Home / Microsoft / SC-100 / List of questions

Ask Question

Microsoft SC-100 Practice Test - Questions Answers, Page 5

Add to Whishlist

List of questions

Question 41

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have an Amazon Web Services (AWS) implementation. You plan to extend the Azure security strategy to the AWS implementation. The solution will NOT use Azure Arc. Which three services can you use to provide security for the AWS resources? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

Azure Active Directory (Azure AD) Conditional Access

Microsoft Defender for servers

Azure Policy

Microsoft Defender for Containers

Show Answer Comment (0)

Question 42

You have an on-premises network that has several legacy applications. The applications perform LDAP queries against an existing directory service. You are migrating the on-premises infrastructure to a cloud-only infrastructure. You need to recommend an identity solution for the infrastructure that supports the legacy applications. The solution must minimize the administrative effort to maintain the infrastructure. Which identity service should you include in the recommendation?

Azure Active Directory Domain Services (Azure AD DS)

Azure Active Directory (Azure AD) B2C

Azure Active Directory (Azure AD)

Active Directory Domain Services (AD DS)

Show Answer Comment (0)

Question 43

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report. In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.

You need to recommend configurations to increase the score of the Secure management ports controls. Solution: You recommend enabling adaptive network hardening. Does this meet the goal?

Yes

Show Answer Comment (0)

Suggested answer: B

Explanation:

asked 05/10/2024

abdelhafid houssa

46 questions

Question 44

You need to recommend configurations to increase the score of the Secure management ports controls. Solution: You recommend onboarding all virtual machines to Microsoft Defender for Endpoint.

Does this meet the goal?

Yes

Show Answer Comment (0)

Suggested answer: B

Explanation:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls

asked 05/10/2024

Dan Yann

54 questions

Question 45

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend configuring gateway-required virtual network integration.

Does this meet the goal?

Yes

Show Answer Comment (0)

Suggested answer: B

Explanation:

https://docs.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#restrict-access-to-a- specific-azure-front-door-instance

asked 05/10/2024

Tim Baas

36 questions

Question 46

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend access restrictions to allow traffic from the backend IP address of the Front Door instance. Does this meet the goal?

Yes

Show Answer Comment (0)

Suggested answer: B

asked 05/10/2024

Serhan Azdiken

40 questions

Question 47

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend access restrictions that allow traffic from the Front Door service tags.

Does this meet the goal?

Yes

Show Answer Comment (0)

Question 48

You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL). You need to recommend a security standard for onboarding applications to Azure. The standard will include recommendations for application design, development, and deployment What should you include during the application design phase?

static application security testing (SAST) by using SonarQube

dynamic application security testing (DAST) by using Veracode

threat modeling by using the Microsoft Threat Modeling Tool

software decomposition by using Microsoft Visual Studio Enterprise

Show Answer Comment (0)

Question 49

Your company is developing a new Azure App Service web app. You are providing design assistance to verify the security of the web app. You need to recommend a solution to test the web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection. What should you include in the recommendation?

interactive application security testing (IAST)

static application security testing (SAST)

runtime application se/f-protection (RASP)

dynamic application security testing (DAST)

Show Answer Comment (0)

Question 50

Your company plans to deploy several Azure App Service web apps. The web apps will be deployed to the West Europe Azure region. The web apps will be accessed only by customers in Europe and the United States. You need to recommend a solution to prevent malicious bots from scanning the web apps for vulnerabilities. The solution must minimize the attach surface. What should you include in the recommendation?

Azure Firewall Premium

Azure Application Gateway Web Application Firewall (WAF)

network security groups (NSGs)

Azure Traffic Manager and application security groups

Show Answer Comment (0)

Question

Case Study

Question 41 (0)

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have an Amazon Web Services (AWS) implementation. You plan to extend the Azure security strategy to the AWS implemen

Question 42 (0)

You have an on-premises network that has several legacy applications. The applications perform LDAP queries against an existing directory service. You are migrating the on-premises infrastructure to

Question 43 (0)

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report. In the Secure management ports controls, you discover that yo

Question 44 (0)

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report. In the Secure management ports controls, you discover that yo

Question 45 (0)

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow

Question 46 (0)

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow

Question 47 (0)

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow

Question 48 (0)

You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL). You need to recommend a security standard for onboarding applications to Azu

Question 49 (0)

Your company is developing a new Azure App Service web app. You are providing design assistance to verify the security of the web app. You need to recommend a solution to test the web app for vulner

Question 50 (0)

Your company plans to deploy several Azure App Service web apps. The web apps will be deployed to the West Europe Azure region. The web apps will be accessed only by customers in Europe and the Unit

Related questions

You have legacy operational technology (OT) devices and loT devices. You need to recommend best practices for applying Zero Trust principles to the OT and loT devices based on the Microsoft Cybersecurity Reference Architectures (MCRA). The solution must minimize the risk of disrupting business operations. Which two security methodologies should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance. Solution: You recommend access restrictions based on HTTP headers that have the Front Door ID. Does this meet the goal?

Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit. You need to recommend a solution to isolate the compute components on an Azure virtual network. What should you include in the recommendation?

HOTSPOT Your network contains an on-premises Active Directory Domain Services (AO DS) domain. The domain contains a server that runs Windows Server and hosts shared folders The domain syncs with Azure AD by using Azure AD Connect Azure AD Connect has group writeback enabled. You have a Microsoft 365 subscription that uses Microsoft SharePoint Online. You have multiple project teams. Each team has an AD DS group that syncs with Azure AD Each group has permissions to a unique SharePoint Online site and a Windows Server shared folder for its project. Users routinely move between project teams. You need to recommend an Azure AD identity Governance solution that meets the following requirements: * Project managers must verify that their project group contains only the current members of their project team * The members of each project team must only have access to the resources of the project to which they are assigned * Users must be removed from a project group automatically if the project manager has MOT verified the group s membership for 30 days. * Administrative effort must be minimized. What should you include in the recommendation? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription. You are designing a solution to protect confidential data in Microsoft SharePoint Online sites that contain more than one million documents. You need to recommend a solution to prevent Personally Identifiable Information (Pll) from being shared. Which two components should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure subscription that has Microsoft Defender for Cloud enabled. Suspicious authentication activity alerts have been appearing in the Workload protections dashboard. You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort. What should you include in the recommendation?

You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos. You need to recommend a solution to ensure that the configuration of all the clusters remains consistent by using the manifest files stored in Azure Repos. What should you include in the recommendation?

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You need to enforce ISO 27001:2013 standards for new resources deployed to the subscription. The solution must ensure that noncompliant resources are automatically detected. What should you use?

You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1. You plan to migrate DB1 to Azure. You need to recommend an encrypted Azure database solution that meets the following requirements: * Minimizes the risks of malware that uses elevated privileges to access sensitive data * Prevents database administrators from accessing sensitive data * Enables pattern matching for server-side database operations * Supports Microsoft Azure Attestation * Uses hardware-based encryption What should you include in the recommendation?

Export

with questions and answers will be exported as:

VPLUS file

PDF file (Demo 30 questions)

Highest scored 'comment-votes'

Your question list is being generated. We'll email you once it’s ready.

If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].