Ask Question
Microsoft SC-900 Practice Test - Questions Answers, Page 5
List of questions
Question 41
Which Azure Active Directory (Azure AD) feature can you use to provide just-in-time (JIT) access to manage Azure resources?
conditional access policies
Azure AD Identity Protection
Azure AD Privileged Identity Management (PIM)
authentication method policies
Explanation:
Azure AD Privileged Identity Management (PIM) provides just-in-time privileged access to Azure AD and Azure resources
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
Question 42
Which three authentication methods can be used by Azure Multi-Factor Authentication (MFA)? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
text message (SMS)
Microsoft Authenticator app
email verification
phone call
security question
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
Question 43
What should you use in the Microsoft 365 Defender portal to view security trends and track the protection status of identities?
Attack simulator
Reports
Hunting
Incidents
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-worldwide
Question 44
What are two capabilities of Microsoft Defender for Endpoint? Each correct selection presents a complete solution.
NOTE: Each correct selection is worth one point.
automated investigation and remediation
transport encryption
shadow IT detection
attack surface reduction
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide
Question 45
Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Display policy tips to users who are about to violate your organization’s policies.
Enable disk encryption on endpoints.
Protect documents in Microsoft OneDrive that contain sensitive information.
Apply security baselines to devices.
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide
Question 46
Which Microsoft 365 compliance feature can you use to encrypt content automatically based on specific conditions?
Content Search
sensitivity labels
retention policies
eDiscovery
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/information-protection?view=o365-worldwide
Question 47
What is a use case for implementing information barrier policies in Microsoft 365?
to restrict unauthenticated access to Microsoft 365
to restrict Microsoft Teams chats between certain groups within an organization
to restrict Microsoft Exchange Online email between certain groups within an organization
to restrict data sharing to external email recipients
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide
Question 48
What can you use to provision Azure resources across multiple subscriptions in a consistent manner?
Azure Defender
Azure Blueprints
Azure Sentinel
Azure Policy
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/governance/blueprints/overview
Question 49
Which Microsoft 365 compliance center feature can you use to identify all the documents on a Microsoft SharePoint Online site that contain a specific key word?
Audit
Compliance Manager
Content Search
Alerts
Explanation:
The Content Search tool in the Security & Compliance Center can be used to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. The first step is to starting using the Content Search tool to choose content locations to search and configure a keyword query to search for specific items.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-for-content?view=o365-worldwide
Question 50
DRAG DROP
Match the Azure networking service to the appropriate description.
To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.
Explanation:
Box 1: Azure Firewall
Azure Firewall provide Source Network Address Translation and Destination Network Address Translation.
Box 2: Azure Bastion
Azure Bastion provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS.
Box 3: Network security group (NSG)
You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network.
Reference:
https://docs.microsoft.com/en-us/azure/networking/fundamentals/networking-overview
https://docs.microsoft.com/en-us/azure/bastion/bastion-overview
https://docs.microsoft.com/en-us/azure/firewall/features
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
.png)
Question