Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

SC-100 Microsoft Cybersecurity Architect is now Stable and With Pass Result | Test Your Knowledge for Free

Exams4sure Dumps

SC-100 Practice Questions

Microsoft Cybersecurity Architect

Last Update 4 days ago
Total Questions : 296

Dive into our fully updated and stable SC-100 practice test platform, featuring all the latest Microsoft Certified: Cybersecurity Architect Expert exam questions added this week. Our preparation tool is more than just a Microsoft study aid; it's a strategic advantage.

Our free Microsoft Certified: Cybersecurity Architect Expert practice questions crafted to reflect the domains and difficulty of the actual exam. The detailed rationales explain the 'why' behind each answer, reinforcing key concepts about SC-100. Use this test to pinpoint which areas you need to focus your study on.

SC-100 PDF

SC-100 PDF (Printable)
$54.25
$154.99

SC-100 Testing Engine

SC-100 PDF (Printable)
$59.5
$169.99

SC-100 PDF + Testing Engine

SC-100 PDF (Printable)
$74.55
$212.99
Question # 1

Your company, named Contoso. Ltd... has an Azure AD tenant namedcontoso.com. Contoso has a partner company named Fabrikam. Inc. that has an Azure AD tenant named fabrikam.com. You need to ensure that helpdesk users at Fabrikam can reset passwords for specific users at Contoso. The solution must meet the following requirements:

• Follow the principle of least privilege.

• Minimize administrative effort.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 1

Options:

Discussion 0
Question # 2

You have an Azure environment that contains multiple workloads deployed across multiple subscriptions.

You need to recommend a solution to assess and improve the security posture of the workloads. The solution must meet the following requirements:

• Use the Microsoft Cloud Adoption Framework for Azure to evaluate compliance with cloud governance policies.

• Use the Azure Well-Architected Framework to secure individual workloads.

What should you include in the recommendation for each requirement? To answer, drag the appropriate recommendations to the correct requirements. Each recommendation may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content

NOTE: Each correct selection is worth one point.

Question # 2

Options:

Discussion 0
Question # 3

Your network contains an on-premises Active Directory Domain Services (AD DS) domain.

You have a Microsoft 365 subscription.

You need to recommend a solution to evaluate the security and governance of the domains. The solution must meet the following requirements:

• identify configuration issues and administrative vulnerabilities.

• Minimize effort.

What should you include in the recommendation?

Options:

A.  

Microsoft Entra ID Protection

B.  

Microsoft Defender for Servers

C.  

Microsoft Defender for Identity

D.  

Microsoft Sentinel

Discussion 0
Question # 4

You have three Microsoft Entra tenants named Tenant 1. Tenant2. and Tenant3.

You have three Azure subscriptions named Sub1, Sub2, and Sub3. Each tenant is associated with multiple Azure subscriptions.

Each subscription contains a single Microsoft Sentinel workspace as shown in the following table.

Question # 4

You need to recommend a solution that meets the following requirements:

• Ensures that the users in Tenant1 can manage the resources in Sub2 and Sub3 without having to switch subscriptions or sign in to a different tenant

• Implements multiple workspace view for Sentinel2 and Sentinel3

What should you use to delegate permissions, and which Microsoft Sentinel feature will users be able to manage in multiple workspace view? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 4

Options:

Discussion 0
Question # 5

You have a customer that has a Microsoft 365 subscription and uses the Free edition of Azure Active Directory (Azure AD)

The customer plans to obtain an Azure subscription and provision several Azure resources.

You need to evaluate the customer ' s security environment.

What will necessitate an upgrade from the Azure AD Free edition to the Premium edition?

Options:

A.  

role-based authorization

B.  

Azure AD Privileged Identity Management (PIM)

C.  

resource-based authorization

D.  

Azure AD Multi-Factor Authentication

Discussion 0
Question # 6

Your company is designing an application architecture for Azure App Service Environment (ASE) web apps as shown in the exhibit. (Click the Exhibit tab.)

Communication between the on-premises network and Azure uses an ExpressRoute connection.

You need to recommend a solution to ensure that the web apps can communicate with the on-premises application server. The solution must minimize the number of public IP addresses that are allowed to access the on-premises network.

What should you include in the recommendation?

Options:

A.  

Azure Traffic Manager with priority traffic-routing methods

B.  

Azure Application Gateway v2 with user-defined routes (UDRs)

C.  

Azure Front Door with Azure Web Application Firewall (WAF)

D.  

Azure Firewall with policy rule sets

Discussion 0
Question # 7

You plan to deploy a dynamically scaling, Linux-based Azure Virtual Machine Scale Set that will host jump servers. The jump servers will be used by support staff who connect f personal and kiosk devices via the internet. The subnet of the jump servers will be associated to a network security group (NSG)

You need to design an access solution for the Azure Virtual Machine Scale Set. The solution must meet the following requirements:

• Ensure that each time the support staff connects to a jump server; they must request access to the server.

• Ensure that only authorized support staff can initiate SSH connections to the jump servers.

• Maximize protection against brute-force attacks from internal networks and the internet.

• Ensure that users can only connect to the jump servers from the internet.

• Minimize administrative effort

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 7

Options:

Discussion 0
Question # 8

You have a Microsoft Entra tenant and an Azure subscription.

You are evaluating the use of a risk-based Conditional Access policy to control the access of workload identities to resources.

To which type of identity should you apply the policy, and which signal source can you use as part of the policy? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Discussion 0
Question # 9

You have an Azure subscription.

You plan to deploy a storage account named storage1 that will store confidential data. You will assign tags to the confidential data.

You need to ensure that access to storage1 can be defined by using the assigned tags.

Which authorization mechanism should you enable, and which type of resource should you use to store the data? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 9

Options:

Discussion 0
Question # 10

Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains 500 Windows 11 devices.

You have a Microsoft 365 subscription and an Azure subscription.

You have a Microsoft Entra tenant that syncs with the domain and is linked to the subscriptions. The devices are Microsoft Entra hybrid joined.

You plan to deploy a solution to mitigate attacks against privileged accounts. The solution will include Microsoft Sentinel rules that will detect attempts to use fake cached credentials.

You need to recommend a solution to create the fake cached credentials on client computers.

What should you recommend?

Options:

A.  

User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel

B.  

a deception rule in Microsoft Defender for Endpoint

C.  

a Honeytoken tag in Microsoft Defender for Identity

D.  

a user risk policy in Microsoft Entra ID Protection

Discussion 0
Get SC-100 dumps and pass your exam in 24 hours!

Free Exams Sample Questions