Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 101–110 of 147

Q101

A company needs to ensure only authorized users can access their sensitive data in Azure. What is the best practice to achieve this?

  • A Use least privilege access
  • B Enable public access
  • C Utilize shared accounts
  • D Disable all user access
Explanation Using least privilege access ensures users have only the permissions necessary for their roles, while the other options create security risks.
Q102

You are configuring Azure Security Center. What happens when you set the security response action to 'Take No Action'?

  • A Automatic remediation occurs
  • B Alerts are ignored
  • C No alerts are generated
  • D Issues are left unresolved
Explanation Setting to 'Take No Action' leaves issues unresolved, while the other options incorrectly suggest some proactive response.
Q103

Which service is primarily used for managing Azure network security groups?

  • A Azure Security Center
  • B Azure Network Watcher
  • C Azure Virtual Network
  • D Azure Firewall
Explanation The Azure Virtual Network is responsible for managing network security groups, enabling traffic control and security definitions.
Q104

A company needs to ensure that only specific users can access sensitive Azure blobs. What should they implement?

  • A Azure Active Directory roles
  • B Shared Access Signatures
  • C Network Security Groups
  • D Azure Policy
Explanation Shared Access Signatures allow for granular access control by providing limited permissions to specified users.
Q105

What happens when you assign a high privileged role to a user in Azure?

  • A Access is denied immediately
  • B User can change roles for others
  • C User gains temporary permissions only
  • D User automatically loses existing roles
Explanation Assigning a high privileged role grants the user permissions to manage resources, including altering roles for others.
Q106

Which service provides Azure security posture management?

  • A Microsoft Defender for Cloud
  • B Azure Sentinel
  • C Azure Security Center
  • D Azure Monitor
Explanation Microsoft Defender for Cloud is the primary service for security posture management, while others focus on specific functionalities or monitoring.
Q107

A company needs to restrict access to sensitive information based on user roles. Which Azure feature is best suited for this need?

  • A Role-Based Access Control (RBAC)
  • B Azure Policies
  • C Network Security Groups (NSG)
  • D Application Security Groups (ASG)
Explanation RBAC allows for precise access control based on defined user roles, while the others serve different purposes.
Q108

You are configuring a Virtual Network in Azure. What happens if you try to create two subnets with overlapping address spaces?

  • A Creation succeeds without issues
  • B Creation fails with an error message
  • C Only one subnet gets created
  • D Resources within subnets become uncommunicable
Explanation Azure prohibits overlapping address spaces across subnets, leading to creation failure.
Q109

Which service provides advanced threat protection for Azure resources?

  • A Azure Defender
  • B Azure AD
  • C Azure Monitor
  • D Azure Site Recovery
Explanation Azure Defender offers advanced threat protection; others focus on different functions.
Q110

A company needs to secure its Azure Virtual Network. What is a best practice?

  • A Apply Network Security Groups
  • B Disable all public IPs
  • C Use only private endpoints
  • D Leave default security settings
Explanation Network Security Groups restrict traffic; other options may not fully secure the network.