Microsoft Azure

Microsoft Cybersecurity Architect

SC-100
Popular Trending

Become a Microsoft Cybersecurity Architect by passing the SC-100 exam.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 147

Q51

What happens when you enable Azure Security Center's auto provisioning for VMs?

  • A All VMs are automatically deleted
  • B VMs become part of a security group
  • C Security policies are applied automatically
  • D Alerts are sent for every action
Explanation Auto provisioning configures security policies on VMs automatically.
Q52

A company needs to secure sensitive data in its Azure Storage account. Which feature should they enable?

  • A Storage Service Encryption
  • B Blob Versioning
  • C Public Access Level
  • D Azure Files Sync
Explanation Storage Service Encryption automatically encrypts data at rest; the other options do not directly encrypt data.
Q53

What happens when a conditional access policy is assigned in Azure AD?

  • A All users are always blocked
  • B Specific applications are always accessible
  • C User access is evaluated based on conditions
  • D Policies apply to the entire Azure tenant
Explanation Conditional access evaluates the specified conditions before granting access; the other options misrepresent how policies function.
Q54

You are configuring an Azure Web Application Firewall (WAF) for a web app. Which scenario would directly benefit from this configuration?

  • A Increased server storage space
  • B Protection against SQL injection attacks
  • C Faster database queries
  • D Enhanced application performance
Explanation WAF specifically guards against application layer attacks, such as SQL injection; the other options are unrelated benefits.
Q55

Which Azure service provides DDoS protection?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Sentinel
Explanation Azure DDoS Protection is specifically designed to mitigate DDoS attacks, while others serve different purposes.
Q56

A company needs to restrict access to sensitive data based on user location. What should they implement?

  • A Azure Policies
  • B Conditional Access Policies
  • C Network Security Groups
  • D Azure Blueprints
Explanation Conditional Access Policies allow location-based access restrictions, while the others focus on different controls.
Q57

You are configuring Azure Key Vault. What happens when you enable soft delete?

  • A Keys are permanently deleted.
  • B Deleted items can be recovered.
  • C No items can be deleted.
  • D Access is revoked immediately.
Explanation Enabling soft delete allows recovery of deleted items within a retention period, unlike permanent deletion.
Q58

Which Azure service provides unified security management and advanced threat protection?

  • A Microsoft Sentinel
  • B Azure Policy
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure Security Center offers comprehensive security management, while others focus on different aspects like monitoring or policy enforcement.
Q59

A company has sensitive data stored in Azure Blob Storage. What should they use to secure access?

  • A Public access settings
  • B Shared Access Signatures
  • C Storage account keys
  • D Containers without encryption
Explanation Shared Access Signatures allow controlled access without compromising account keys.
Q60

You are configuring Azure AD conditional access policies. What happens if a user fails to meet the conditions?

  • A They are granted access anyway
  • B Access is denied
  • C They receive an email notification
  • D Access is granted but monitored
Explanation Conditional access policies explicitly deny access if conditions are not met, enhancing security.