Microsoft Cybersecurity Architect

Here you have the best Microsoft SC-100 practice exam questions

  • You have 185 total questions to study from
  • Each page has 5 questions, making a total of 37 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 16, 2024
Question 1 of 185

Your company has a Microsoft 365 ES subscription.

The Chief Compliance Officer plans to enhance privacy management in the working environment.

You need to recommend a solution to enhance the privacy management. The solution must meet the following requirements:

✑ Identify unused personal data and empower users to make smart data handling decisions.

✑ Provide users with notifications and guidance when a user sends personal data in Microsoft Teams.

✑ Provide users with recommendations to mitigate privacy risks.

What should you include in the recommendation?

    Correct Answer: C

    Privacy Risk Management in Microsoft Priva is specifically designed to help organizations manage and protect personal data. It allows you to set up policies that identify privacy risks, detect overexposed personal data, and help users secure it. Additionally, it can spot and limit data transfers and provide remediation options directly to users through notifications and guidance, empowering them to make informed data handling decisions. This makes it the best solution to meet the requirements of identifying unused personal data, offering user notifications and guidance, and providing risk mitigation recommendations.

Question 2 of 185

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

Suspicious authentication activity alerts have been appearing in the Workload protections dashboard.

You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort.

What should you include in the recommendation?

    Correct Answer: D

    Azure Logic Apps is a cloud-based platform for creating and running automated workflows that integrate your apps, data, services, and systems. This solution allows you to quickly develop scalable integration solutions without extensive development effort. The workflow automation feature of Microsoft Defender for Cloud can trigger Logic Apps on security alerts, recommendations, and changes to regulatory compliance, making it the most suitable choice for evaluating and remediating the alerts with minimal development effort.

Question 3 of 185

Your company is moving a big data solution to Azure.

The company plans to use the following storage workloads:

✑ Azure Storage blob containers

✑ Azure Data Lake Storage Gen2

Azure Storage file shares -

✑ Azure Disk Storage

Which two storage workloads support authentication by using Azure Active Directory (Azure AD)? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

    Correct Answer: C, D

    Azure Storage blob containers and Azure Data Lake Storage Gen2 both support authentication using Azure Active Directory (Azure AD). For Azure Storage blob containers, Azure AD can be used to authorize requests to blob data through role-based access control with OAuth 2.0 token-based authentication. Similarly, Azure Data Lake Storage Gen2 supports secure data access with Azure AD using OAuth 2.0 tokens and authorization policies applied via Azure role-based access control. Azure Disk Storage and Azure Storage file shares, while having their own methods of authentication, are not primarily authenticated using Azure AD in the context of the given requirements.

Question 4 of 185

HOTSPOT -

Your company is migrating data to Azure. The data contains Personally Identifiable Information (PII).

The company plans to use Microsoft Information Protection for the PII data store in Azure.

You need to recommend a solution to discover PII data at risk in the Azure resources.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

    Correct Answer:

    Box 1: Azure Purview -

    Microsoft Purview is a unified data governance service that helps you manage and govern your on-premises, multi-cloud, and software-as-a-service (SaaS) data.

    Microsoft Purview allows you to:

    Create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage.

    Enable data curators to manage and secure your data estate.

    Empower data consumers to find valuable, trustworthy data.

    Box 2: Microsoft Defender for Cloud

    Microsoft Purview provides rich insights into the sensitivity of your data. This makes it valuable to security teams using Microsoft Defender for Cloud to manage the organization's security posture and protect against threats to their workloads. Data resources remain a popular target for malicious actors, making it crucial for security teams to identify, prioritize, and secure sensitive data resources across their cloud environments. The integration with Microsoft Purview expands visibility into the data layer, enabling security teams to prioritize resources that contain sensitive data.

    References:

    https://docs.microsoft.com/en-us/azure/purview/overview

    https://docs.microsoft.com/en-us/azure/purview/how-to-integrate-with-azure-security-products

Question 5 of 185

You have a Microsoft 365 E5 subscription and an Azure subscription.

You are designing a Microsoft deployment.

You need to recommend a solution for the security operations team. The solution must include custom views and a dashboard for analyzing security events.

What should you recommend using in Microsoft Sentinel?

    Correct Answer: C

    Microsoft Sentinel provides workbooks that offer a flexible canvas for data analysis and the creation of rich visual reports. Workbooks allow the customization of views and the creation of dashboards essential for analyzing security events, making them the ideal solution for the security operations team.