Valid SC-100 Dumps shared by ExamDiscuss.com for Helping Passing SC-100 Exam! ExamDiscuss.com now offer the newest SC-100 exam dumps, the ExamDiscuss.com SC-100 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SC-100 dumps with Test Engine here:
Access SC-100 Dumps Premium Version
(230 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 45/74
Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework for Azure.
You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud Adoption Framework for Azure.
What should you use to start the threat modeling process?
You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud Adoption Framework for Azure.
What should you use to start the threat modeling process?
Correct Answer: A
- Question List (74q)
- Question 1: You have an Azure AD tenant that syncs with an Active Direct...
- 1 commentQuestion 2: Your company has an Azure subscription that has enhanced sec...
- Question 3: You have an Azure AD tenant that syncs with an Active Direct...
- Question 4: You open Microsoft Defender for Cloud as shown in the follow...
- Question 5: You are designing the encryption standards for data at rest ...
- 1 commentQuestion 6: You use Azure Pipelines with Azure Repos to implement contin...
- Question 7: You are evaluating the security of ClaimsApp. For each of th...
- Question 8: You have an Azure subscription that contains a Microsoft Sen...
- Question 9: Your company has an office in Seattle. The company has two A...
- 1 commentQuestion 10: Your company has devices that run either Windows 10, Windows...
- 1 commentQuestion 11: You have an Azure subscription that contains virtual machine...
- Question 12: A customer has a hybrid cloud infrastructure that contains a...
- Question 13: You have an operational model based on the Microsoft Cloud A...
- Question 14: You have an Azure subscription that has Microsoft Defender f...
- Question 15: You have a Microsoft 365 subscription and an Azure subscript...
- 1 commentQuestion 16: Your company has a multi-cloud environment that contains a M...
- 1 commentQuestion 17: Your company plans to evaluate the security of its Azure env...
- Question 18: You have legacy operational technology (OT) devices and loT ...
- 1 commentQuestion 19: You have an Azure subscription. The subscription contains 10...
- 1 commentQuestion 20: Your company plans to follow DevSecOps best practices of the...
- Question 21: You plan to deploy a dynamically scaling, Linux-based Azure ...
- 1 commentQuestion 22: What should you create in Azure AD to meet the Contoso devel...
- 2 commentQuestion 23: You have an Azure subscription that has Microsoft Defender f...
- 1 commentQuestion 24: You are designing a security operations strategy based on th...
- Question 25: You are designing security for a runbook in an Azure Automat...
- Question 26: You have an Azure subscription that has Microsoft Defender f...
- Question 27: You need to recommend a solution to meet the security requir...
- Question 28: Your company uses Microsoft Defender for Cloud and Microsoft...
- Question 29: A customer follows the Zero Trust model and explicitly verif...
- Question 30: Your company is preparing for cloud adoption. You are design...
- 1 commentQuestion 31: You have a customer that has a Microsoft 365 subscription an...
- Question 32: You have an on-premises server that runs Windows Server and ...
- 1 commentQuestion 33: You are designing a security operations strategy based on th...
- 1 commentQuestion 34: You have a Microsoft 365 E5 subscription that uses Microsoft...
- Question 35: You have an Azure subscription. The subscription contains an...
- Question 36: Your company has an on-premises network, an Azure subscripti...
- 1 commentQuestion 37: Your company is designing an application architecture for Az...
- 1 commentQuestion 38: You use Azure Pipelines with Azure Repos to implement contin...
- Question 39: You are creating the security recommendations for an Azure A...
- Question 40: Note: This question is part of a series of questions that pr...
- Question 41: Your company is moving all on-premises workloads to Azure an...
- 1 commentQuestion 42: You are designing a new Azure environment based on the secur...
- 1 commentQuestion 43: Your company, named Contoso. Ltd... has an Azure AD tenant n...
- 1 commentQuestion 44: Your company plans to deploy several Azure App Service web a...
- 2 commentQuestion 45: Your company plans to follow DevSecOps best practices of the...
- Question 46: You need to recommend a solution to meet the compliance requ...
- 1 commentQuestion 47: You have a multi-cloud environment that contains an Azure su...
- 1 commentQuestion 48: You have an Azure subscription and an on-premises datacenter...
- 1 commentQuestion 49: For a Microsoft cloud environment, you are designing a secur...
- 1 commentQuestion 50: You have a Microsoft 365 E5 subscription and an Azure subscr...
- Question 51: Your company plans to apply the Zero Trust Rapid Modernizati...
- 1 commentQuestion 52: Your company is developing an invoicing application that wil...
- Question 53: Your company has a Microsoft 365 E5 subscription. The Chief ...
- 1 commentQuestion 54: Your company is migrating data to Azure. The data contains P...
- Question 55: You have an Azure subscription that contains several storage...
- Question 56: You need to recommend an identity security solution for the ...
- 1 commentQuestion 57: You need to recommend a solution to evaluate regulatory comp...
- 1 commentQuestion 58: You have a Microsoft 365 subscription and an Azure subscript...
- Question 59: You have an Azure AD tenant that contains 10 Windows 11 devi...
- Question 60: You need to design a solution to provide administrators with...
- 1 commentQuestion 61: You have Windows 11 devices and Microsoft 365 E5 licenses. Y...
- Question 62: You have a hybrid cloud infrastructure. You plan to deploy t...
- Question 63: You need to design a strategy for securing the SharePoint On...
- 1 commentQuestion 64: Your company wants to optimize using Microsoft Defender for ...
- Question 65: You have an Azure subscription. Your company has a governanc...
- 1 commentQuestion 66: You are designing the security standards for a new Azure env...
- 1 commentQuestion 67: You have an Azure subscription that has Microsoft Defender f...
- Question 68: You are designing the encryption standards for data at rest ...
- 1 commentQuestion 69: Your company develops several applications that are accessed...
- Question 70: You are designing the encryption standards for data at rest ...
- Question 71: A customer has a hybrid cloud infrastructure that contains a...
- 1 commentQuestion 72: You are designing a security strategy for providing access t...
- Question 73: Your company develops several applications that are accessed...
- Question 74: You have a Microsoft 365 tenant. Your company uses a third-p...
Recent Comments (The most recent comments are at the top.)
Microsoft Cloud Adoption Framework and Threat Modeling:
The Microsoft Cloud Adoption Framework for Azure emphasizes secure development practices, which include threat modeling as an integral part of DevSecOps.
Threat modeling identifies potential threats early in the development process, allowing teams to address them proactively.
Why STRIDE?
The STRIDE model is recommended by Microsoft for threat modeling because it provides a top-down approach to identifying threats. STRIDE stands for:
Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Elevation of Privilege
STRIDE is particularly effective in cloud environments for identifying and mitigating risks at various levels of the architecture.
Why Not the Others?
B. DREAD model:
The DREAD model is a risk-ranking framework used to prioritize threats based on Damage, Reproducibility, Exploitability, Affected users, and Discoverability.
While useful for ranking risks, it is not used for initiating threat modeling in a top-down approach.
C. OWASP threat modeling:
OWASP provides excellent resources and frameworks for secure development, but Microsoft's recommendation for threat modeling in Azure environments specifically emphasizes the STRIDE model as a starting point....
B. the STRIDE model