Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 31–40 of 147

Q31

Which service is primarily used for integrating security into CI/CD workflows?

  • A Azure DevOps
  • B Azure Monitor
  • C Azure Logic Apps
  • D Azure Sentinel
Explanation Azure DevOps provides tools for CI/CD with security integrations, while the others focus on monitoring or automation.
Q32

A company needs to ensure compliance with data sovereignty laws. Which Azure offering is best suited for this purpose?

  • A Azure Key Vault
  • B Azure Storage
  • C Azure Policy
  • D Azure Regions
Explanation Choosing the correct Azure Region ensures data residency and compliance with local laws, unlike the other options which manage keys or policies.
Q33

What happens when Azure AD user logins exceed the allowed limit within a timeframe?

  • A User gets notified via email
  • B Account is locked for 30 minutes
  • C User can reset password immediately
  • D Login attempts are logged but not restricted
Explanation Exceeding login attempts triggers temporary account lockout for security, whereas the other options do not effectively prevent unauthorized access.
Q34

Which Azure service provides centralized logging and analytics?

  • A Azure Monitor
  • B Azure Security Center
  • C Azure Key Vault
  • D Azure Active Directory
Explanation Azure Monitor offers logging and analytics capabilities; the others serve different functions.
Q35

A company needs to ensure that sensitive data is encrypted in transit. What should they implement?

  • A SSL/TLS
  • B Data Loss Prevention
  • C Azure Firewall
  • D Azure Policy
Explanation SSL/TLS encrypts data in transit; the others target different security aspects.
Q36

You are configuring a multi-factor authentication policy. What must you consider?

  • A User location restrictions
  • B Device type management
  • C User password expirations
  • D Application permissions management
Explanation User location restrictions are critical for MFA; the others do not directly influence MFA policy.
Q37

Which Azure service provides built-in DDoS protection?

  • A Azure Front Door
  • B Azure DDoS Protection
  • C Azure Traffic Manager
  • D Azure Notifications
Explanation Azure DDoS Protection specifically provides DDoS mitigation, while the others serve different purposes.
Q38

A company needs to analyze security logs sent from Azure resources. What should they configure?

  • A Azure Blob Storage
  • B Azure Sentinel
  • C Azure Functions
  • D Azure VPN Gateway
Explanation Azure Sentinel is designed for security log analysis, while the others are unrelated to security analytics.
Q39

You are configuring Azure Key Vault. What happens if a user does not have permission to access a secret?

  • A The secret is deleted
  • B Access is logged
  • C An error is returned
  • D The secret is shared
Explanation If a user lacks permissions, Azure Key Vault returns an error rather than deleting or sharing the secret.
Q40

Which Azure service provides security for APIs?

  • A Azure API Management
  • B Azure Functions
  • C Azure Logic Apps
  • D Azure App Services
Explanation Azure API Management facilitates security features like authentication and rate limiting, while the other options do not solely focus on API security.