FreeCram
  1. Home
  2. Microsoft
  3. Microsoft Cybersecurity Architect
  4. Microsoft.SC-100.v2024-09-30.q71
  5. Question 19
<< Prev Question Next Question >>

Question 19/71

You have the following on-premises servers that run Windows Server:
* Two domain controllers in an Active Directory Domain Services (AD DS) domain
* Two application servers named Server1 and Server2 that run ASP.NET web apps
* A VPN server named Server3 that authenticates by using RADIUS and AD DS End users use a VPN to access the web apps over the internet.
You need to redesign a user access solution to increase the security of the connections to the web apps. The solution must minimize the attack surface and follow the Zero Trust principles of the Microsoft Cybersecurity Reference Architectures (MCRA).
What should you include in the recommendation?

Recent Comments (The most recent comments are at the top.)

sam - Jan 17, 2025

C

The Zero Trust model emphasizes never trusting and always verifying, regardless of whether something is inside or outside the corporate network. It minimizes reliance on traditional network security boundaries and instead focuses on identities, endpoints, and resources.In the given scenario, the main goal is to increase the security of connections to the web apps, aligning with the Zero Trust principles.Option A would align well with these requirements. Azure AD Application Proxy provides secure remote access to your on-premises applications. It allows users to access their apps from anywhere without having to connect to the VPN and enables additional security features like Conditional Access and MFA.
This solution minimizes the attack surface by eliminating the need to expose the web applications directly to the internet and follows the Zero Trust principles of MCRA, making it the appropriate recommendation

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (71q)
Question 1: You have an Azure AD tenant that syncs with an Active Direct...
Question 2: Your company has a hybrid cloud infrastructure. The company ...
Question 3: You have 50 Azure subscriptions. You need to monitor resourc...
Question 4: You are designing a new Azure environment based on the secur...
Question 5: You have an Azure subscription that has Microsoft Defender f...
Question 6: Your company has a Microsoft 365 subscription and uses Micro...
1 commentQuestion 7: You use Azure Pipelines with Azure Repos to implement contin...
1 commentQuestion 8: You have an Azure SQL database named DB1 that contains custo...
Question 9: You are designing the encryption standards for data at rest ...
1 commentQuestion 10: You have a Microsoft 365 subscription that syncs with Active...
1 commentQuestion 11: Your company is developing a serverless application in Azure...
Question 12: You have an Azure subscription. The subscription contains 10...
Question 13: You are designing security for a runbook in an Azure Automat...
Question 14: Your company has on-premises Microsoft SQL Server databases....
Question 15: You are designing security for an Azure landing zone. Your c...
Question 16: You are designing a security strategy for providing access t...
Question 17: You have a Microsoft 365 subscription. You are designing a u...
Question 18: You have an Azure subscription that has Microsoft Defender f...
1 commentQuestion 19: You have the following on-premises servers that run Windows ...
1 commentQuestion 20: Your company plans to evaluate the security of its Azure env...
Question 21: Your company has a Microsoft 365 E5 subscription, an Azure s...
1 commentQuestion 22: You need to recommend a solution for securing the landing zo...
Question 23: You have an Azure subscription. The subscription contains an...
Question 24: You are designing a security operations strategy based on th...
1 commentQuestion 25: To meet the application security requirements, which two aut...
1 commentQuestion 26: You need to recommend a multi-tenant and hybrid security sol...
Question 27: You are designing a security operations strategy based on th...
Question 28: You need to design a solution to provide administrators with...
Question 29: Your company plans to provision blob storage by using an Azu...
1 commentQuestion 30: You receive a security alert in Microsoft Defender for Cloud...
1 commentQuestion 31: You need to recommend a solution to meet the security requir...
Question 32: Your company has an on-premises network, an Azure subscripti...
1 commentQuestion 33: You have an Azure subscription. The subscription contains 50...
1 commentQuestion 34: You are designing the security standards for containerized a...
1 commentQuestion 35: You are designing the security architecture for a cloud-only...
Question 36: You are creating an application lifecycle management process...
1 commentQuestion 37: You have legacy operational technology (OT) devices and loT ...
Question 38: You need to recommend a solution to evaluate regulatory comp...
Question 39: Your company is designing an application architecture for Az...
Question 40: Your company wants to optimize using Microsoft Defender for ...
1 commentQuestion 41: You have an Azure subscription. You have a DNS domain named ...
Question 42: You use Azure Pipelines with Azure Repos to implement contin...
Question 43: You have an Azure subscription. Your company has a governanc...
Question 44: A customer has a hybrid cloud infrastructure that contains a...
1 commentQuestion 45: A customer follows the Zero Trust model and explicitly verif...
1 commentQuestion 46: You need to recommend a solution to secure the MedicalHistor...
Question 47: You design cloud-based software as a service (SaaS) solution...
Question 48: You have an Azure AD tenant that contains 10 Windows 11 devi...
Question 49: You are designing a security strategy for providing access t...
Question 50: You have an Azure subscription that has Microsoft Defender f...
Question 51: Your company finalizes the adoption of Azure and is implemen...
Question 52: Your company is moving a big data solution to Azure. The com...
1 commentQuestion 53: You are planning the security levels for a security access s...
Question 54: You have an Azure subscription that contains several storage...
1 commentQuestion 55: You have a Microsoft 365 tenant. Your company uses a third-p...
Question 56: You are creating the security recommendations for an Azure A...
Question 57: Your company uses Azure Pipelines and Azure Repos to impleme...
Question 58: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 59: You have a Microsoft 365 tenant. Your company uses a third-p...
Question 60: Your company has devices that run either Windows 10, Windows...
Question 61: A customer uses Azure to develop a mobile app that will be c...
Question 62: You need to recommend a solution to meet the requirements fo...
Question 63: Your company has an Azure App Service plan that is used to d...
Question 64: You have an Active Directory Domain Services (AD DS) domain ...
Question 65: What should you create in Azure AD to meet the Contoso devel...
Question 66: Your company plans to apply the Zero Trust Rapid Modernizati...
Question 67: Your on-premises network contains an e-commerce web app that...
Question 68: Your company has a Microsoft 365 E5 subscription. The Chief ...
Question 69: You need to recommend a SIEM and SOAR strategy that meets th...
1 commentQuestion 70: You have Microsoft Defender for Cloud assigned to Azure mana...
Question 71: You have a Microsoft 365 subscription. You need to design a ...