Microsoft Security, Compliance, and Identity Fundamentals SC-900 Exam Practice Test

Page: 1 / 14
Total 209 questions
Question 1

What feature in Microsoft Defender for Endpoint provides the first line of defense against cyberthreats by reducing the attack surface?



Answer : D

Network protection helps protect devices from Internet-based events. Network protection is an attack surface reduction capability.


https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/network-protection?view=o365-worldwide

Question 2

What should you use in the Microsoft 365 security center to view security trends and track the protection status of identities?



Answer : B


https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/reports-and-insights-in-security- and-compliance?view=o365-worldwide

Question 3

You have an Azure subscription that contains multiple resources.

You need to assess compliance and enforce standards for the existing resources.

What should you use?



Answer : D


Question 4

What can you use to provide a user with a two-hour window to complete an administrative task in Azure?



Answer : D

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management: Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multi-factor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit Prevents removal of the last active Global Administrator role assignment


Question 5

Which Microsoft Purview data classification type supports the use of regular expressions?



Answer : C


Question 6

Which Microsoft 365 feature can you use to restrict users from sending email messages that contain lists of customers and their associated credit card numbers?



Answer : B


https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide

Question 7

When security defaults are enabled for an Azure Active Directory (Azure AD) tenant, which two requirements are enforced? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.



Answer : B, C

Security defaults make it easy to protect your organization with the following preconfigured security settings:

Requiring all users to register for Azure AD Multi-Factor Authentication.

Requiring administrators to do multi-factor authentication.

Blocking legacy authentication protocols.

Requiring users to do multi-factor authentication when necessary.

Protecting privileged activities like access to the Azure portal.


https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

Page:    1 / 14   
Total 209 questions