SC-100 Exam Question 51
You have an Azure subscription that contains multiple Azure Blob Storage accounts.
You need to recommend a solution to detect threats in files after the files are uploaded to a blob container.
What should you include in the recommendation?
You need to recommend a solution to detect threats in files after the files are uploaded to a blob container.
What should you include in the recommendation?
SC-100 Exam Question 52
Hotspot Question
You have an Azure subscription that contains App Service apps in four Azure regions. Users connect to the apps from the internet.
You plan to block requests to the apps if the requests contain security threats specified in the Core Rule Set (CRS) of the Open Web Application Security Project (OWASP).
You need to design a solution to block the requests. The solution must meet the following requirements:
- Maintain access to the apps in the event of a region outage.
- Minimize the number of resources required.
What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains App Service apps in four Azure regions. Users connect to the apps from the internet.
You plan to block requests to the apps if the requests contain security threats specified in the Core Rule Set (CRS) of the Open Web Application Security Project (OWASP).
You need to design a solution to block the requests. The solution must meet the following requirements:
- Maintain access to the apps in the event of a region outage.
- Minimize the number of resources required.
What should you include in the design? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-100 Exam Question 53
Hotspot Question
You have a Microsoft 365 subscription that contains 1,000 users and two groups named Group1 and Group2. All the users have devices that are onboarded to Microsoft Intune and Microsoft Defender for Endpoint. Group1 manages Microsoft Entra and Microsoft 365 services. Group2 manages Intune and Defender for Endpoint.
You need to recommend a solution to prevent users from connecting to Microsoft 365 services from devices that have encryption disabled.
What should you recommend implementing for each group? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
You have a Microsoft 365 subscription that contains 1,000 users and two groups named Group1 and Group2. All the users have devices that are onboarded to Microsoft Intune and Microsoft Defender for Endpoint. Group1 manages Microsoft Entra and Microsoft 365 services. Group2 manages Intune and Defender for Endpoint.
You need to recommend a solution to prevent users from connecting to Microsoft 365 services from devices that have encryption disabled.
What should you recommend implementing for each group? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
SC-100 Exam Question 54
Hotspot Question
You have a Microsoft Entra tenant. The tenant contains a security group named Group1. Group1 contains the members of your company's IT support team.
You have an Azure subscription. The subscription contains 800 Windows devices that are Microsoft Entra joined and 200 Windows devices that are Microsoft Entra registered.
You have 200 standalone macOS devices.
You deploy 10 Windows devices that are Microsoft Entra joined and have the Microsoft Entra ExtensionAttribute1 value set to SecureWorkstation.
You need to recommend a Conditional Access solution that meets the following requirements:
- Only allows access to Microsoft Entra resources from devices that run Windows 10 or Windows 11
- Restricts Windows Azure Service Management API access to the
following users:
- The members of Group1
- Users that authenticate by using multifactor authentication (MFA)
- Users that connect from a device that has the SecureWorkstation
ExtensionAttribute1
The solution must minimize the number of required policies and maximize security.
What should include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft Entra tenant. The tenant contains a security group named Group1. Group1 contains the members of your company's IT support team.
You have an Azure subscription. The subscription contains 800 Windows devices that are Microsoft Entra joined and 200 Windows devices that are Microsoft Entra registered.
You have 200 standalone macOS devices.
You deploy 10 Windows devices that are Microsoft Entra joined and have the Microsoft Entra ExtensionAttribute1 value set to SecureWorkstation.
You need to recommend a Conditional Access solution that meets the following requirements:
- Only allows access to Microsoft Entra resources from devices that run Windows 10 or Windows 11
- Restricts Windows Azure Service Management API access to the
following users:
- The members of Group1
- Users that authenticate by using multifactor authentication (MFA)
- Users that connect from a device that has the SecureWorkstation
ExtensionAttribute1
The solution must minimize the number of required policies and maximize security.
What should include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-100 Exam Question 55
Hotspot Question
You have a multi-cloud environment that contains an Azure subscription and an Amazon Web Services (AWS) account.
You need to implement security services in Azure to manage the resources in both subscriptions.
The solution must meet the following requirements:
- Automatically identify threats found in AWS CloudTrail events.
- Enforce security settings on AWS virtual machines by using Azure
policies.
What should you include in the solution for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a multi-cloud environment that contains an Azure subscription and an Amazon Web Services (AWS) account.
You need to implement security services in Azure to manage the resources in both subscriptions.
The solution must meet the following requirements:
- Automatically identify threats found in AWS CloudTrail events.
- Enforce security settings on AWS virtual machines by using Azure
policies.
What should you include in the solution for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
