Microsoft Azure

Microsoft Security, Compliance, and Identity Fundamentals

SC-900
Popular

Prepare for the SC-900 exam to validate your knowledge in Security, Compliance, and Identity Fundamentals.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 21–30 of 150

Q21

What happens when a user is assigned a role in Azure RBAC?

  • A They receive unlimited access immediately
  • B Their access is enhanced without auditing
  • C They get specific permissions based on the role
  • D They can bypass security policies
Explanation In Azure RBAC, users get permissions specific to the assigned role.
Q22

Which service provides identity protection in Azure?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Active Monitor
  • D Azure DevOps
Explanation Azure Active Directory offers identity management solutions, while the others do not focus on identity protection.
Q23

A company needs to assign roles to employees for resource accesses. What is the best approach?

  • A Use Azure Policies
  • B Implement RBAC
  • C Set up Network Security Groups
  • D Apply Resource Locks
Explanation Role-Based Access Control (RBAC) efficiently manages role assignments, while the others don't focus specifically on access control.
Q24

What happens when an Azure resource is tagged with 'Environment: Production'?

  • A Increased security automatically
  • B Limited access to only admins
  • C Resource costs are lowered
  • D Classification for management purposes
Explanation Tags are used for organizing and managing resources, while the others imply actions that tagging does not initiate.
Q25

Which Azure service primarily manages user identities?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Machines
  • D Azure Functions
Explanation Azure Active Directory is the identity management service, while others serve different purposes.
Q26

A company needs to share files securely with partners while maintaining control. Which Azure service should they use?

  • A Azure Storage Account
  • B Azure Information Protection
  • C Azure VPN Gateway
  • D Azure Monitor
Explanation Azure Information Protection allows secure file sharing with control, unlike the others which do not focus on security issues specifically.
Q27

What happens when a resource in Azure is assigned multiple role-based access control (RBAC) roles?

  • A Access is combined, maintaining least privilege
  • B Access is restricted to highest role only
  • C Access is denied
  • D Access becomes segmented
Explanation Access is combined, allowing permissions from all assigned roles, whereas other options misrepresent RBAC functioning.
Q28

Which Azure service helps protect applications from DDoS attacks?

  • A Azure DDoS Protection
  • B Azure Firewall
  • C Azure Sentinel
  • D Azure Application Gateway
Explanation Azure DDoS Protection mitigates DDoS attacks, while others serve different purposes.
Q29

You are configuring Azure Policies for a large organization. What is the primary purpose of these policies?

  • A Monitor user activity
  • B Enforce governance across resources
  • C Manage billing and costs
  • D Deploy applications automatically
Explanation Azure Policies ensure compliance and governance, unlike the other options focused on different functions.
Q30

What happens when an Azure Resource Manager (ARM) resource's role is assigned to 'Reader'?

  • A Can modify the resource
  • B Can delete the resource
  • C Can view the resource
  • D Can create new resources
Explanation The 'Reader' role allows viewing but not modification or deletion.