ExamGecko
Login
Home / Microsoft / SC-100 / List of questions
Ask Question

Microsoft SC-100 Practice Test - Questions Answers, Page 10

Add to Whishlist

List of questions

Question 91

Report Export Collapse

Your on-premises network contains an e-commerce web app that was developed in Angular and Node.js. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

Microsoft SC-100 image Question 72 107683 10052024010833000000

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend implementing Azure Front Door with Azure Web Application Firewall (WAF). Does this meet the goal?

Become a Premium Member for full access
  Unlock Premium Member

Question 92

Report Export Collapse

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.

Which security control should you recommend?

Become a Premium Member for full access
  Unlock Premium Member

Question 93

Report Export Collapse

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription. All the on-premises servers in the perimeter network are prevented from connecting directly to the internet. The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

• Ensure that the security operations team can access the security logs and the operation logs.

• Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network. Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Become a Premium Member for full access
  Unlock Premium Member

Question 94

Report Export Collapse


Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

Microsoft SC-100 image Question 75 107686 10052024010833000000

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend implementing Azure Key Vault to store credentials.

Become a Premium Member for full access
  Unlock Premium Member

Question 95

Report Export Collapse

HOTSPOT

You open Microsoft Defender for Cloud as shown in the following exhibit.

Microsoft SC-100 image Question 76 107687 10052024010833000000

Use the drop-down menus to select the answer choice that complete each statements based on the information presented in the graphic. NOTE: Each correct selection is worth one point.


Become a Premium Member for full access
  Unlock Premium Member

Question 96

Report Export Collapse

HOTSPOT

You have a Microsoft 365 E5 subscription and an Azure subscripts You need to evaluate the existing environment to increase the overall security posture for the following components:

• Windows 11 devices managed by Microsoft Intune

• Azure Storage accounts

• Azure virtual machines

What should you use to evaluate the components? To answer, select the appropriate options in the answer area.


Become a Premium Member for full access
  Unlock Premium Member

Question 97

Report Export Collapse

HOTSPOT

Your company has an Azure App Service plan that is used to deploy containerized web apps. You are designing a secure DevOps strategy for deploying the web apps to the App Service plan. You need to recommend a strategy to integrate code scanning tools into a secure software development lifecycle.

The code must be scanned during the following two phases:

Uploading the code to repositories Building containers

Where should you integrate code scanning for each phase? To answer, select the appropriate options in the answer area.


Become a Premium Member for full access
  Unlock Premium Member

Question 98

Report Export Collapse

HOTSPOT

You are creating the security recommendations for an Azure App Service web app named App1.

App1 has the following specifications:

• Users will request access to App1 through the My Apps portal. A human resources manager will approve the requests.

• Users will authenticate by using Azure Active Directory (Azure AD) user accounts.

You need to recommend an access security architecture for App1.

What should you include in the recommendation? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.


Become a Premium Member for full access
  Unlock Premium Member

Question 99

Report Export Collapse

DRAG DROP

You have a Microsoft 365 subscription

You need to recommend a security solution to monitor the following activities:

• User accounts that were potentially compromised

• Users performing bulk file downloads from Microsoft SharePoint Online What should you include in the recommendation for each activity? To answer, drag the appropriate components to the correct activities. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each Correct selection is worth one Point.


Become a Premium Member for full access
  Unlock Premium Member

Question 100

Report Export Collapse

HOTSPOT

Your company uses Microsoft Defender for Cloud and Microsoft Sentinel. The company is designing an application that will have the architecture shown in the following exhibit.

Microsoft SC-100 image Question 81 107692 10052024010833000000

You are designing a logging and auditing solution for the proposed architecture. The solution must meet the following requirements-.

• Integrate Azure Web Application Firewall (WAF) logs with Microsoft Sentinel.

• Use Defender for Cloud to review alerts from the virtual machines.

What should you include in the solution? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.


Become a Premium Member for full access
  Unlock Premium Member
Total 200 questions
Go to page: of 20
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have legacy operational technology (OT) devices and loT devices. You need to recommend best practices for applying Zero Trust principles to the OT and loT devices based on the Microsoft Cybersecurity Reference Architectures (MCRA). The solution must minimize the risk of disrupting business operations. Which two security methodologies should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point
You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?
You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend access restrictions based on HTTP headers that have the Front Door ID. Does this meet the goal?
Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit. You need to recommend a solution to isolate the compute components on an Azure virtual network. What should you include in the recommendation?
HOTSPOT Your network contains an on-premises Active Directory Domain Services (AO DS) domain. The domain contains a server that runs Windows Server and hosts shared folders The domain syncs with Azure AD by using Azure AD Connect Azure AD Connect has group writeback enabled. You have a Microsoft 365 subscription that uses Microsoft SharePoint Online. You have multiple project teams. Each team has an AD DS group that syncs with Azure AD Each group has permissions to a unique SharePoint Online site and a Windows Server shared folder for its project. Users routinely move between project teams. You need to recommend an Azure AD identity Governance solution that meets the following requirements: * Project managers must verify that their project group contains only the current members of their project team * The members of each project team must only have access to the resources of the project to which they are assigned * Users must be removed from a project group automatically if the project manager has MOT verified the group s membership for 30 days. * Administrative effort must be minimized. What should you include in the recommendation? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription. You are designing a solution to protect confidential data in Microsoft SharePoint Online sites that contain more than one million documents. You need to recommend a solution to prevent Personally Identifiable Information (Pll) from being shared. Which two components should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
You have an Azure subscription that has Microsoft Defender for Cloud enabled. Suspicious authentication activity alerts have been appearing in the Workload protections dashboard. You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort. What should you include in the recommendation?
You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos. You need to recommend a solution to ensure that the configuration of all the clusters remains consistent by using the manifest files stored in Azure Repos. What should you include in the recommendation?
You have an Azure subscription that has Microsoft Defender for Cloud enabled. You need to enforce ISO 27001:2013 standards for new resources deployed to the subscription. The solution must ensure that noncompliant resources are automatically detected. What should you use?
You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1. You plan to migrate DB1 to Azure. You need to recommend an encrypted Azure database solution that meets the following requirements: * Minimizes the risks of malware that uses elevated privileges to access sensitive data * Prevents database administrators from accessing sensitive data * Enables pattern matching for server-side database operations * Supports Microsoft Azure Attestation * Uses hardware-based encryption What should you include in the recommendation?