Microsoft SC-100 Practice Test - Questions Answers, Page 9

A customer uses Azure to develop a mobile app that will be consumed by external users as shown in the following exhibit.

You need to design an identity strategy for the app. The solution must meet the following requirements:

• Enable the usage of external IDs such as Google, Facebook, and Microsoft accounts.

• Be managed separately from the identity store of the customer.

• Support fully customizable branding for each app.

Which service should you recommend to complete the design?

A customer has a Microsoft 365 E5 subscription and an Azure subscription.

The customer wants to centrally manage security incidents, analyze log, audit activity, and search for potential threats across all deployed services. You need to recommend a solution for the customer. The solution must minimize costs.

What should you include in the recommendation?

You have an Azure subscription that is used as an Azure landing zone for an application. You need to evaluate the security posture of all the workloads in the landing zone. What should you do first?

Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit.

You need to recommend a solution to isolate the compute components on an Azure virtual network.

What should you include in the recommendation?

You have a Microsoft 365 E5 subscription.

You are designing a solution to protect confidential data in Microsoft SharePoint Online sites that contain more than one million documents. You need to recommend a solution to prevent Personally Identifiable Information (Pll) from being shared. Which two components should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Your company has an on-premises network, an Azure subscription, and a Microsoft 365 E5 subscription. The company uses the following devices:

• Computers that run either Windows 10 or Windows 11

• Tablets and phones that run either Android or iOS

You need to recommend a solution to classify and encrypt sensitive Microsoft Office 365 data regardless of where the data is stored. What should you include in the recommendation?

Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend creating private endpoints for the web app and the database layer. Does this meet the goal?

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

You are evaluating the Azure Security Benchmark V3 report.

In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.

You need to recommend configurations to increase the score of the Secure management ports controls. Solution: You recommend enabling just-in-time (JIT) VM access on all virtual machines.

Does this meet the goal?