Microsoft SC-900 Exam Practice Test Instant Access

Question 1

Which Azure Active Directory (Azure AD) feature can you use to restrict Microsoft Intune-managed devices from accessing corporate resources?

Anetwork security groups (NSGs)

BAzure AD Privileged Identity Management (PIM)

Cconditional access policies

Dresource locks

Answer : B

Question 2

What are two capabilities of Microsoft Defender for Endpoint? Each correct selection presents a complete solution.

NOTE: Each correct selection is worth one point.

Aautomated investigation and remediation

Btransport encryption

Cshadow IT detection

Dattack surface reduction

Answer : A, D

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint? view=o365-worldwide

Question 3

To which three locations can a data loss prevention (DLP) policy be applied? Each correct answer presents a complete solution.

NOTE: Each correct answer is worth one point.

AMicrosoft Exchange Online email

BMicrosoft OneDrive accounts

CMicrosoft Exchange Online public folders

DMicrosoft Teams chat and channel messages

EMicrosoft Viva Engage

Answer : A, B, D

Question 4

Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization?

Asensitivity label policies

BCustomer Lockbox

Cinformation Barriers

DPrivileged Access Management (PAM)

Answer : C

https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers

Question 5

What can you use to provide threat detection for Azure SQL Managed Instance?

AMicrosoft Secure Score

Bapplication security groups

CMicrosoft Defender for Cloud

DAzure Bastion

Answer : C

Question 6

In a Core eDiscovery workflow, what should you do before you can search for content?

ACreate an eDiscovery hold.

BRun Express Analysis.

CConfigure attorney-client privilege detection.

DExport and download results.

Answer : A

https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwide

Question 7

Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

ADisplay policy tips to users who are about to violate your organization's policies.

BEnable disk encryption on endpoints.

CProtect documents in Microsoft OneDrive that contain sensitive information.

DApply security baselines to devices.

Answer : A, C

https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide

Microsoft Security, Compliance, and Identity Fundamentals SC-900 Exam Practice Test