Microsoft SC-100 Microsoft Cybersecurity Architect Exam Practice Test

Page: 1 / 14
Total 171 questions
Question 1

You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1 and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by using Microsoft Intune.

You are designing a privileged access strategy based on the rapid modernization plan (RaMP). The strategy will include the following configurations:

* Each user in Group1 will be assigned a Windows 11 device that will be configured as a privileged access device.

* The Security Administrator role will be mapped to the privileged access security level.

* The users in Group1 will be assigned the Security Administrator role.

* The users in Group2 will manage the privileged access devices.

You need to configure the local Administrators group for each privileged access device. The solution must follow the principle of least privilege.

What should you include in the solution?



Answer : C

Question 2

You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server and 50 virtual machines that run Linux. You need to perform vulnerability assessments on the virtual machines. The solution must meet the following requirements:

* Identify missing updates and insecure configurations.

* Use the Qualys engine.

What should you use?



Answer : A

Question 3

You have an Azure subscription. The subscription contains 100 virtual machines that run Windows Server. The virtual machines are managed by using Azure Policy and Microsoft Defender for Servers.

You need to enhance security on the virtual machines. The solution must meet the following requirements:

* Ensure that only apps on an allowlist can be run.

* Require administrators to confirm each app added to the allowlist.

* Automatically add unauthorized apps to a blocklist when an attempt is made to launch the app.

* Require administrators to approve an app before the app can be moved from the blocklist to the allowlist.

What should you include in the solution?



Answer : C

Question 4

You have legacy operational technology (OT) devices and loT devices.

You need to recommend best practices for applying Zero Trust principles to the OT and loT devices based on the Microsoft Cybersecurity Reference Architectures (MCRA). The solution must minimize the risk of disrupting business operations.

Which two security methodologies should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point



Answer : C, D

Question 5

You design cloud-based software as a service (SaaS) solutions.

You need to recommend ransomware attacks. The solution must follow Microsoft Security Best Practices.

What should you recommend doing first?



Answer : C

Question 6

You have a Microsoft 365 subscription.

You are designing a user access solution that follows the Zero Trust principles of the Microsoft Cybersecurity Reference Architectures (MCRA).

You need to recommend a solution that automatically restricts access to Microsoft Exchange Online. SharePoint Online, and Teams m near-real-lime (NRT) in response to the following Azure AD events:

* A user account is disabled or deleted

* The password of a user is changed or reset.

* All the refresh tokens for a user are revoked

* Multi-factor authentication (MFA) is enabled for a user

Which two features should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.



Answer : A, D

Question 7

You have an Azure AD tenant that syncs with an Active Directory Domain Services (AD DS) domain.

You have an on-premises datacenter that contains 100 servers. The servers run Windows Server and are backed up by using Microsoft Azure Backup Server (MABS).

You are designing a recovery solution for ransomware attacks. The solution follows Microsoft Security Best Practices.

You need to ensure that a compromised administrator account cannot be used to delete the backups

What should you do?



Answer : B

Page:    1 / 14   
Total 171 questions