SC-100 Exam Dumps - Microsoft Cybersecurity Architect

Question # 4

You need to recommend a SIEM and SOAR strategy that meets the hybrid requirements, the Microsoft Sentinel requirements, and the regulatory compliance requirements.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access

Question # 5

You need to recommend a solution to meet the security requirements for the virtual machines. What should you include in the recommendation?

an Azure Bastion host

a network security group (NSG)

just-in-time (JIT) VM access

Azure Virtual Desktop

Full Access

Question # 6

You need to recommend a solution to meet the AWS requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access

Question # 7

You need to recommend a solution to resolve the virtual machine issue. What should you include in the recommendation? (Choose Two)

Onboard the virtual machines to Microsoft Defender for Endpoint.

Onboard the virtual machines to Azure Arc.

Create a device compliance policy in Microsoft Endpoint Manager.

Enable the Qualys scanner in Defender for Cloud.

Full Access

Question # 8

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have an Amazon Web Services (AWS) implementation.

You plan to extend the Azure security strategy to the AWS implementation. The solution will NOT use Azure Arc. Which three services can you use to provide security for the AWS resources? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

Azure Active Directory (Azure AD) Conditional Access

Microsoft Defender for servers

Azure Policy

Microsoft Defender for Containers

Full Access

Question # 9

You are evaluating the security of ClaimsApp.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE; Each correct selection is worth one point.

Full Access

Question # 10

You need to recommend a solution to secure the MedicalHistory data in the ClaimsDetail table. The solution must meet the Contoso developer requirements.

What should you include in the recommendation?

Transparent Data Encryption (TDE)

Always Encrypted

row-level security (RLS)

dynamic data masking

data classification

Full Access

Question # 11

What should you create in Azure AD to meet the Contoso developer requirements?

Full Access

Question # 12

Your company has Microsoft 365 E5 licenses and Azure subscriptions.

The company plans to automatically label sensitive data stored in the following locations:

â€¢ Microsoft SharePoint Online

â€¢ Microsoft Exchange Online

â€¢ Microsoft Teams

You need to recommend a strategy to identify and protect sensitive data.

Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Full Access

Question # 13

You have a Microsoft 365 subscription

You need to recommend a security solution to monitor the following activities:

â€¢ User accounts that were potentially compromised

â€¢ Users performing bulk file downloads from Microsoft SharePoint Online

What should you include in the recommendation for each activity? To answer, drag the appropriate components to the correct activities. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each Correct selection is worth one Point.

Full Access

Question # 14

Your company has a hybrid cloud infrastructure.

The company plans to hire several temporary employees within a brief period. The temporary employees will need to access applications and data on the company' premises network.

The company's security policy prevents the use of personal devices for accessing company data and applications.

You need to recommend a solution to provide the temporary employee with access to company resources. The solution must be able to scale on demand.

What should you include in the recommendation?

Migrate the on-premises applications to cloud-based applications.

Redesign the VPN infrastructure by adopting a split tunnel configuration.

Deploy Microsoft Endpoint Manager and Azure Active Directory (Azure AD) Conditional Access.

Deploy Azure Virtual Desktop, Azure Active Directory (Azure AD) Conditional Access, and Microsoft Defender for Cloud Apps.

Full Access

Question # 15

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription.

All the on-premises servers in the perimeter network are prevented from connecting directly to the internet.

The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

â€¢ Ensure that the security operations team can access the security logs and the operation logs.

â€¢ Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network.

Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Azure Active Directory (Azure AD) Conditional Access policies

a custom collector that uses the Log Analytics agent

resource-based role-based access control (RBAC)

the Azure Monitor agent

Full Access

Question # 16

You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements. What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.