Online Access Free SC-100 Exam Questions

I googled SC-100 Answers and found you.

No.# B. Always Encrypted

No.# To apply Zero Trust principles to OT and IoT devices while minimizing business disruptions, the recommended methodologies are:

Threat Monitoring for proactive threat detection.
Passive Traffic Monitoring to analyze device communications non-intrusively.

No.# B. threat intelligence reports in Defender for Cloud
D. Microsoft Sentinel threat intelligence workbooks
Explanation:
B. Threat intelligence reports in Defender for Cloud likely contain detailed information about security events and often include remediation guidance, which aligns with the requirement for additional information and remediation suggestions during alert triage.
D. Microsoft Sentinel threat intelligence workbooks provide interactive dashboards that offer insights into threat intelligence data. These workbooks can be customized to visualize key information about security events and potentially include remediation suggestions.

No.# Microsoft Entra Identity Governance

Microsoft Entitlement Management, part of Azure AD Identity Governance, allows you to implement access reviews and request workflows for applications, including third-party SaaS apps like App1. With this solution, you can configure self-service access requests, request approval workflows, and access reviews. Users can request access to App1, provide additional information during the request, and managers can periodically review and verify access.

Connected apps in Microsoft Defender for Cloud Apps and . Access policies in Microsoft Defender for Cloud Apps are more focused on the security and monitoring aspects of cloud applications but do not provide the specific access request and review workflows required for this scenario.

No.# Specialized security provides increased security controls for roles with an elevated business impact (if compromised by an attacker or malicious insider).
Specialized roles typically include:
- Developers of business critical systems.

https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-security-levels#enterprise
Enterprise security is suitable for all enterprise users and productivity scenarios. In the progression of the rapid modernization plan, enterprise also serves as the starting point for specialized and privileged access as they progressively build on the security controls in enterprise security.
Privileged security is the highest level of security designed for roles that could easily cause a major incident and potential material damage to the organization in the hands of an attacker or malicious insider. This level typically includes technical roles with administrative permissions on most or all enterprise systems (and sometimes includes a select few business critical roles)...

No.# Refreshing client access tokens (A) is crucial in a Zero Trust environment. After removing malware, new access tokens must be issued to ensure that the previously compromised credentials are no longer valid. This aligns with the Zero Trust principle of continuous verification and least privilege access8.
Microsoft Intune reporting the endpoints as compliant (B) is essential for verifying the security posture of the devices. In a Zero Trust model, endpoint verification is a key component to ensure that devices meet security requirements before granting access45. Intune can assess device health, patch levels, and security configurations, which are all critical factors in determining compliance in a Zero Trust framework.

No.# A
Microsoft Defender for App Service includes a built-in capability to detect and alert you about dangling DNS entries. Here's how it works:

Monitoring Deprovisioning: Defender for App Service monitors when an App Service web app is decommissioned or deleted.
DNS Record Check: It then checks if there are any custom domains (CNAME records) still pointing to that now-nonexistent web app.
Security Alert: If it finds such a dangling DNS entry, it generates a security alert to notify you of the potential subdomain takeover risk.

No.# DLP - Purview: For the requirement to enforce data loss prevention (DLP) policies that can be managed directly from the Microsoft 365 Defender portal, you should include Microsoft Purview in your recommendation.
UEBA - Identity Protection as it is cloud only environment - because Microsoft Defender for Identity (formerly Azure Advanced Threat Protection or Azure ATP) is a cloud-based security solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. To detect and respond to security threats based on User and Entity Behavior Analytics (UEBA) with unified alerting using Defender for Identity

No.# Supported host operating systems
Defender for Containers relies on the Defender sensor for several features. The Defender sensor is supported on the following host operating systems:

Amazon Linux 2
CentOS 8
Debian 10
Debian 11
Google Container-Optimized OS
Mariner 1.0
Mariner 2.0
Red Hat Enterprise Linux 8
Ubuntu 16.04
Ubuntu 18.04
Ubuntu 20.04
Ubuntu 22.04 URL: https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-containers?tabs=azure-aks#registries-and-images
A. Linux containers deployed to Azure Container Registry
Why? Microsoft Defender for Containers can scan images in Azure Container Registry (ACR) for vulnerabilities, regardless of whether the images are for Linux or Windows containers. Scanning occurs when images are pushed to the registry or on demand.
B. Linux containers deployed to Azure Kubernetes Service (AKS)
Why? Microsoft Defender for Containers includes support for Linux containers running on AKS. It provides vulnerability assessment and runtime protection for Linux-based workloads in AKS environments....

No.# The defender for servers with Qualys plan is deprecated as of May 1, 2024.
Microsoft recommends transitioning to the Microsoft Defender Vulnerability Management (MDVM) solution

No.# The security requirement this question wants us to meet is "The secure host must be provisioned from a custom operating system image."
https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-golden-image

No.# C is the correct answer. You should read Microburst toolkit - it is an open-source tool. Find Get-AZStorageKeysREST.ps1 it tries to enumerate all storage accounts then the respective storage keys. There is nothing to do with anonymous access here. Even if a storage account allows public acces you can't get the key without being authenticated and authorized.When you disallow Shared Key authorization for a storage account, Azure Storage rejects all subsequent requests to that account that are authorized with the account access keys. Only secured requests that are authorized with Microsoft Entra ID will succeed.

No.# Azure Lighthouse is used for centralizing Subscription Management
Answers should be Azure Lighthouse & Azure Arc

No.# A. Security Assertion Markup Language (SAML): SAML is commonly used for enabling single sign-on (SSO) for web applications. It allows users to authenticate once and access multiple applications without having to log in separately to each one. This helps improve security and user convenience.

D. Kerberos: Kerberos is an authentication protocol often used in Windows environments. It's commonly used for authenticating users within an Active Directory domain. It can be important for securing access to internal applications and services.

No.# B. an Azure Private DNS zone
It can host the required litware.com namespace
When combined with Private Endpoints for App Service, it enables VMs to communicate with web apps over the Microsoft backbone network instead of public endpoints
It's the only option that satisfies both stated requirements

No.# B. Microsoft Defender for Cloud

No.# C

The Zero Trust model emphasizes never trusting and always verifying, regardless of whether something is inside or outside the corporate network. It minimizes reliance on traditional network security boundaries and instead focuses on identities, endpoints, and resources.In the given scenario, the main goal is to increase the security of connections to the web apps, aligning with the Zero Trust principles.Option A would align well with these requirements. Azure AD Application Proxy provides secure remote access to your on-premises applications. It allows users to access their apps from anywhere without having to connect to the VPN and enables additional security features like Conditional Access and MFA.
This solution minimizes the attack surface by eliminating the need to expose the web applications directly to the internet and follows the Zero Trust principles of MCRA, making it the appropriate recommendation

No.# The Azure App Service Environment v2 is an Azure App Service feature that provides a fully isolated and dedicated environment for securely running App Service apps at high scale.It gives a single-tenant instance of the Azure App Service that runs right in your own Azure virtual network (VNet), providing network isolation and improved scaling capabilities.
App Service environments (ASEs) are appropriate for application workloads that require:
Very high scale,Isolation and secure network access,High memory utilization.This capability can host your:
Windows web apps,Linux web apps
Docker containers,Mobile apps
Functions

No.# The first step in the recovery plan, following Microsoft Security Best Practices, would be:

Disable Microsoft OneDrive sync and Exchange ActiveSync.

This step isolates the affected devices by stopping synchronization with Microsoft services (like OneDrive and Exchange) to prevent further spread of the ransomware or data encryption across other systems. Once the environment is isolated, further investigation and recovery actions can be taken.