SC-100 Exam Question 96

You have a Microsoft Entra tenant named contoso.com and use Microsoft Intune. Each user in contoso.com has a Microsoft Entra ID P1 license and a Windows 11 device that has the Global Secure Access client deployed.
You plan to deploy the following configuration of Microsoft Entra Internet Access:
- Enable a baseline profile.
- Create a security profile named Profile1 that has a priority of 300
and contains a single web content filtering policy named
WCFPolicy1.Configure WCFPolicy1 as follows:
- Set Action to allow.
- Include a single rule that has a fully qualified domain name (FQDN)
destination of *.adatum.com. Link Profile1 to a Conditional Access
policy named CAPolicy1, apply CAPolicy1 to all users, and grant access
unless a user's device is noncompliant.
You need to evaluate the impact of the planned deployment on traffic to the following resources:
- https://www.adatum.com:8433
- https://www.fabrikam.com
Which two traffic scenarios will occur? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
  • SC-100 Exam Question 97

    You have an Azure subscription and a Microsoft 365 subscription.
    Your company uses several software as a service (SaaS) applications.
    To align with Microsoft cloud security benchmark (MCSB) and Microsoft Cybersecurity Reference Architectures (MCRA), you plan to design a solution to provide visibility into user activity across the applications and detect potentially risky behavior in real time.
    Which service should you recommend?
  • SC-100 Exam Question 98

    Hotspot Question
    You have an Azure subscription that contains multiple Azure Storage blobs and Azure Files shares.
    You need to recommend a security solution for authorizing access to the blobs and shares. The solution must meet the following requirements:
    - Support access to the shares by using the SMB protocol.
    - Limit access to the blobs to specific periods of time.
    - Include authentication support when possible.
    What should you recommend for each resource? To answer, select the options in the answer area.
    NOTE: Each correct selection is worth one point.

    SC-100 Exam Question 99

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
    You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance.
    You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance.
    Solution: You recommend access restrictions to allow traffic from the backend IP address of the Front Door instance.
    Does this meet the goal?
  • SC-100 Exam Question 100

    You have an Azure subscription.
    Your company has a governance requirement that resources must be created in the West Europe or North Europe Azure regions.
    What should you recommend using to enforce the governance requirement?