Microsoft Azure

Microsoft Security Operations Analyst

SC-200
Popular

Validate your skills with the SC-200 exam for Microsoft Security Operations Analyst.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 147

Q41

What happens when an Azure Security Center recommendation is ignored?

  • A Security Center escalates the issue
  • B Recommendations remain unchanged
  • C The recommendation is removed
  • D Alerts are generated automatically
Explanation Ignoring a recommendation keeps it active; it doesn't auto-remove or escalate.
Q42

You are configuring Azure Sentinel for a company. Which of the following data connectors would best help with security log analysis?

  • A Azure Security Center
  • B Azure Monitor Logs
  • C Microsoft Endpoint Manager
  • D Windows Event Forwarding
Explanation Azure Monitor Logs offers extensive logging capabilities that integrate directly with Sentinel for analysis.
Q43

Which Azure service provides a centralized network with peering capabilities?

  • A Azure Virtual Network
  • B Azure Load Balancer
  • C Azure VPN Gateway
  • D Azure Application Gateway
Explanation Azure Virtual Network enables user-defined networks and peering; others serve different networking functionalities.
Q44

A company needs to audit data access in Azure Storage. What should they use?

  • A Azure Activity Log
  • B Azure Monitor
  • C Azure Policy
  • D Azure Storage Analytics
Explanation Azure Storage Analytics provides access metrics; others are not directly for auditing data access.
Q45

What happens when you configure Azure AD Conditional Access with a 'Grant access' policy?

  • A Blocks all user access
  • B Requires MFA before access
  • C Allows access without restrictions
  • D Requires compliance with a policy
Explanation MFA is typically required unless otherwise specified; granting access usually involves conditions.
Q46

Which Azure service provides advanced threat protection for VMs?

  • A Azure Defender
  • B Azure Sentinel
  • C Azure DDoS Protection
  • D Azure Firewall
Explanation Azure Defender specifically offers advanced threat protection for virtual machines, while the others serve different security roles.
Q47

A company needs to ensure that Azure resources are compliant with industry standards. What should they implement?

  • A Azure Policy
  • B Azure Functions
  • C Azure Storage
  • D Azure Load Balancer
Explanation Azure Policy helps govern and ensure compliance of Azure resources, while the other options do not have compliance tracking capabilities.
Q48

What happens when a policy deny rule is triggered in Azure?

  • A Resource deployment is allowed
  • B Audit log entry is recorded
  • C Resource deployment is blocked
  • D Only notifications are sent
Explanation A deny policy rule explicitly blocks resource deployments that violate the set policy, whereas the other options do not reflect the enforcement action taken.
Q49

Which Azure service is specifically designed for threat detection and response?

  • A Azure Security Center
  • B Azure DevOps
  • C Azure Blob Storage
  • D Azure Virtual Network
Explanation Azure Security Center provides integrated threat detection, while the others focus on deployment or storage.
Q50

A company needs to automate security assessments in Azure. Which tool should they utilize?

  • A Azure Automation
  • B Azure AD
  • C Azure Policy
  • D Azure Key Vault
Explanation Azure Policy allows for automated compliance checks, while others focus on different management aspects.