Microsoft Azure

Microsoft Certified: Information Security Administrator Associate

SC-401

Achieve the SC-401 certification as an Information Security Administrator Associate.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 147

Q51

What happens when an Azure storage account is deleted?

  • A Data is permanently lost.
  • B Data is retained for 30 days.
  • C Data can be restored indefinitely.
  • D Only the blobs are deleted.
Explanation After deletion, Azure retains data for 30 days, allowing for restoration, while others are inaccurate.
Q52

Which Azure service is best for implementing firewall rules?

  • A Azure Firewall
  • B Azure VPN Gateway
  • C Azure Traffic Manager
  • D Azure Application Insights
Explanation Azure Firewall provides centralized policy management, while the others focus on other networking functionalities.
Q53

A company needs to manage permissions for multiple Azure resources. What should they use?

  • A Azure RBAC
  • B Azure Key Vault
  • C Azure Active Directory
  • D Azure Policy
Explanation Azure RBAC precisely controls access to resources, while the others serve different purposes.
Q54

You are configuring Azure DDoS Protection. What is the default recommendation for resource protection?

  • A Apply at the resource level
  • B Connect to the Azure region
  • C Enable for all virtual networks
  • D Enable resource-specific protection
Explanation Azure DDoS Protection should be applied at the virtual network level, covering resources within it.
Q55

Which Azure service is best for identifying and managing security vulnerabilities within your environment?

  • A Azure Security Center
  • B Azure Logic Apps
  • C Azure Active Directory
  • D Azure DevOps
Explanation Azure Security Center specializes in vulnerability management, while other options do not focus on security posture.
Q56

A company needs to ensure that sensitive data is shared only among designated users. Which feature would best accomplish this?

  • A Role-Based Access Control
  • B Network Security Groups
  • C Azure Firewall
  • D Virtual Private Network
Explanation Role-Based Access Control effectively restricts data access; other options focus on network security.
Q57

What happens when an Azure Monitor alert is triggered?

  • A It automatically patches the VM
  • B It can invoke an action, like sending an email
  • C It performs a system reboot
  • D It logs the incident only
Explanation Triggered alerts can initiate actions, while other options are incorrect operational responses to an alert.
Q58

What Azure service provides built-in security recommendations?

  • A Azure Security Center
  • B Azure Monitor
  • C Azure Static Web Apps
  • D Azure DevOps Pipelines
Explanation Azure Security Center offers security recommendations, while the others focus on monitoring or development processes.
Q59

A company needs to ensure sensitive data stored in Azure is encrypted at rest. Which feature should they enable?

  • A Managed Disk Encryption
  • B Firewall Rules
  • C Network Security Groups
  • D Service Endpoints
Explanation Managed Disk Encryption is specifically designed for encrypting data at rest, unlike the other options which manage access or network configurations.
Q60

You are configuring Azure Policy for resource compliance. What will happen if a non-compliant resource is discovered?

  • A Immediate deletion of the resource
  • B The resource will become exempt
  • C Notification will be sent to the admin
  • D The resource will be automatically updated
Explanation Azure Policy sends notifications for non-compliant resources but does not automatically delete or update them.