Microsoft Azure

Microsoft Security, Compliance, and Identity Fundamentals

SC-900
Popular

Prepare for the SC-900 exam to validate your knowledge in Security, Compliance, and Identity Fundamentals.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 121–130 of 150

Q121

Which service helps protect against DDoS attacks in Azure?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Security Center
  • D Azure Sentinel
Explanation Azure DDoS Protection is specifically designed to mitigate DDoS attacks; the others serve different security purposes.
Q122

A company needs to control access to sensitive data with least privilege. What should they implement?

  • A Privileged Identity Management
  • B Azure VPN Gateway
  • C Azure Blob Storage
  • D Azure Policy
Explanation Privileged Identity Management ensures least privilege for sensitive access, while the others do not directly manage access controls.
Q123

What happens when IAM roles are assigned to a user in Azure?

  • A User gains permissions defined in roles
  • B User cannot access any resource
  • C User loses all existing permissions
  • D User's access is time-limited
Explanation Assigning IAM roles grants the user the permissions specified in those roles, while others incorrectly suggest loss or restrictions on access.
Q124

Which service provides unified endpoint management in Microsoft Azure?

  • A Microsoft Intune
  • B Azure Functions
  • C Azure Front Door
  • D Azure Logic Apps
Explanation Microsoft Intune is designed for endpoint management, whereas the others serve different purposes.
Q125

A company needs to secure access to Azure resources based on user roles. What should they implement?

  • A Network Security Groups
  • B Azure Active Directory Roles
  • C Azure Key Vault
  • D Azure Log Analytics
Explanation Azure Active Directory Roles help in managing roles and permissions, while others do not achieve this goal.
Q126

What happens when you assign a role to a user in Azure?

  • A User gains full account access
  • B User can access resources as per role
  • C User loses all current permissions
  • D User cannot access any resources
Explanation Assigning a role grants access as per defined permissions specific to that role.
Q127

Which service in Azure provides identity protection features?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure DevOps
  • D Azure Logic Apps
Explanation Azure Active Directory offers identity protection features, while the others are focused on storage, development, and automation.
Q128

A company needs to comply with GDPR. Which Azure service can help with compliance assessments?

  • A Microsoft Sentinel
  • B Azure Security Center
  • C Microsoft Compliance Manager
  • D Azure Monitor
Explanation Microsoft Compliance Manager helps organizations assess compliance, unlike the others that focus on different aspects of security and performance.
Q129

What happens when you enable MFA in Azure Active Directory?

  • A All users are removed from the directory
  • B Access requests will always be denied
  • C Users must verify identity with two methods
  • D Password complexity requirements are enforced
Explanation MFA requires users to verify their identity with two methods; the other options describe incorrect scenarios.
Q130

Which service offers threat detection and response in Azure?

  • A Azure Security Center
  • B Azure Blob Storage
  • C Azure Data Factory
  • D Azure Virtual Network
Explanation Azure Security Center provides advanced threat detection, while the others serve different functionalities.