Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 21–30 of 147

Q21

You are configuring Azure Security Center. What happens when you set up security policies?

  • A Policies apply only to VMs
  • B Policies apply to all subscriptions
  • C Policies are ignored if misconfigured
  • D Policies only notify users
Explanation Security policies in Azure Security Center apply across all resources in a subscription, not just VMs or specific scenarios as the other options suggest.
Q22

Which service provides Azure's central identity management?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Monitor
  • D Azure Cosmos DB
Explanation Azure Active Directory manages identities; others are storage or monitoring services.
Q23

A company needs to protect sensitive data stored in Azure Blob Storage. What should they implement?

  • A Azure Neural Services
  • B Data Loss Prevention policies
  • C Azure DevOps Pipelines
  • D Virtual Network Peering
Explanation Data Loss Prevention policies help secure sensitive data; others focus on DevOps or networking.
Q24

You are configuring a Microsoft Sentinel instance. What happens if you set an alert action to 'Notified'?

  • A Alerts are elevated
  • B Snooze alerts
  • C Notifications are sent
  • D Related incidents are closed
Explanation 'Notified' triggers notifications; others do not correctly describe alert actions.
Q25

Which service allows continuous compliance monitoring in Azure?

  • A Azure Policy
  • B Azure Monitor
  • C Azure Resource Manager
  • D Azure Security Center
Explanation Azure Policy enables continuous compliance monitoring, while others focus on resource management or monitoring.
Q26

A company needs to implement DDoS protection for its web application. Which Azure service should it use?

  • A Azure Traffic Manager
  • B Azure Firewall
  • C Azure DDoS Protection
  • D Azure Application Gateway
Explanation Azure DDoS Protection is specifically designed to defend against distributed denial of service attacks, unlike the others.
Q27

You are configuring access to Azure Key Vault. If a user has the role 'Key Vault Administrator', what can they NOT do?

  • A Manage access policies
  • B Create secrets
  • C Retrieve secrets
  • D Manage Key Vault configurations
Explanation The 'Key Vault Administrator' role cannot manage the overall configurations of the vault itself.
Q28

Which Azure service is primarily used to manage identity and access?

  • A Azure Active Directory
  • B Azure DevOps
  • C Azure Functions
  • D Azure Blob Storage
Explanation Azure Active Directory is the identity management service; others are unrelated.
Q29

A company needs to monitor for anomalies in user behavior. Which Azure feature should they enable?

  • A Azure Monitor
  • B Azure Sentinel
  • C Azure Advisor
  • D Azure Backup
Explanation Azure Sentinel provides advanced threat detection, while others focus on different aspects.
Q30

What happens when you assign a role to a group in Azure?

  • A All users in the group inherit permissions
  • B Only admins can access the resources
  • C The role applies to the entire subscription
  • D Roles are overwritten by users' individual roles
Explanation Roles assigned to groups grant collective permissions; other options misrepresent Azure's RBAC.