Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 111–120 of 147

Q111

You are configuring Azure Key Vault. What happens if you delete a key?

  • A It is permanently deleted
  • B It's soft-deleted and restorable
  • C Key access is revoked
  • D No effect on stored secrets
Explanation Soft-delete allows restoration after deletion; others misrepresent the key behavior.
Q112

Which Azure service is best for identity management?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Functions
  • D Azure Virtual Network
Explanation Azure Active Directory is designed for managing identities, unlike the other options.
Q113

A company needs to protect sensitive data in Azure. Which encryption is recommended at rest?

  • A Application-level encryption
  • B Encryption by third parties
  • C Azure-managed encryption at rest
  • D Basic file permissions
Explanation Azure-managed encryption at rest provides built-in security for stored data, while others are less effective.
Q114

What happens when an Azure RBAC role is assigned to a user?

  • A User gains permissions for all resources
  • B User has access to none of the resources
  • C User can access only assigned resources
  • D User's entire Azure subscription is unlocked
Explanation RBAC roles grant specific permissions to designated resources, ensuring controlled access.
Q115

Which service provides integrated security management across Azure?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Sentinel
  • D Azure Active Directory
Explanation Azure Security Center offers unified security management; others focus on logging or identity management.
Q116

A company needs to limit access to its storage account based on the user’s role. What should they implement?

  • A Shared Access Signatures
  • B Role-Based Access Control
  • C Network Security Groups
  • D Private Endpoints
Explanation Role-Based Access Control is designed to manage user permissions based on roles, while others address different aspects of access.
Q117

What happens when Azure Active Directory conditional access policies are not met?

  • A Access is granted sensitively
  • B Access is denied
  • C User must reset password
  • D Device will be automatically encrypted
Explanation Access is denied when policies are not fulfilled; other options do not reflect conditional access behavior.
Q118

Which service is best for identity management in Azure?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Machines
  • D Azure Functions
Explanation Azure Active Directory provides robust identity management, while the others serve different purposes.
Q119

A company needs to monitor and respond to security threats in real-time. What service should they implement?

  • A Azure Monitor
  • B Azure Security Center
  • C Azure DevOps
  • D Azure SQL Database
Explanation Azure Security Center is designed for threat detection and monitoring, unlike the other options.
Q120

What happens when you set a low access policy in Azure Storage?

  • A Data encryption increases
  • B Access to data is restricted
  • C Data retrieval time decreases
  • D No change in data security
Explanation A low access policy restricts data access to enhance security, contrary to the other options.