Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 147

Q11

A company needs to share sensitive data securely with external partners. What is the best Azure solution?

  • A Azure Blob Storage
  • B Azure VPN Gateway
  • C Azure Data Share
  • D Azure Functions
Explanation Azure Data Share enables secure data sharing with external parties, unlike the other options which do not focus on data sharing directly.
Q12

You are configuring Azure Policies for a subscription. What happens when a non-compliant resource is detected?

  • A It is automatically deleted
  • B It is flagged for review
  • C It is modified to meet compliance
  • D It remains unchanged
Explanation Non-compliant resources are flagged for review, rather than deleted or automatically modified.
Q13

Which Azure service provides DDoS protection to applications?

  • A Azure DDoS Protection
  • B Azure Traffic Manager
  • C Azure Application Gateway
  • D Azure Monitor
Explanation Azure DDoS Protection specifically mitigates DDoS attacks; other options serve different traffic management and monitoring roles.
Q14

A company needs to apply different security policies based on data classifications. Which Azure service should they use?

  • A Azure Security Center
  • B Azure Information Protection
  • C Azure Sentinel
  • D Azure Key Vault
Explanation Azure Information Protection enables classification and protection of data based on its sensitivity, unlike the other services.
Q15

What happens when you configure Azure AD Conditional Access to block access based on user risk?

  • A All users are denied access.
  • B High-risk users are allowed access.
  • C Low-risk users face challenges.
  • D High-risk users are denied access.
Explanation Conditional Access denies access for high-risk users to maintain security, while the other options misrepresent user access outcomes.
Q16

Which service provides centralized security management in Azure?

  • A Microsoft Defender for Cloud
  • B Azure Monitor
  • C Azure Application Insights
  • D Azure DDoS Protection
Explanation Microsoft Defender for Cloud centralizes security management; others serve different purposes.
Q17

A company needs to protect their Azure resources from unauthorized access. What should they implement?

  • A Service Fabric
  • B Network Security Groups
  • C Azure Logic Apps
  • D Azure Functions
Explanation Network Security Groups limit access; others do not provide access control.
Q18

You are configuring an Azure Active Directory (AAD) tenant. What happens when you enable user assignment for an application?

  • A All users gain access automatically
  • B Only assigned users can access
  • C Access is denied for all users
  • D Application is deleted
Explanation Enabling user assignment restricts access to designated users; others are incorrect since they misrepresent access management.
Q19

Which service provides Azure's identity protection capabilities?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure DevOps
  • D Azure Security Center
Explanation Azure Active Directory provides identity protection features, while the others focus on different functionalities.
Q20

A company needs to ensure that sensitive information is only accessible to authorized users in Azure. What should they implement?

  • A Network Security Groups
  • B Role-Based Access Control
  • C Azure Firewall
  • D Azure Virtual Network
Explanation Role-Based Access Control (RBAC) manages users' permissions effectively, while the others focus on network security rather than access the data layer.