Microsoft Azure

Microsoft Security Operations Analyst

SC-200
Popular

Validate your skills with the SC-200 exam for Microsoft Security Operations Analyst.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 81–90 of 147

Q81

What happens when a user is assigned to multiple Azure Active Directory (AAD) roles?

  • A Only the highest role is active.
  • B Roles are cumulative for permissions.
  • C Roles conflict and deny access.
  • D Roles are ignored during access checks.
Explanation Multiple roles in AAD accumulate permissions, allowing for broader access, while the others misrepresent how AAD roles operate.
Q82

Which service provides advanced threat detection in Azure?

  • A Azure Security Center
  • B Azure App Service
  • C Azure Cosmos DB
  • D Azure Key Vault
Explanation Azure Security Center offers comprehensive threat detection, while the others focus on different areas like app services, databases, and secrets management.
Q83

A company needs to monitor network traffic in Azure; which tool should it use?

  • A Azure Virtual Network
  • B Azure Network Watcher
  • C Azure ExpressRoute
  • D Azure Logic Apps
Explanation Azure Network Watcher is specifically designed for monitoring and diagnosing network issues, whereas the others serve different purposes.
Q84

What happens when a user assigns a role with "Owner" permissions to another user in Azure?

  • A The user can only view resources.
  • B The user can modify resources.
  • C The user cannot assign roles.
  • D The user can delete the subscription.
Explanation The "Owner" role allows users to modify resources, unlike the other incorrect options that state limited permissions.
Q85

Which Azure service provides security recommendations?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Sentinel
  • D Azure Policy
Explanation Azure Security Center offers security recommendations based on assessments; others focus on monitoring or policy enforcement.
Q86

A company needs to protect sensitive data during transmission. What should they implement?

  • A Encryption at rest
  • B Enable Firewall
  • C Data Loss Prevention
  • D Encryption in transit
Explanation Encryption in transit secures data during transmission; the others do not specifically address this concern.
Q87

You are configuring Azure AD Conditional Access policies. What happens if a user fails MFA?

  • A Access is granted immediately
  • B Access is allowed after a delay
  • C Access is blocked until successful
  • D Access is granted with limited permissions
Explanation If MFA fails, access is blocked until the user successfully completes it; the others do not accurately describe the process.
Q88

Which service provides real-time monitoring for Azure resources?

  • A Azure Monitor
  • B Azure DevOps
  • C Azure Backup
  • D Azure Blob Storage
Explanation Azure Monitor provides real-time monitoring, while the others serve different purposes like CI/CD or backup.
Q89

A company needs to implement zero-trust network access for its employees. Which Azure service should it use?

  • A Azure Active Directory
  • B Azure Information Protection
  • C Azure Security Center
  • D Azure Virtual Network
Explanation Azure Active Directory supports zero-trust principles; the others focus on data protection or network configurations.
Q90

What happens when you enable Azure policy enforcement on a subscription?

  • A Resources are automatically created
  • B Resource deployments are failed if non-compliant
  • C Security alerts are suppressed
  • D Networking configurations are deleted
Explanation Enabling policy enforcement ensures only compliant resources are deployed, unlike the other options which don’t align with policy enforcement behavior.