Microsoft SC-100 Practice Test - Questions Answers, Page 13

You have an Azure AD tenant that syncs with an Active Directory Domain Services {AD DS) domain.

Client computers run Windows and are hybrid-joined to Azure AD.

You are designing a strategy to protect endpoints against ransomware. The strategy follows Microsoft Security Best Practices. You plan to remove all the domain accounts from the Administrators group on the Windows computers.

You need to recommend a solution that will provide users with administrative access to the Windows computers only when access is required. The solution must minimize the lateral movement of ransomware attacks if an administrator account on a computer is compromised.

What should you include in the recommendation?

You have a Microsoft 365 subscription that syncs with Active Directory Domain Services (AD DS).

You need to define the recovery steps for a ransomware attack that encrypted data in the subscription The solution must follow Microsoft Security Best Practices. What is the first step in the recovery plan?

You have an Azure AD tenant that syncs with an Active Directory Domain Services (AD DS) domain.

You have an on-premises datacenter that contains 100 servers. The servers run Windows Server and are backed up by using Microsoft Azure Backup Server (MABS). You are designing a recovery solution for ransomware attacks. The solution follows Microsoft Security Best Practices. You need to ensure that a compromised administrator account cannot be used to delete the backups

What should you do?

You have a Microsoft 365 subscription.

You are designing a user access solution that follows the Zero Trust principles of the Microsoft Cybersecurity Reference Architectures (MCRA). You need to recommend a solution that automatically restricts access to Microsoft Exchange Online.

SharePoint Online, and Teams m near-real-lime (NRT) in response to the following Azure AD events:

• A user account is disabled or deleted

• The password of a user is changed or reset.

• All the refresh tokens for a user are revoked

• Multi-factor authentication (MFA) is enabled for a user

Which two features should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

HOTSPOT

You are planning the security levels for a security access strategy.

You need to identify which job roles to configure at which security levels. The solution must meet security best practices of the Microsoft Cybersecurity Reference Architectures (MCRA). Which security level should you configure for each job role? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Your company plans to evaluate the security of its Azure environment based on the principles of the Microsoft Cloud Adoption Framework for Azure. You need to recommend a cloud-based service to evaluate whether the Azure resources comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). What should you recommend?

Your company uses Azure Pipelines and Azure Repos to implement continuous integration and continuous deployment (CI/CD) workflows for the deployment of applications to Azure. You are updating the deployment process to align with DevSecOps controls guidance in the Microsoft Cloud Adoption Framework for Azure. You need to recommend a solution to ensure that all code changes are submitted by using pull requests before being deployed by the CI/CD workflow. What should you include in the recommendation?

Your company wants to optimize using Microsoft Defender for Endpoint to protect its resources against ransomware based on Microsoft Security Best Practices. You need to prepare a post-breach response plan for compromised computers based on the Microsoft Detection and Response Team (DART) approach in Microsoft Security Best Practices. What should you include in the response plan?

HOTSPOT

For a Microsoft cloud environment, you are designing a security architecture based on the Microsoft Cybersecurity Reference Architectures (MCRA). You need to protect against the following external threats of an attack chain:

• An attacker attempts to exfiltrate data to external websites.

• An attacker attempts lateral movement across domain-joined computers.

What should you include in the recommendation for each threat? To answer, select the appropriate options in the answer area.