Microsoft Azure

Microsoft Security Operations Analyst

SC-200
Popular

Validate your skills with the SC-200 exam for Microsoft Security Operations Analyst.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 147

Q71

A company needs to secure their Azure Storage account. What should they implement to limit access based on networks?

  • A Access Keys
  • B Firewalls and Virtual Networks
  • C Shared Access Signatures
  • D Blob Indexing
Explanation Firewalls and Virtual Networks restrict access based on defined network rules, unlike the options which do not provide network-specific access control.
Q72

You are configuring Azure Active Directory (AAD) Conditional Access policies. What happens when a user is marked as 'MFA Required'?

  • A User can bypass MFA login
  • B User must complete MFA verification
  • C User is permanently blocked
  • D User device becomes unregistered
Explanation Marking a user as 'MFA Required' mandates MFA completion during login, while others indicate incorrect access scenarios.
Q73

Which Azure service provides DDoS protection through AI algorithms?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Traffic Manager
Explanation Azure DDoS Protection specifically offers AI-based DDoS mitigation; the others address different security issues.
Q74

You are configuring a conditional access policy for users accessing Azure resources. What condition can you specify?

  • A User location
  • B Device battery percentage
  • C Time of day limit
  • D User's favorite color
Explanation User location is a valid condition for access policies; battery percentage, time limits, and color aren't.
Q75

A company needs to audit all access to Azure Key Vault. Which feature should they enable?

  • A Access policies
  • B Diagnostic logs
  • C Storage replication
  • D Networking rule
Explanation Diagnostic logs provide detailed audit trails of Key Vault access, while the other options do not.
Q76

Which Azure service is used for monitoring application performance?

  • A Azure Monitor
  • B Azure DevOps
  • C Azure Logic Apps
  • D Azure Functions
Explanation Azure Monitor provides metrics and logs for application performance; others serve different purposes such as development or automation.
Q77

A company needs to restrict users from accessing Azure resources based on their job title. What should they implement?

  • A Network Security Groups
  • B Azure Role-Based Access Control (RBAC)
  • C Azure Policy
  • D Resource Locks
Explanation RBAC allows role assignments based on attributes like job title; the others serve different functions or are not user-specific.
Q78

What happens when a user tries to access resources without the necessary permissions in Azure?

  • A Access is granted with limited functionality
  • B Access is denied entirely
  • C Permissions are automatically escalated
  • D An alert is sent to the admin
Explanation Access is denied entirely if permissions are missing; it does not grant limited access or escalate permissions automatically.
Q79

Which service provides advanced threat protection in Azure?

  • A Azure Defender
  • B Azure Firewall
  • C Azure Sentinel
  • D Azure DDoS Protection
Explanation Azure Defender is designed specifically for threat protection across Azure resources, whereas the others focus on networking or security monitoring.
Q80

A company needs to automatically respond to detected threats in Azure. Which Azure service should they implement?

  • A Azure Security Center
  • B Azure Logic Apps
  • C Azure Automation
  • D Microsoft Sentinel
Explanation Microsoft Sentinel includes capabilities for automated response actions to security threats, while the others have different primary functions.