Microsoft Azure

Microsoft Security, Compliance, and Identity Fundamentals

SC-900
Popular

Prepare for the SC-900 exam to validate your knowledge in Security, Compliance, and Identity Fundamentals.

150 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 81–90 of 150

Q81

You are configuring policies in Azure. What happens when a policy is set to 'Deny'?

  • A The action is logged for monitoring
  • B The action is permitted without checking
  • C The action is denied by default
  • D The policy has no effect
Explanation A 'Deny' policy fails the request, while others misinterpret its function.
Q82

Which Azure service is primarily used for identity management?

  • A Azure Active Directory
  • B Azure Functions
  • C Azure Storage
  • D Azure Virtual Machines
Explanation Azure Active Directory is designed specifically for identity management; the others serve different functions.
Q83

A company needs to enforce conditional access for its remote workers. What should they implement?

  • A VPN-only access
  • B Multi-Factor Authentication
  • C Firewall rules
  • D Azure Policy
Explanation Multi-Factor Authentication is part of conditional access, while the others do not enforce conditions based on user context.
Q84

You are configuring data loss prevention (DLP) policies. What happens when a DLP rule is triggered?

  • A Data is deleted immediately
  • B User is notified only
  • C Restrictive actions apply
  • D No action is taken
Explanation Triggered DLP rules typically apply specific restrictive actions to protect data, not delete it or ignore it.
Q85

Which Azure service provides integrated threat protection?

  • A Microsoft Defender for Cloud
  • B Azure Security Center
  • C Azure Advisor
  • D Microsoft Sentinel
Explanation Microsoft Defender for Cloud offers integrated threat protection, while others focus on different aspects.
Q86

A company needs to control who can access its Azure resources based on their roles. Which feature should they use?

  • A Azure Role-Based Access Control
  • B Azure Subscription Management
  • C Azure Policy
  • D Azure Security Recommendations
Explanation Azure Role-Based Access Control manages access based on roles, unlike the other options.
Q87

You are configuring Azure Information Protection for sensitive documents. What happens when you classify a document as 'Confidential'?

  • A All users can access it
  • B It gets deleted automatically
  • C Restrictions are applied based on policy
  • D It becomes publicly available
Explanation Classifying as 'Confidential' applies restrictions based on configured policies.
Q88

Which service is primarily used for managing Azure identities?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Machines
  • D Azure Functions
Explanation Azure Active Directory is designed for identity management, while the others focus on storage, compute, or serverless functions.
Q89

A company needs to ensure their sensitive data is encrypted at rest. Which Azure service should be prioritized?

  • A Azure Key Vault
  • B Azure Blob Storage
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure Key Vault enables secure management of encryption keys, while the others don’t specifically handle key management or encryption.
Q90

What happens when a user exceeds their permissions in Azure?

  • A Access is automatically elevated
  • B An alert is generated
  • C Access is blocked
  • D User remains unaware
Explanation Access is blocked to maintain security; the other options imply unwanted behaviors that do not occur in Azure's security model.