SC-100 Exam Question 116
Drag and Drop Question
You are designing a security operations strategy based on the Zero Trust framework.
You need to increase the operational efficiency of the Microsoft Security Operations Center (SOC).
Based on the Zero Trust framework, which three deployment objectives should you prioritize in sequence? To answer move the appropriate objectives from the list of objectives to the answer area and arrange them in the correct order.
You are designing a security operations strategy based on the Zero Trust framework.
You need to increase the operational efficiency of the Microsoft Security Operations Center (SOC).
Based on the Zero Trust framework, which three deployment objectives should you prioritize in sequence? To answer move the appropriate objectives from the list of objectives to the answer area and arrange them in the correct order.
SC-100 Exam Question 117
You have a Microsoft 365 subscription and an Azure subscription. Microsoft Defender XDR and Microsoft Defender for Cloud are enabled.
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?
SC-100 Exam Question 118
You are a cloud security administrator, and you have been tasked with providing a security solution for an Azure App Service, a web app named web-App0. Web-App0 has the following requirements:
Users will request access to web-App0 through the organization portal, and an internal stakeholder will approve.
Authentication for users must be provided by Azure AD.
What would be your recommended approach to enable AD authentication to web-app0?
Users will request access to web-App0 through the organization portal, and an internal stakeholder will approve.
Authentication for users must be provided by Azure AD.
What would be your recommended approach to enable AD authentication to web-app0?
SC-100 Exam Question 119
Hotspot Question
Your network contains an Active Directory Domain Services (AD DS) domain named Domain1.
You have a Microsoft Entra tenant.
Domain1 syncs with the tenant by using Microsoft Entra Connect.
You need to evaluate Microsoft Entra smart lockout by testing the following account lockout considerations:
- The number of failed sign-in attempts that trigger a lockout
- The duration of the lockout
What should you use to test each consideration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your network contains an Active Directory Domain Services (AD DS) domain named Domain1.
You have a Microsoft Entra tenant.
Domain1 syncs with the tenant by using Microsoft Entra Connect.
You need to evaluate Microsoft Entra smart lockout by testing the following account lockout considerations:
- The number of failed sign-in attempts that trigger a lockout
- The duration of the lockout
What should you use to test each consideration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-100 Exam Question 120
Your company has a main office and 10 branch offices. Each branch office contains an on- premises file server that runs Windows Server and multiple devices that run either Windows 11 or macOS. The devices are enrolled in Microsoft Intune.
You have a Microsoft Entra tenant.
You need to deploy Global Secure Access to implement web filtering for device traffic to the internet. The solution must ensure that all the web traffic from the devices in the branch offices is controlled by using Global Secure Access.
What should you do first in each branch office?
You have a Microsoft Entra tenant.
You need to deploy Global Secure Access to implement web filtering for device traffic to the internet. The solution must ensure that all the web traffic from the devices in the branch offices is controlled by using Global Secure Access.
What should you do first in each branch office?