Microsoft Azure

Microsoft Security Operations Analyst

SC-200
Popular

Validate your skills with the SC-200 exam for Microsoft Security Operations Analyst.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 147

Q11

A company needs to ensure that only specific users can access its Azure resources. What should they implement?

  • A Network Security Groups
  • B Role-Based Access Control
  • C Azure Sentinel
  • D Virtual Networks
Explanation Role-Based Access Control enables user-specific access while others do not manage user permissions.
Q12

What happens when configuring Azure Policy with a trigger action?

  • A Policies automatically enforce compliance
  • B Policies only audit existing resources
  • C Policies apply instantly with no delay
  • D Policies require manual initiation
Explanation Policy triggers audit resources and assess compliance but do not enforce instantly or automatically.
Q13

Which Azure service provides protection against DDoS attacks?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Sentinel
Explanation Azure DDoS Protection is specifically designed to defend against DDoS attacks, while the others serve different security roles.
Q14

A company needs to receive alerts when unusual login patterns are detected in Azure. What Azure service can this utilize?

  • A Azure Monitor
  • B Azure Active Directory Identity Protection
  • C Azure Log Analytics
  • D Azure Sentinel
Explanation Azure AD Identity Protection helps identify and respond to atypical sign-in behavior, while the others serve different monitoring purposes.
Q15

What happens when you enable 'soft delete' for Azure Blob Storage?

  • A Immediate deletion of blobs on modify
  • B Blobs can be recovered after deletion
  • C Permanent loss of deleted blobs
  • D Blobs are archived automatically
Explanation Soft delete allows recovery of blobs for a retention period after deletion, whereas the other options misrepresent blob management.
Q16

Which service provides real-time monitoring and alerting for Azure resources?

  • A Azure Monitor
  • B Azure Governance
  • C Azure DevOps
  • D Azure Blob Storage
Explanation Azure Monitor tracks performance and health, while others serve different purposes.
Q17

A company needs to deploy a virtual machine but ensure it is isolated from other virtual machines in the same region. What should they use?

  • A Availability Zone
  • B Virtual Network
  • C Azure Load Balancer
  • D Resource Group
Explanation A Virtual Network isolates resources, while others do not provide isolation directly.
Q18

You are configuring Security Center standard policy for your resources. What happens if you define a custom initiative?

  • A Overrides existing security controls
  • B Combines existing definitions into one
  • C Removes all existing policies
  • D Encourages non-compliance policies
Explanation A custom initiative encompasses multiple definitions without removing existing policies.
Q19

Which Azure service is used for centralized logging and monitoring?

  • A Azure Monitor
  • B Azure DevOps
  • C Azure Virtual Machines
  • D Azure Functions
Explanation Azure Monitor collects and analyzes telemetry data, while the others serve different purposes.
Q20

A company needs to restrict access to its Azure resources based on user roles. What service should they use?

  • A Azure Active Directory
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Load Balancer
Explanation Azure Active Directory manages user roles and permissions, while other services do not primarily control access.