Microsoft Cybersecurity Architect SC-100 Exam Practice Test

Page: 1 / 14
Total 228 questions
Question 1

A customer follows the Zero Trust model and explicitly verifies each attempt to access its corporate applications.

The customer discovers that several endpoints are infected with malware.

The customer suspends access attempts from the infected endpoints.

The malware is removed from the end point.

Which two conditions must be met before endpoint users can access the corporate applications again? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.



Answer : C, D

https://www.microsoft.com/security/blog/2022/02/17/4-best-practices-to-implement-a-comprehensive-zero-trust-security-approach/

https://docs.microsoft.com/en-us/azure/active-directory/develop/refresh-tokens


Question 2

Your company has a Microsoft 365 E5 subscription.

Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The company identifies protected health information (PHI) within stored documents and communications. What should you recommend using to prevent the PHI from being shared outside the company?



Answer : C

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide


Question 3

Your company has on-premises datacenters in Seattle, Chicago, and New York City.

You plan to migrate the on-premises workloads to the East US Azure region.

You need to design a governance solution for the management group hierarchy. The solution must be based on Microsoft Cloud Adoption Framework for Azure principles and must ensure that the hierarchy aligns with the Azure landing conceptual architecture.

What should you use to identify which archetype-aligned management groups to create beneath the landing zones management group?



Answer : A


Question 4

Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit.

You need to recommend a solution to isolate the compute components on an Azure virtual network. What should you include in the recommendation?



Answer : B

App Service environments (ASEs) are appropriate for application workloads that require:

Very high scale,Isolation and secure network access,High memory utilization.This capability can host your:

Windows web apps,Linux web apps

Docker containers,Mobile apps

Functions

https://docs.microsoft.com/en-us/azure/app-service/environment/overview


Question 5

Your company has an on-premises network and an Azure subscription.

The company does NOT have a Site-to-Site VPN or an ExpressRoute connection to Azure.

You are designing the security standards for Azure App Service web apps. The web apps will access Microsoft SQL Server databases on the network.

You need to recommend security standards that will allow the web apps to access the databases. The solution must minimize the number of open internet-accessible endpoints to the on-premises network.

What should you include in the recommendation?



Answer : B

https://docs.microsoft.com/en-us/azure/app-service/app-service-hybrid-connections


Question 6

You have an Azure subscription.

You plan to deploy Azure Kubernetes Service (AKS) clusters that will be used to host web services. You need to recommend an ingress controller solution that will protect the hosted web services. What should you include in the recommendation?



Answer : D


Question 7

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You need to enforce ISO 2700V2013 standards for the subscription. The solution must ensure that noncompliant resources are remediated automatically

What should you use?



Answer : B

https://azure.microsoft.com/en-us/blog/simplifying-your-environment-setup-while-meeting-compliance-needs-with-built-in-azure-blueprints/


Page:    1 / 14   
Total 228 questions