Home / Microsoft / SC-100 / List of questions

Ask Question

Microsoft SC-100 Practice Test - Questions Answers, Page 11

Add to Whishlist

List of questions

Question 101

HOTSPOT

Your company has a Microsoft 365 E5 subscription, an Azure subscription, on-premises applications, and Active Directory Domain Services (AD DSV You need to recommend an identity security strategy that meets the following requirements:

• Ensures that customers can use their Facebook credentials to authenticate to an Azure App Service website

• Ensures that partner companies can access Microsoft SharePoint Online sites for the project to which they are assigned The solution must minimize the need to deploy additional infrastructure components. What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 101 107693 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 101 107693 10052024010833000

Explanation:

Box 1 --> https://docs.microsoft.com/en-us/azure/active-directory-b2c/overview

Box 2 -- > https://docs.microsoft.com/en-us/azure/active-directory/external-identities/identity- providers

asked 05/10/2024

miquel martin leiva

40 questions

Question 102

DRAG DROP

Your company has Microsoft 365 E5 licenses and Azure subscriptions.

The company plans to automatically label sensitive data stored in the following locations:

• Microsoft SharePoint Online

• Microsoft Exchange Online

• Microsoft Teams

You need to recommend a strategy to identify and protect sensitive data.

Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 102 107694 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 102 107694 10052024010833000

Explanation:

Box 1: Groups and sites Box 2: Groups and sites Box 3: Files and emails – https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365- worldwide Go to label scopes

asked 05/10/2024

lakshmi govindu

47 questions

Question 103

HOTSPOT

Your company is migrating data to Azure. The data contains Personally Identifiable Information (Pll). The company plans to use Microsoft Information Protection for the Pll data store in Azure. You need to recommend a solution to discover Pll data at risk in the Azure resources. What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 103 107695 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 103 107695 10052024010833000

Explanation:

Box 1: Azure Purview -

Microsoft Purview is a unified data governance service that helps you manage and govern your on-premises, multi-cloud, and software-as-a-service (SaaS) data. Microsoft Purview allows you to:

Create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Enable data curators to manage and secure your data estate.

Empower data consumers to find valuable, trustworthy data.

Box 2: Microsoft Defender for Cloud

Microsoft Purview provides rich insights into the sensitivity of your data. This makes it valuable to security teams using Microsoft Defender for Cloud to manage the organization's security posture and protect against threats to their workloads. Data resources remain a popular target for malicious actors, making it crucial for security teams to identify, prioritize, and secure sensitive data resources across their cloud environments. The integration with Microsoft Purview expands visibility into the data layer, enabling security teams to prioritize resources that contain sensitive data. References:

https://docs.microsoft.com/en-us/azure/purview/overview

https://docs.microsoft.com/en-us/azure/purview/how-to-integrate-with-azure-security-products

asked 05/10/2024

Amin Dashti

56 questions

Question 104

HOTSPOT

Your company has a multi-cloud environment that contains a Microsoft 365 subscription, an Azure subscription, and Amazon Web Services (AWS) implementation. You need to recommend a security posture management solution for the following components:

• Azure loT Edge devices

• AWS EC2 instances

Which services should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 104 107696 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 104 107696 10052024010833000

Explanation:

https://docs.microsoft.com/en-us/azure/defender-for-iot/organizations/architecture

https://docs.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-aws?pivots=env- settings https://docs.microsoft.com/en-us/azure/azure-arc/servers/overview#supported-cloud-operations

asked 05/10/2024

Sumit Sengupta

46 questions

Question 105

Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.

The company signs a contract with the United States government.

You need to review the current subscription for NIST 800-53 compliance.

What should you do first?

From Azure Policy, assign a built-in initiative that has a scope of the subscription.

From Microsoft Sentinel, configure the Microsoft Defender for Cloud data connector.

From Defender for Cloud, review the Azure security baseline for audit report.

From Microsoft Defender for Cloud Apps, create an access policy for cloud applications.

Show Answer Comment (0)

Question 106

HOTSPOT

You are designing security for a runbook in an Azure Automation account. The runbook will copy data to Azure Data Lake Storage Gen2. You need to recommend a solution to secure the components of the copy process.

What should you include in the recommendation for each component? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 106 107698 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 106 107698 10052024010833000

Explanation:

Data Security : Access Keys stored in Azure Key Vault

Network access control : Azure Private Link with network service tags

asked 05/10/2024

57 Milecross Lane Jodie

43 questions

Question 107

HOTSPOT

You have a hybrid cloud infrastructure.

You plan to deploy the Azure applications shown in the following table.

Microsoft SC-100 image Question 88 107699 10052024010833000000

What should you use to meet the requirement of each app? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 107 107699 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 107 107699 10052024010833000

asked 05/10/2024

david buisan garcia

41 questions

Question 108

HOTSPOT

You are designing an auditing solution for Azure landing zones that will contain the following components:

• SQL audit logs for Azure SQL databases

• Windows Security logs from Azure virtual machines

• Azure App Service audit logs from App Service web apps

You need to recommend a centralized logging solution for the landing zones. The solution must meet the following requirements:

• Log all privileged access.

• Retain logs for at least 365 days.

• Minimize costs.

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 108 107700 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 108 107700 10052024010833000

asked 05/10/2024

SCOTTIE EASTER

47 questions

Question 109

HOTSPOT

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains a Microsoft Sentinel workspace. Microsoft Sentinel data connectors are configured for Microsoft 365, Microsoft 365 Defender, Defender for Cloud, and Azure. You plan to deploy Azure virtual machines that will run Windows Server.

You need to enable extended detection and response (EDR) and security orchestration, automation, and response (SOAR) capabilities for Microsoft Sentinel. How should you recommend enabling each capability? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Microsoft SC-100 image Question 109 107701 10052024010833000

Show Answer Comment (0)

Correct answer: Microsoft SC-100 image answer Question 109 107701 10052024010833000

Explanation:

https://docs.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks

https://docs.microsoft.com/en-us/microsoft-365/security/defender/eval-overview?view=o365-worldwide

asked 05/10/2024

Taheireem Shaikh

33 questions

Question 110

You are designing the encryption standards for data at rest for an Azure resource

You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly. Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses customer-managed keys (CMKs). Does this meet the goal?

Yes

Show Answer Comment (0)

Question

Case Study

Question 101 (0)

HOTSPOT Your company has a Microsoft 365 E5 subscription, an Azure subscription, on-premises applications, and Active Directory Domain Services (AD DSV You need to recommend an identity security st

Question 102 (0)

DRAG DROP Your company has Microsoft 365 E5 licenses and Azure subscriptions. The company plans to automatically label sensitive data stored in the following locations: • Microsoft SharePoint Onl

Question 103 (0)

HOTSPOT Your company is migrating data to Azure. The data contains Personally Identifiable Information (Pll). The company plans to use Microsoft Information Protection for the Pll data store in Azu

Question 104 (0)

HOTSPOT Your company has a multi-cloud environment that contains a Microsoft 365 subscription, an Azure subscription, and Amazon Web Services (AWS) implementation. You need to recommend a security

Question 105 (0)

Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud. The company signs a contract with the United States government. You need to review the c

Question 106 (0)

HOTSPOT You are designing security for a runbook in an Azure Automation account. The runbook will copy data to Azure Data Lake Storage Gen2. You need to recommend a solution to secure the component

Question 107 (0)

HOTSPOT You have a hybrid cloud infrastructure. You plan to deploy the Azure applications shown in the following table. What should you use to meet the requirement of each app? To answer, selec

Question 108 (0)

HOTSPOT You are designing an auditing solution for Azure landing zones that will contain the following components: • SQL audit logs for Azure SQL databases • Windows Security logs from Azure virt

Question 109 (0)

HOTSPOT You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains a Microsoft Sentinel wo

Question 110 (0)

You are designing the encryption standards for data at rest for an Azure resource You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solutio

Related questions

You have legacy operational technology (OT) devices and loT devices. You need to recommend best practices for applying Zero Trust principles to the OT and loT devices based on the Microsoft Cybersecurity Reference Architectures (MCRA). The solution must minimize the risk of disrupting business operations. Which two security methodologies should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend access restrictions based on HTTP headers that have the Front Door ID. Does this meet the goal?

Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit. You need to recommend a solution to isolate the compute components on an Azure virtual network. What should you include in the recommendation?

HOTSPOT Your network contains an on-premises Active Directory Domain Services (AO DS) domain. The domain contains a server that runs Windows Server and hosts shared folders The domain syncs with Azure AD by using Azure AD Connect Azure AD Connect has group writeback enabled. You have a Microsoft 365 subscription that uses Microsoft SharePoint Online. You have multiple project teams. Each team has an AD DS group that syncs with Azure AD Each group has permissions to a unique SharePoint Online site and a Windows Server shared folder for its project. Users routinely move between project teams. You need to recommend an Azure AD identity Governance solution that meets the following requirements: * Project managers must verify that their project group contains only the current members of their project team * The members of each project team must only have access to the resources of the project to which they are assigned * Users must be removed from a project group automatically if the project manager has MOT verified the group s membership for 30 days. * Administrative effort must be minimized. What should you include in the recommendation? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription. You are designing a solution to protect confidential data in Microsoft SharePoint Online sites that contain more than one million documents. You need to recommend a solution to prevent Personally Identifiable Information (Pll) from being shared. Which two components should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure subscription that has Microsoft Defender for Cloud enabled. Suspicious authentication activity alerts have been appearing in the Workload protections dashboard. You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort. What should you include in the recommendation?

You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos. You need to recommend a solution to ensure that the configuration of all the clusters remains consistent by using the manifest files stored in Azure Repos. What should you include in the recommendation?

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You need to enforce ISO 27001:2013 standards for new resources deployed to the subscription. The solution must ensure that noncompliant resources are automatically detected. What should you use?

You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1. You plan to migrate DB1 to Azure. You need to recommend an encrypted Azure database solution that meets the following requirements: * Minimizes the risks of malware that uses elevated privileges to access sensitive data * Prevents database administrators from accessing sensitive data * Enables pattern matching for server-side database operations * Supports Microsoft Azure Attestation * Uses hardware-based encryption What should you include in the recommendation?

Export

with questions and answers will be exported as:

VPLUS file

PDF file (Demo 30 questions)

Highest scored 'comment-votes'

Your question list is being generated. We'll email you once it’s ready.

If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].