Update SC-100 Test Engine For Microsoft Cybersecurity Architect Certification

NEW QUESTION 1

You need to recommend a solution to meet the requirements for connections to ClaimsDB.
What should you recommend using for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 2

Your company is preparing for cloud adoption.
You are designing security for Azure landing zones.
Which two preventative controls can you implement to increase the secure score? Each NOTE: Each correct selection is worth one point.

• A. Azure Firewall
• B. Azure Web Application Firewall (WAF)
• C. Microsoft Defender for Cloud alerts
• D. Azure Active Directory (Azure AD Privileged Identity Management (PIM)
• E. Microsoft Sentinel

Answer: BD

NEW QUESTION 3

Your company is moving a big data solution to Azure.
The company plans to use the following storage workloads:
• Azure Storage blob containers
• Azure Data Lake Storage Gen2
• Azure Storage file shares
• Azure Disk Storage
Which two storage workloads support authentication by using Azure Active Directory (Azure AD)? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A. Azure Disk Storage
• B. Azure Storage blob containers
• C. Azure Storage file shares
• D. Azure Data Lake Storage Gen2

Answer: BD

NEW QUESTION 4

Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.
The company signs a contract with the United States government. You need to review the current subscription for NIST 800-53 compliance. What should you do first?

• A. From Defender for Cloud, review the Azure security baseline for audit report.
• B. From Defender for Cloud, add a regulatory compliance standard.
• C. From Defender for Cloud, enable Defender for Cloud plans.
• D. From Defender for Cloud, review the secure score recommendations.

Answer: D

NEW QUESTION 5

You are evaluating the security of ClaimsApp.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE; Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 6

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have an Amazon Web Services (AWS) implementation.
You plan to extend the Azure security strategy to the AWS implementation. The solution will NOT use Azure Arc. Which three services can you use to provide security for the AWS resources? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
• B. Azure Active Directory (Azure AD) Conditional Access
• C. Microsoft Defender for servers
• D. Azure Policy
• E. Microsoft Defender for Containers

Answer: BE

NEW QUESTION 7

You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE; Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 8

You have a hybrid cloud infrastructure.
You plan to deploy the Azure applications shown in the following table.

What should you use to meet the requirement of each app? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 9

You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements. What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10

A customer uses Azure to develop a mobile app that will be consumed by external users as shown in the following exhibit.

You need to design an identity strategy for the app. The solution must meet the following requirements:
• Enable the usage of external IDs such as Google, Facebook, and Microsoft accounts.
• Be managed separately from the identity store of the customer.
• Support fully customizable branding for each app.
Which service should you recommend to complete the design?

• A. Azure Active Directory (Azure AD) B2C
• B. Azure Active Directory (Azure AD) B2B
• C. Azure AD Connect
• D. Azure Active Directory Domain Services (Azure AD DS)

Answer: C

NEW QUESTION 11

Your company has a multi-cloud environment that contains a Microsoft 365 subscription, an Azure subscription, and Amazon Web Services (AWS) implementation. You need to recommend a security posture management solution for the following components:
• Azure loT Edge devices
• AWS EC2 instances
Which services should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 12

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.
The Azure subscription contains a Microsoft Sentinel workspace. Microsoft Sentinel data connectors are configured for Microsoft 365, Microsoft 365 Defender, Defender for Cloud, and Azure.
You plan to deploy Azure virtual machines that will run Windows Server.
You need to enable extended detection and response (EDR) and security orchestration, automation, and response (SOAR) capabilities for Microsoft Sentinel.
How should you recommend enabling each capability? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 13

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance.
You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance.
Solution: You recommend access restrictions to allow traffic from the backend IP address of the Front Door instance.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 14

You are creating the security recommendations for an Azure App Service web app named App1. App1 has the following specifications:
• Users will request access to App1 through the My Apps portal. A human resources manager will approve the requests.
• Users will authenticate by using Azure Active Directory (Azure AD) user accounts. You need to recommend an access security architecture for App1.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 15

Your company has a Microsoft 365 E5 subscription.
The company plans to deploy 45 mobile self-service kiosks that will run Windows 10. You need to provide recommendations to secure the kiosks. The solution must meet the following requirements:
• Ensure that only authorized applications can run on the kiosks.
• Regularly harden the kiosks against new threats.
Which two actions should you include in the recommendations? Each correct answer presents part of the
solution. NOTE: Each correct selection is worth one point.

• A. Onboard the kiosks to Azure Monitor.
• B. Implement Privileged Access Workstation (PAW) for the kiosks.
• C. Implement Automated Investigation and Remediation (AIR) in Microsoft Defender for Endpoint.
• D. Implement threat and vulnerability management in Microsoft Defender for Endpoint.
• E. Onboard the kiosks to Microsoft Intune and Microsoft Defender for Endpoint.

Answer: AB

NEW QUESTION 16
......