Microsoft SC-100 Practice Test - Questions Answers, Page 18

HOTSPOT

You have an Azure subscription that contains a Microsoft Sentinel workspace named MSW1. MSW1 includes 50 scheduled analytics rules.

You need to design a security orchestration automated response (SOAR) solution by using Microsoft Sentinel playbooks. The solution must meet the following requirements:

* Ensure that expiration dates can be configured when a playbook runs.

* Minimize the administrative effort required to configure individual analytics rules.

What should you use to invoke the playbooks, and which type of Microsoft Sentinel trigger should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos.

You need to recommend a solution to ensure that the configuration of all the clusters remains consistent by using the manifest files stored in Azure Repos.

What should you include in the recommendation?

You have a Microsoft 365 tenant that contains 5,000 users and 5,000 Windows 11 devices. All users are assigned Microsoft 365 5 licenses and the Microsoft Defender Vulnerability Management add-on. The Windows 11 devices are managed by using Microsoft Intune and Microsoft Defender for Endpoint. The Windows 11 devices are configured during deployment to comply with Center for Internet Security (CIS) benchmarks for Windows 11.

You need to recommend a compliance solution for the Windows 11 devices. The solution must identify devices that were modified and no longer comply with the CIS benchmarks.

What should you include in the recommendation?

HOTSPOT

You have a Microsoft 365 tenant.

You need to recommend a Microsoft 365 Defender solution to enhance security for the tenant. The solution must meet the following requirements:

* Identify users that are downloading an unusually high number of files from Microsoft SharePoint Online sites and are possibly involved in a data exfiltration attempt.

* Block Microsoft Teams messages that contain potentially malicious content by using zero-hour auto purge (ZAP).

What should you recommend for each requirement? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.

HOTSPOT

You have three Microsoft Entra tenants named Tenant 1. Tenant2. and Tenant3.

You have three Azure subscriptions named Sub1, Sub2, and Sub3. Each tenant is associated with multiple Azure subscriptions.

Each subscription contains a single Microsoft Sentinel workspace as shown in the following table.

You need to recommend a solution that meets the following requirements:

* Ensures that the users in Tenant1 can manage the resources in Sub2 and Sub3 without having to switch subscriptions or sign in to a different tenant

* Implements multiple workspace view for Sentinel2 and Sentinel3

What should you use to delegate permissions, and which Microsoft Sentinel feature will users be able to manage in multiple workspace view? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure subscription

You plan to deploy multiple containerized microservice-based apps to Azure Kubemetes Service (AKS)

You need to recommend a solution that meets the following requirements:

* Manages secrets

* Provides encryption

* Secures service-to-service communication by using mTLS encryption

* Minimizes administrative effort

What should you include in the recommendation?