database needs to be validated to ensure the data is good, we don't need to encode it for output."
50
+
- content: "Data to be output to the screen"
51
51
isCorrect: true
52
-
explanation: 'Data sent to the screen needs to be output encoded to ensure it's never interpreted as code.'
53
-
- content: 'Data sent to a 3rd party API'
52
+
explanation: "Data sent to the screen needs to be output encoded to ensure it's never interpreted as code."
53
+
- content: "Data sent to a third-party API"
54
54
isCorrect: false
55
-
explanation: 'Although data sent to a 3rd party API needs to be validated to ensure the data is good, we don't need to encode it for output.'
56
-
- content: 'Data in the URL parameters'
55
+
explanation: "Although data sent to a third-party API needs to be validated to ensure the data is good, we don't need to encode it for output."
56
+
- content: "Data in the URL parameters"
57
57
isCorrect: false
58
-
explanation: 'Although data from URL Parameters needs to be validated before it's used in our application, we don't need to encode it for output.'
58
+
explanation: "Although data from URL Parameters needs to be validated before it's used in our application, we don't need to encode it for output."
0 commit comments