Microsoft Azure

Microsoft Security, Compliance, and Identity Fundamentals

SC-900
Popular

Prepare for the SC-900 exam to validate your knowledge in Security, Compliance, and Identity Fundamentals.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 150

Q51

You are configuring Azure Policy and need to deny specific VM sizes. What is an important outcome of this configuration?

  • A Policy will only apply to new resources
  • B Non-compliant VMs will be deleted
  • C Policy is ignored during deployment
  • D Deployment of those sizes will be blocked
Explanation Policies block non-compliance; deletion does not occur automatically.
Q52

Which service provides advanced threat protection in Azure?

  • A Azure Security Center
  • B Azure Load Balancer
  • C Azure SQL Database
  • D Azure Virtual Network
Explanation Azure Security Center offers threat protection, while others provide different functionalities.
Q53

A company needs to ensure that only certain users can access sensitive data in Azure. Which feature should they use?

  • A Network Security Groups
  • B Role-Based Access Control (RBAC)
  • C Azure Active Directory SSO
  • D Azure Backup
Explanation RBAC restricts access based on roles, unlike the other options which do not manage access control.
Q54

What happens when an Azure resource is tagged with a specific label?

  • A Resource becomes more secure
  • B It receives lower costs automatically
  • C It can be organized or categorized
  • D Performance is improved significantly
Explanation Tags help organize resources but do not affect security, cost, or performance directly.
Q55

Which Azure service provides unified security management?

  • A Microsoft Defender 365
  • B Azure Security Center
  • C Azure Policy
  • D Azure Monitor
Explanation Azure Security Center offers centralized security management, while others serve different functions.
Q56

A company needs to ensure that only specific employees can access sensitive data in Azure Storage. What should they use?

  • A Managed Identity
  • B Azure Role-Based Access Control
  • C Network Security Group
  • D Azure Firewall
Explanation Azure Role-Based Access Control allows fine-grained access management, unlike the other options which do not address user permissions directly.
Q57

You are configuring Azure Policy. What happens if a resource does not comply with the policy?

  • A Nothing, it's ignored
  • B The resource is deleted
  • C An audit entry is logged
  • D The resource is immediately flagged
Explanation When non-compliance occurs, Azure Policy logs an audit entry; it neither deletes nor immediately flags resources.
Q58

Which Azure service provides a sandboxed environment for testing code?

  • A Azure DevTest Labs
  • B Azure Functions
  • C Azure Logic Apps
  • D Azure API Management
Explanation Azure DevTest Labs is specifically designed for creating test environments, unlike the others.
Q59

A company needs to ensure that all users must use multi-factor authentication (MFA). What Azure feature should they implement?

  • A Conditional Access
  • B Identity Protection
  • C Privileged Identity Management
  • D Access Reviews
Explanation Conditional Access policies can enforce MFA based on user conditions.
Q60

You are configuring Azure Active Directory Identity Protection. What happens if 'user risk policy' grants access anyway?

  • A Access is fully secure.
  • B Access will prompt for MFA.
  • C Access is logged but unrestricted.
  • D Access will be denied.
Explanation If access is granted, a prompt for MFA can be configured, ensuring a security layer.