Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 147

Q41

A company needs to control user access to an application deployed in Azure. What should they use?

  • A Azure Network Security Groups
  • B Azure Active Directory
  • C Azure Virtual Network
  • D Azure Blob Storage
Explanation Azure Active Directory provides identity management and access control, unlike the other options which focus on networking or storage management.
Q42

You are configuring Azure Security Center. What happens when you enable continuous export?

  • A Exports compliance data only
  • B Sends alerts to all users
  • C Exports security recommendations only
  • D Exports security alerts and recommendations
Explanation Enabling continuous export sends both security alerts and recommendations, unlike the others which are incomplete scopes.
Q43

Which service can help with Azure Security Center recommendations?

  • A Azure Policy
  • B Azure Sentinel
  • C Azure Firewall
  • D Azure Key Vault
Explanation Azure Policy helps ensure compliance by applying security recommendations, unlike others which serve different purposes.
Q44

A company needs to prevent unauthorized access to its Azure resources. Which approach should it adopt?

  • A Utilize RBAC
  • B Enable Public Access
  • C Use Storage Analytics
  • D Set Up VNet Peering
Explanation Utilizing Role-Based Access Control (RBAC) restricts access effectively, while others do not focus on access management.
Q45

What happens when a user exceeds their Azure subscription limits?

  • A Services are denied provisioning
  • B Account is automatically suspended
  • C Resources are upgraded automatically
  • D Usage is doubled without charge
Explanation Exceeding subscription limits results in provisioning denial, while others are not correct scenarios.
Q46

Which Azure service provides secure access to applications without a VPN?

  • A Azure Bastion
  • B Azure AD Conditional Access
  • C Azure Firewall
  • D Azure Front Door
Explanation Azure Bastion allows secure access to applications via RDP/SSH without requiring a VPN; the others serve different purposes like access control and routing.
Q47

A company needs to automatically evaluate security alerts in Azure. Which service should they use?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Sentinel
  • D Azure Policy
Explanation Azure Sentinel uses AI to evaluate and respond to security alerts automatically; the other options do not focus on security event management.
Q48

What happens when you delete an Azure Key Vault?

  • A All secrets are deleted immediately
  • B Vault goes into a soft-delete state
  • C Vault can never be recovered
  • D Users lose access to Azure resources
Explanation When deleted, an Azure Key Vault enters a soft-delete state for recovery, while the other options incorrectly state the deletion outcome.
Q49

Which Azure service is best for managing identity access?

  • A Azure Active Directory
  • B Azure Storage
  • C Azure VM
  • D Azure Functions
Explanation Azure Active Directory manages user identities and access, while the others serve different purposes.
Q50

A company needs to secure sensitive data in transit. What Azure feature should they use?

  • A Azure Firewall
  • B Network Security Groups
  • C VPN Gateway
  • D DDoS Protection
Explanation A VPN Gateway provides secure connections, while the others enhance security but do not specifically encrypt traffic.