Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–147 of 147

Q141

You are configuring Azure Policy for a resource group. What happens when a policy is set to `audit` mode?

  • A Resources will be denied provisioning.
  • B Violations are logged but not prevented.
  • C Remediation actions are automatically applied.
  • D Users are notified of all configuration.
Explanation In `audit` mode, resources are monitored and violations are logged but not blocked, unlike the other options.
Q142

Which service provides protection against DDoS attacks?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Load Balancer
Explanation Azure DDoS Protection specifically mitigates DDoS attacks; the others serve different purposes.
Q143

A company needs to implement advanced threat protection for its virtual machines; which service should they use?

  • A Microsoft Defender for Cloud
  • B Azure Bastion
  • C Azure VPN Gateway
  • D Azure Network Security Groups
Explanation Microsoft Defender for Cloud provides advanced threat protection for Azure resources, while the others do not.
Q144

You are configuring a storage account; what happens if you enable soft delete?

  • A Data cannot be permanently deleted.
  • B Deleted data can be recovered.
  • C Data can be replicated instantly.
  • D Restore requests will be charged.
Explanation Soft delete allows recovery of deleted data during a retention period; the other options are incorrect regarding functionality.
Q145

Which Azure service is primarily used for identity management?

  • A Azure Active Directory
  • B Azure Virtual Network
  • C Azure Blob Storage
  • D Azure Functions
Explanation Azure Active Directory is designed for identity management, while the others serve different purposes.
Q146

A company needs to protect its resources from DDoS attacks. What should they implement?

  • A Azure Load Balancer
  • B Azure Firewall
  • C Azure DDoS Protection
  • D Azure App Gateway
Explanation Azure DDoS Protection specifically safeguards against DDoS attacks, unlike the other services which have different functions.
Q147

You are configuring a firewall in Azure. What happens when you create a rule with 'Deny' default action?

  • A All traffic is allowed by default
  • B Outbound traffic is blocked
  • C Only specified ports are closed
  • D All unspecified traffic is denied
Explanation A 'Deny' default action blocks all unspecified traffic, while the other options misinterpret how default actions work.