Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 147

Q131

A company needs to restrict access to sensitive data in Azure Storage. Which feature should they configure?

  • A Encryption at rest
  • B Role-Based Access Control (RBAC)
  • C Multi-Factor Authentication (MFA)
  • D Private Link
Explanation RBAC allows precise access control over resources; the other options address different aspects of security.
Q132

What happens when an Azure Security Center recommendation is marked as 'resolved'?

  • A It automatically deletes the resource
  • B It stops monitoring the resource
  • C It acknowledges the issue is fixed
  • D It disables the resource temporarily
Explanation Marking it 'resolved' acknowledges that the security recommendation has been addressed; the other options imply unwanted actions.
Q133

Which Azure service provides a unified security management system?

  • A Microsoft Defender for Cloud
  • B Azure Log Analytics
  • C Azure Advisor
  • D Azure Security Center
Explanation Microsoft Defender for Cloud is the unified security management system, while the others serve different purposes in security and monitoring.
Q134

A company needs to implement identity protection. Which feature should they use?

  • A Azure Active Directory Identity Protection
  • B Azure Key Vault Access Policies
  • C Azure Information Protection Labels
  • D Azure Policy Assignments
Explanation Azure Active Directory Identity Protection specifically addresses identity security, while the other options focus on access control or information classification.
Q135

You are configuring Azure Security Center recommendations. What happens if you select "Ignore" on a specific recommendation?

  • A The recommendation will be removed.
  • B You will not get alerts on it.
  • C It will be documented for future audits.
  • D No further recommendations related will appear.
Explanation Ignoring a recommendation suppresses alerts about it, while the other options incorrectly suggest permanent removal or documentation actions.
Q136

Which Azure service provides advanced threat protection for virtual networks?

  • A Azure Security Center
  • B Azure Firewall
  • C Azure DDoS Protection
  • D Azure Sentinel
Explanation Azure Security Center provides overall threat protection and compliance management, while the others serve specific roles in network security.
Q137

A company needs to enforce Conditional Access policies for cloud applications. What Azure component should they leverage?

  • A Azure AD Identity Protection
  • B Azure AD Privileged Identity Management
  • C Azure AD Conditional Access
  • D Azure AD B2C
Explanation Azure AD Conditional Access directly enforces access policies; the others focus on different aspects of identity management.
Q138

What happens when you configure Azure Policy to audit resources, but not enforce compliance?

  • A Non-compliant resources are deleted
  • B Non-compliant resources remain unaffected
  • C Resources are automatically tagged
  • D Compliance reports are not generated
Explanation Auditing allows for monitoring non-compliant resources without enforcement actions, unlike deletion or tagging.
Q139

Which Azure service provides threat protection for SQL databases?

  • A Azure Defender for SQL
  • B Azure Policy
  • C Azure Monitor
  • D Azure Firewall
Explanation Azure Defender for SQL helps protect databases against threats, unlike the others which serve different purposes.
Q140

A company needs to ensure that users only access the minimum necessary resources. Which Azure feature would they implement?

  • A RBAC (Role-Based Access Control)
  • B Azure Blob Storage
  • C Azure Key Vault
  • D Virtual Network
Explanation RBAC ensures minimum necessary access, unlike the other options that provide different functionalities.