Real SC-100 are Uploaded by BraindumpsPass provide 2022 Latest SC-100 Practice Tests Dumps [Q56-Q80]

4/5 - (1 vote)

Real SC-100 are Uploaded by BraindumpsPass provide 2022 Latest SC-100 Practice Tests Dumps.

All SC-100 Dumps and Microsoft Cybersecurity Architect Training Courses Help candidates to study and pass the Microsoft Cybersecurity Architect Exams hassle-free!

Microsoft SC-100 Exam Syllabus Topics:

Topic Details
Topic 1
  • Recommend security capabilities or controls to mitigate identified risks
  • Interpret technical threat intelligence and recommend risk mitigations
Topic 2
  • Specify security requirements for web workloads, including Azure App Service
  • Translate privacy requirements into requirements for security solutions
Topic 3
  • Specify a security standard for onboarding a new application
  • Build an overall security strategy and architecture
Topic 4
  • Specify security requirements for servers, including multiple platforms and operating systems
  • Design a Zero Trust strategy and architecture
Topic 5
  • Evaluate security posture and recommend technical strategies to manage risk
  • Design a strategy for access to cloud resources
Topic 6
  • Specify an encryption standard for data at rest and in motion
  • Evaluate security posture by using Secure Scores
Topic 7
  • Specify security requirements for container orchestration
  • Design a strategy for securing SaaS, PaaS, and IaaS services
Topic 8
  • Specify security baselines for server and client endpoints
  • Integrate a hybrid or multi-tenant environment into a security strategy
Topic 9
  • Translate business goals into security requirements
  • Specify priorities for mitigating threats to applications
Topic 10
  • Evaluate a security operations strategy for sharing technical threat intelligence
  • Interpret compliance scores and recommend actions to resolve issues or improve security
Topic 11
  • Evaluate a security operations strategy for incident management lifecycle
  • Design a strategy to identify and protect sensitive data
Topic 12
  • Specify security requirements for storage workloads, including Azure Storage
  • Develop a technical and governance strategy for traffic filtering and segmentation
Topic 13
  • Develop security operations to support a hybrid or multi-cloud environment
  • Design a logging and auditing strategy to support security operations

 

Q56. Your company finalizes the adoption of Azure and is implementing Microsoft Defender for Cloud.
You receive the following recommendations in Defender for Cloud
* Access to storage accounts with firewall and virtual network configurations should be restricted,
* Storage accounts should restrict network access using virtual network rules.
* Storage account should use a private link connection.
* Storage account public access should be disallowed.
You need to recommend a service to mitigate identified risks that relate to the recommendations. What should you recommend?

 
 
 
 

Q57. You have 50 Azure subscriptions.
You need to monitor resource in the subscriptions for compliance with the ISO 27001:2013 standards. The solution must minimize the effort required to modify the list of monitored policy definitions for the subscriptions.
NOTE: Each correct selection is worth one point.

 
 
 
 
 
 

Q58. Your company has a Microsoft 365 E5 subscription.
Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating.
The company identifies protected health information (PHI) within stored documents and communications.
What should you recommend using to prevent the PHI from being shared outside the company?

 
 
 
 

Q59. You need to recommend a solution to meet the requirements for connections to ClaimsDB.
What should you recommend using for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q60. Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend creating private endpoints for the web app and the database layer. Does this meet the goal?

 
 

Q61. You have an Azure subscription that has Microsoft Defender for Cloud enabled. Suspicious authentication activity alerts have been appearing in the Workload protections dashboard.
You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort. What should you include in the recommendation?

 
 
 
 

Q62. You are designing security for an Azure landing zone. Your company identifies the following compliance and privacy requirements:
* Encrypt cardholder data by using encryption keys managed by the company.
* Encrypt insurance claim files by using encryption keys hosted on-premises.
Which two configurations meet the compliance and privacy requirements? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

 
 
 
 

Q63. Your on-premises network contains an e-commerce web app that was developed in Angular and Node.js. The web app uses a MongoDB database You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.
Solution: You recommend implementing Azure Application Gateway with Azure Web Application Firewall (WAF). Does this meet the goal?

 
 

Q64. Your company is developing an invoicing application that will use Azure Active Directory (Azure AD) B2C.
The application will be deployed as an App Service web app. You need to recommend a solution to the application development team to secure the application from identity related attacks. Which two configurations should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

 
 
 
 
 

Q65. You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements. What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

Q66. You need to recommend an identity security solution for the Azure AD tenant of Litware. The solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q67. Your company has a Microsoft 365 E5 subscription, an Azure subscription, on-premises applications, and Active Directory Domain Services (AD DSV You need to recommend an identity security strategy that meets the following requirements:
* Ensures that customers can use their Facebook credentials to authenticate to an Azure App Service website
* Ensures that partner companies can access Microsoft SharePoint Online sites for the project to which they are assigned The solution must minimize the need to deploy additional infrastructure components. What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q68. You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE; Each correct selection is worth one point.

Q69. Your company has a hybrid cloud infrastructure.
Data and applications are moved regularly between cloud environments.
The company’s on-premises network is managed as shown in the following exhibit.

NOTE Each correct selection is worth one point.

 
 
 
 
 

Q70. You are designing an auditing solution for Azure landing zones that will contain the following components:
* SQL audit logs for Azure SQL databases
* Windows Security logs from Azure virtual machines
* Azure App Service audit logs from App Service web apps
You need to recommend a centralized logging solution for the landing zones. The solution must meet the following requirements:
* Log all privileged access.
* Retain logs for at least 365 days.
* Minimize costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q71. You have a Microsoft 365 E5 subscription and an Azure subscription. You are designing a Microsoft Sentinel deployment.
You need to recommend a solution for the security operations team. The solution must include custom views and a dashboard for analyzing security events. What should you recommend using in Microsoft Sentinel?

 
 
 
 

Q72. You need to recommend a solution to evaluate regulatory compliance across the entire managed environment.
The solution must meet the regulatory compliance requirements and the business requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q73. Your company plans to move all on-premises virtual machines to Azure. A network engineer proposes the Azure virtual network design shown in the following table.

You need to recommend an Azure Bastion deployment to provide secure remote access to all the virtual machines. Based on the virtual network design, how many Azure Bastion subnets are required?

 
 
 
 
 

Q74. You need to recommend a SIEM and SOAR strategy that meets the hybrid requirements, the Microsoft Sentinel requirements, and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Q75. You have a Microsoft 365 subscription
You need to recommend a security solution to monitor the following activities:
* User accounts that were potentially compromised
* Users performing bulk file downloads from Microsoft SharePoint Online What should you include in the recommendation for each activity? To answer, drag the appropriate components to the correct activities. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each Correct selection is worth one Point.

Q76. You have a customer that has a Microsoft 365 subscription and an Azure subscription.
The customer has devices that run either Windows, iOS, Android, or macOS. The Windows devices are deployed on-premises and in Azure.
You need to design a security solution to assess whether all the devices meet the customer’s compliance rules.
What should you include in the solution?

 
 
 
 

Q77. A customer uses Azure to develop a mobile app that will be consumed by external users as shown in the following exhibit.

You need to design an identity strategy for the app. The solution must meet the following requirements:
* Enable the usage of external IDs such as Google, Facebook, and Microsoft accounts.
* Be managed separately from the identity store of the customer.
* Support fully customizable branding for each app.
Which service should you recommend to complete the design?

 
 
 
 

Q78. Your company uses Microsoft Defender for Cloud and Microsoft Sentinel. The company is designing an application that will have the architecture shown in the following exhibit.

You are designing a logging and auditing solution for the proposed architecture. The solution must meet the following requirements-.
* Integrate Azure Web Application Firewall (WAF) logs with Microsoft Sentinel.
* Use Defender for Cloud to review alerts from the virtual machines.
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.

Q79. You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines.
If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?

 
 
 
 

Q80. Your company has on-premises Microsoft SQL Server databases.
The company plans to move the databases to Azure.
You need to recommend a secure architecture for the databases that will minimize operational requirements for patching and protect sensitive data by using dynamic data masking. The solution must minimize costs.
What should you include in the recommendation?

 
 
 
 

Valid Way To Pass Microsoft’s SC-100 Exam with : https://www.braindumpspass.com/Microsoft/SC-100-practice-exam-dumps.html

More Posts

Recent Comments
    Categories

    Post: Real SC-100 are Uploaded by BraindumpsPass provide 2022 Latest SC-100 Practice Tests Dumps [Q56-Q80]

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Enter the text from the image below