Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 91–100 of 147

Q91

Which Azure service provides centralized access management?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure SQL Database
  • D Azure Functions
Explanation Azure Active Directory offers identity management, while others do not focus on access management.
Q92

A company needs to secure its Kubernetes cluster. What should they configure?

  • A Network Security Groups
  • B Azure Security Center
  • C Azure Policy
  • D Role-Based Access Control (RBAC)
Explanation RBAC is crucial for managing permissions within a Kubernetes cluster, not the other options which serve different purposes.
Q93

What happens when a user with no permissions accesses an Azure resource?

  • A Access granted due to default settings
  • B Access denied based on RBAC
  • C Access granted by Azure policies
  • D Access suppressed silently
Explanation Access is denied because of RBAC rules that restrict it, while others imply incorrect behaviors.
Q94

Which Azure service is optimized for serverless applications?

  • A Azure Functions
  • B Azure Virtual Machines
  • C Azure Web Apps
  • D Azure Kubernetes Service
Explanation Azure Functions is designed for serverless execution, while others are for different hosting methods.
Q95

You are configuring Azure AD Conditional Access policies. What is the purpose of 'Session Controls'?

  • A Lock devices based on user location
  • B Control user sessions for specific apps
  • C Enforce MFA on all logins
  • D Restrict access during specific times
Explanation Session Controls manage session conditions for applications, unlike other options which target broader access restrictions.
Q96

What happens when you enable Azure Security Center's Just-in-Time VM access?

  • A Locks the VM from all network traffic
  • B Forwards all traffic through a proxy
  • C Allows access only when requested
  • D Disables public IP address of VM
Explanation Just-in-Time access allows for temporary access when requested, whereas other options are incorrect descriptions of its functionality.
Q97

Which Azure service provides a central place to manage policies?

  • A Azure Policy
  • B Azure Security Center
  • C Azure Compliance Manager
  • D Azure Monitor
Explanation Azure Policy centralizes and enforces governance across Azure resources; the others serve distinct management or monitoring purposes.
Q98

A company needs to ensure that users can only access specific Azure resources based on their job roles. What is the most appropriate solution?

  • A Azure RBAC
  • B Azure AD Groups
  • C Network Security Groups
  • D Azure Automation
Explanation Azure RBAC allows fine-grained access control based on roles, while the others don't specifically manage user access to resources based on roles.
Q99

You are configuring Azure Sentinel and want to aggregate logs from different services. What happens if you select 'Basic' pricing tier?

  • A Unlimited log collection
  • B Limited retention period
  • C Higher data ingestion fee
  • D No log collection applies
Explanation The 'Basic' tier limits the retention period, while the other options misrepresent the capacity or costs of log collection.
Q100

Which Azure service is specifically designed for secure key management?

  • A Azure Key Vault
  • B Azure Blob Storage
  • C Azure SQL Database
  • D Azure Data Factory
Explanation Azure Key Vault securely stores and controls keys, whereas the others provide different data management functionalities.