Microsoft Azure

Microsoft Security, Compliance, and Identity Fundamentals

SC-900
Popular

Prepare for the SC-900 exam to validate your knowledge in Security, Compliance, and Identity Fundamentals.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 101–110 of 150

Q101

A company needs to manage user access across multiple Azure subscriptions. What should they implement?

  • A Azure Policy
  • B Azure Privileged Identity Management
  • C Azure Active Directory Management Groups
  • D Azure Resource Manager
Explanation Azure Active Directory Management Groups enable unified access management across subscriptions.
Q102

You are configuring Azure Data Lake Storage. What happens when you create a file without any access control lists (ACLs)?

  • A Everyone has full access by default
  • B No access for any users
  • C Only the creator has access
  • D Access is granted to all users
Explanation By default, only the creator has access when no ACLs are set for Azure Data Lake Storage files.
Q103

Which service provides identity and access management in Azure?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure Active Directory is specifically designed for identity and access management, while the others serve different functions.
Q104

A company needs to ensure compliance with GDPR while using Azure. Which Azure feature should they prioritize?

  • A Azure Sentinel
  • B Azure Compliance Manager
  • C Azure DevOps
  • D Azure Blob Storage
Explanation Azure Compliance Manager helps organizations track and manage compliance with regulations like GDPR, unlike the other options.
Q105

What happens when a user is deleted in Azure Active Directory?

  • A User data is permanently deleted
  • B User can be restored for 30 days
  • C User automatically reactivates after 90 days
  • D User is disabled but not deleted
Explanation In Azure AD, deleted users can be restored within 30 days; other options do not accurately describe the behavior.
Q106

Which service provides real-time threat protection in Azure?

  • A Azure Security Center
  • B Azure Blob Storage
  • C Azure CDN
  • D Azure Functions
Explanation Azure Security Center offers comprehensive security management and threat detection, while others serve different purposes.
Q107

A company needs to grant specific users access to Azure resources but restrict all other users. Which Azure feature should they use?

  • A Role-Based Access Control (RBAC)
  • B Azure Policy
  • C Network Security Groups
  • D Identity Protection
Explanation RBAC allows fine-grained access management for Azure resources, unlike the other options which serve different control functions.
Q108

You are configuring Azure AD Identity Protection. What happens if a user’s risk is flagged as high?

  • A User is automatically deleted.
  • B User's password must be reset.
  • C User is sign-in blocked until resolved.
  • D User is notified with no action taken.
Explanation A high-risk flag can block the user's sign-in to protect the account, while other options do not correctly reflect handled actions.
Q109

Which Azure service provides a centralized identity management solution?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Network
  • D Azure Kubernetes Service
Explanation Azure Active Directory centralizes identity management, while others focus on storage or networking.
Q110

A company needs to ensure sensitive data is not lost during cloud migration. Which concept should they prioritize?

  • A Data Redundancy
  • B Access Control
  • C Encryption in Transit
  • D Monitoring Services
Explanation Encryption in transit protects sensitive data during migration, unlike redundancy, access control, and monitoring, which are less directly related.