Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 147

Q41

A company needs to store sensitive data securely in Azure. Which feature should they use to encrypt data at rest?

  • A Azure Key Vault
  • B Azure Blob Storage Tiering
  • C Azure Blob Storage Lifecycle Management
  • D Azure Site Recovery
Explanation Azure Key Vault allows secure key management and encryption for data, unlike the other options.
Q42

You are configuring Conditional Access policies in Azure AD. What happens if a user does not comply with the MFA requirement?

  • A Access is granted automatically
  • B Access is denied
  • C User is redirected to a help page
  • D User receives a notification
Explanation Access is denied if MFA requirements are not met, ensuring security compliance.
Q43

Which service provides advanced threat detection for Azure environments?

  • A Azure Security Center
  • B Azure Active Directory
  • C Azure DevOps
  • D Azure Storage Accounts
Explanation Azure Security Center specializes in threat detection, while others serve different functions.
Q44

A company needs to ensure only specific users can access its data in Azure Blob Storage. What should be utilized?

  • A Storage Account Keys
  • B Shared Access Signatures
  • C Network Security Groups
  • D Azure Monitor
Explanation Shared Access Signatures offer granular access controls, while others do not provide the same level of specificity.
Q45

You are configuring Azure Firewall. What happens when you create a DNAT rule?

  • A Encrypts traffic within the network
  • B Redirects incoming traffic to internal resources
  • C Blocks all outbound traffic
  • D Creates a storage account
Explanation DNAT rules redirect traffic to specified internal resources, whereas others do not serve this function.
Q46

Which Azure service provides threat detection in real-time?

  • A Microsoft Defender for Cloud
  • B Azure Monitor
  • C Azure Sentinel
  • D Azure Security Center
Explanation Microsoft Defender for Cloud offers real-time threat detection while others focus on monitoring or logging.
Q47

A company needs to restrict access to certain resources based on user roles. What should they implement?

  • A Role-Based Access Control (RBAC)
  • B Network Security Groups (NSGs)
  • C Azure Firewall
  • D Azure Policy
Explanation RBAC is specifically designed for controlling access based on roles.
Q48

You are configuring Azure Active Directory Conditional Access. What happens when a user fails multi-factor authentication?

  • A Access is granted automatically.
  • B User is prompted again later.
  • C Access is denied for that session.
  • D User escalates to admin automatically.
Explanation Access is denied for the session when MFA fails, ensuring more secure authentication.
Q49

Which service helps secure Azure subscriptions against unauthorized access?

  • A Azure Active Directory
  • B Azure DevOps
  • C Azure SQL Database
  • D Azure Blob Storage
Explanation Azure Active Directory provides identity management and security.
Q50

A company needs to monitor network security using Azure. Which service should they use?

  • A Azure Firewall
  • B Azure Sentinel
  • C Azure Load Balancer
  • D Azure Backup
Explanation Azure Sentinel is a SIEM tool for monitoring security.