SC-100 Exam Question 106

For a Microsoft cloud environment, you are designing a security architecture based on the Microsoft Cloud Security Benchmark.
What are three best practices for identity management based on the Azure Security Benchmark?
Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
  • SC-100 Exam Question 107

    You are a security engineer tasked with finding a solution that would help improve personal data protection for the organization.
    The Chief Information Officer Has identified three areas that this solution should address
    - Identifying overexposed personal data
    - Identify personal data that is being transferred across regions
    - Provide users with feedback to reduce the amount of unused data Store
  • SC-100 Exam Question 108

    Your company has an on-premises network and an Azure subscription.
    The company does NOT have a Site-to-Site VPN or an ExpressRoute connection to Azure.
    You are designing the security standards for Azure App Service web apps. The web apps will access Microsoft SQL Server databases on the network.
    You need to recommend security standards that will allow the web apps to access the databases.
    The solution must minimize the number of open internet- accessible endpoints to the on-premises network.
    What should you include in the recommendation?
  • SC-100 Exam Question 109

    You receive a security alert in Microsoft Defender for Cloud as shown in the exhibit. (Click the Exhibit tab.)

    After remediating the threat which policy definition should you assign to prevent the threat from reoccurring?
  • SC-100 Exam Question 110

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
    You have an Azure subscription that has Microsoft Defender for Cloud enabled.
    You are evaluating the Azure Security Benchmark V3 report.
    In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.
    You need to recommend configurations to increase the score of the Secure management ports controls.
    Solution: You recommend enabling just-in-time (JIT) VM access on all virtual machines.
    Does this meet the goal?