Microsoft Azure

Microsoft Security Operations Analyst

SC-200
Popular

Validate your skills with the SC-200 exam for Microsoft Security Operations Analyst.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 61–70 of 147

Q61

Which service enables temporary elevated access for Azure resources?

  • A Azure AD Privileged Identity Management
  • B Azure Resource Manager
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure AD Privileged Identity Management provides just-in-time access, while others offer different resource management functionalities.
Q62

A company needs to ensure all Azure virtual machines are continuously monitored for end-of-life and vulnerability assessments. Which service should they implement?

  • A Azure Information Protection
  • B Azure Security Center
  • C Azure Automation
  • D Azure Active Directory
Explanation Azure Security Center provides comprehensive security management and monitoring, while the others serve different purposes.
Q63

You are configuring Azure Firewall. What happens if you set the 'DenyAll' rule at the top of your rules collection?

  • A Traffic is allowed unless denied later
  • B All traffic is denied
  • C Only HTTPS traffic is denied
  • D Only IPsec traffic is denied
Explanation Setting 'DenyAll' will deny all incoming traffic, overriding other rules if applied first.
Q64

Which service provides advanced threat protection for Azure resources?

  • A Azure Sentinel
  • B Azure Security Center
  • C Azure Firewall
  • D Azure Policy
Explanation Azure Security Center offers threat protection; Sentinel focuses on SIEM.
Q65

A company needs to restrict user permissions to only necessary resources in Azure. What should they implement?

  • A Role-Based Access Control (RBAC)
  • B Network Security Group (NSG)
  • C Azure Active Directory (AAD)
  • D Azure Firewall
Explanation RBAC allows fine-grained access control, unlike NSGs which filter traffic only.
Q66

You are configuring a data retention policy in Azure Security Center. What happens if you set a retention period of 90 days?

  • A Data is retained for 90 days.
  • B Data is stored indefinitely.
  • C Data is deleted after 90 days.
  • D Data is archived after 90 days.
Explanation Data will be deleted after the configured period if not retained longer.
Q67

Which service monitors for suspicious activities in Azure resources?

  • A Azure Security Center
  • B Azure Logic Apps
  • C Azure Storage Accounts
  • D Azure DevOps
Explanation Azure Security Center provides monitoring for security threats, while the other options do not primarily focus on security monitoring.
Q68

A company needs to prevent sensitive data exfiltration from Azure Blob Storage. Which feature should they implement?

  • A Azure Role-Based Access Control
  • B Azure Private Links
  • C Azure Storage Firewalls
  • D Azure Data Loss Prevention
Explanation Azure Data Loss Prevention specifically helps prevent data exfiltration, while the other features primarily focus on permissions and access.
Q69

You are configuring alert rules in Azure Sentinel; what happens when a 'fusion' rule triggers?

  • A Single alerts are escalated.
  • B Multiple alerts are correlated.
  • C User accounts are locked.
  • D Data is removed from storage.
Explanation 'Fusion' rules correlate multiple alerts into a single one, while the other options describe incorrect functions.
Q70

Which Azure service provides DDoS protection?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Sentinel
  • D Azure Application Gateway
Explanation Azure DDoS Protection specifically safeguards against DDoS attacks; the others focus on different security aspects.