What Accurate SC-100 Braindumps Is

2024 Microsoft Official New Released SC-100 ♥♥
https://www.certleader.com/SC-100-dumps.html


Act now and download your Microsoft SC-100 test today! Do not waste time for the worthless Microsoft SC-100 tutorials. Download Up to the minute Microsoft Microsoft Cybersecurity Architect exam with real questions and answers and begin to learn Microsoft SC-100 with a classic professional.

Microsoft SC-100 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1

You need to recommend a solution to scan the application code. The solution must meet the application development requirements. What should you include in the recommendation?

  • A. Azure Key Vault
  • B. GitHub Advanced Security
  • C. Application Insights in Azure Monitor
  • D. Azure DevTest Labs

Answer: D

NEW QUESTION 2

You have a customer that has a Microsoft 365 subscription and an Azure subscription.
The customer has devices that run either Windows, iOS, Android, or macOS. The Windows devices are deployed on-premises and in Azure.
You need to design a security solution to assess whether all the devices meet the customer's compliance rules. What should you include in the solution?

  • A. Microsoft Information Protection
  • B. Microsoft Defender for Endpoint
  • C. Microsoft Sentinel
  • D. Microsoft Endpoint Manager

Answer: D

NEW QUESTION 3

You have Windows 11 devices and Microsoft 365 E5 licenses.
You need to recommend a solution to prevent users from accessing websites that contain adult content such as
gambling sites. What should you include in the recommendation?

  • A. Microsoft Endpoint Manager
  • B. Compliance Manager
  • C. Microsoft Defender for Cloud Apps
  • D. Microsoft Defender for Endpoint

Answer: D

NEW QUESTION 4

Your company plans to deploy several Azure App Service web apps. The web apps will be deployed to the West Europe Azure region. The web apps will be accessed only by customers in Europe and the United States.
You need to recommend a solution to prevent malicious bots from scanning the web apps for vulnerabilities. The solution must minimize the attach surface.
What should you include in the recommendation?

  • A. Azure Firewall Premium
  • B. Azure Application Gateway Web Application Firewall (WAF)
  • C. network security groups (NSGs)
  • D. Azure Traffic Manager and application security groups

Answer: D

NEW QUESTION 5

A customer follows the Zero Trust model and explicitly verifies each attempt to access its corporate applications.
The customer discovers that several endpoints are infected with malware. The customer suspends access attempts from the infected endpoints.
The malware is removed from the end point.
Which two conditions must be met before endpoint users can access the corporate applications again? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Microsoft Defender for Endpoint reports the endpoints as compliant.
  • B. Microsoft Intune reports the endpoints as compliant.
  • C. A new Azure Active Directory (Azure AD) Conditional Access policy is enforced.
  • D. The client access tokens are refreshed.

Answer: CD

NEW QUESTION 6

Your company is migrating data to Azure. The data contains Personally Identifiable Information (Pll). The company plans to use Microsoft Information Protection for the Pll data store in Azure. You need to recommend a solution to discover Pll data at risk in the Azure resources.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 7

You have an Azure subscription that contains several storage accounts. The storage accounts are accessed by legacy applications that are authenticated by using access keys.
You need to recommend a solution to prevent new applications from obtaining the access keys of the storage accounts. The solution must minimize the impact on the legacy applications.
What should you include in the recommendation?

  • A. Apply read-only locks on the storage accounts.
  • B. Set the AllowSharcdKeyAccess property to false.
  • C. Set the AllowBlobPublicAcccss property to false.
  • D. Configure automated key rotation.

Answer: A

NEW QUESTION 8

Your company has an on-premise network in Seattle and an Azure subscription. The on-premises network contains a Remote Desktop server.
The company contracts a third-party development firm from France to develop and deploy resources to the virtual machines hosted in the Azure subscription.
Currently, the firm establishes an RDP connection to the Remote Desktop server. From the Remote Desktop connection, the firm can access the virtual machines hosted in Azure by using custom administrative tools installed on the Remote Desktop server. All the traffic to the Remote Desktop server is captured by a firewall, and the firewall only allows specific connections from France to the server.
You need to recommend a modern security solution based on the Zero Trust model. The solution must minimize latency tor developers.
Which three actions should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. Configure network security groups (NSGs) to allow access from only specific logical groupings of IP address ranges.
  • B. Implement Azure Firewall to restrict host pool outbound access.
  • C. Configure Azure Active Directory (Azure AD) Conditional Access with multi-factor authentication (MFA) and named locations.
  • D. Migrate from the Remote Desktop server to Azure Virtual Desktop.
  • E. Deploy a Remote Desktop server to an Azure region located in France.

Answer: BDE

NEW QUESTION 9

You open Microsoft Defender for Cloud as shown in the following exhibit.
SC-100 dumps exhibit
Use the drop-down menus to select the answer choice that complete each statements based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 10

Your company has a Microsoft 365 E5 subscription.
Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The company identifies protected health information (PHI) within stored documents and communications. What should you recommend using to prevent the PHI from being shared outside the company?

  • A. insider risk management policies
  • B. data loss prevention (DLP) policies
  • C. sensitivity label policies
  • D. retention policies

Answer: A

NEW QUESTION 11

You need to recommend a solution to resolve the virtual machine issue. What should you include in the recommendation?

  • A. Onboard the virtual machines to Microsoft Defender for Endpoint.
  • B. Onboard the virtual machines to Azure Arc.
  • C. Create a device compliance policy in Microsoft Endpoint Manager.
  • D. Enable the Qualys scanner in Defender for Cloud.

Answer: A

NEW QUESTION 12

You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements. What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 13

You are designing security for an Azure landing zone. Your company identifies the following compliance and privacy requirements:
• Encrypt cardholder data by using encryption keys managed by the company.
• Encrypt insurance claim files by using encryption keys hosted on-premises.
Which two configurations meet the compliance and privacy requirements? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. Store the insurance claim data in Azure Blob storage encrypted by using customer-provided keys.
  • B. Store the cardholder data in an Azure SQL database that is encrypted by using keys stored in Azure Key Vault Managed HSM
  • C. Store the insurance claim data in Azure Files encrypted by using Azure Key Vault Managed HSM.
  • D. Store the cardholder data in an Azure SQL database that is encrypted by using Microsoft-managed Keys.

Answer: CD

NEW QUESTION 14

Your company has the virtual machine infrastructure shown in the following table.
SC-100 dumps exhibit
The company plans to use Microsoft Azure Backup Server (MABS) to back up the virtual machines to Azure. You need to provide recommendations to increase the resiliency of the backup strategy to mitigate attacks
such as ransomware.
What should you include in the recommendation?

  • A. Use geo-redundant storage (GRS).
  • B. Use customer-managed keys (CMKs) for encryption.
  • C. Require PINs to disable backups.
  • D. Implement Azure Site Recovery replication.

Answer: C

NEW QUESTION 15

You have a Microsoft 365 subscription
You need to recommend a security solution to monitor the following activities:
• User accounts that were potentially compromised
• Users performing bulk file downloads from Microsoft SharePoint Online
What should you include in the recommendation for each activity? To answer, drag the appropriate components to the correct activities. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each Correct selection is worth one Point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 16

Your company has a Microsoft 365 subscription and uses Microsoft Defender for Identity. You are informed about incidents that relate to compromised identities.
You need to recommend a solution to expose several accounts for attackers to exploit. When the attackers attempt to exploit the accounts, an alert must be triggered. Which Defender for Identity feature should you include in the recommendation?

  • A. standalone sensors
  • B. honeytoken entity tags
  • C. sensitivity labels
  • D. custom user tags

Answer: D

NEW QUESTION 17

Your company plans to move all on-premises virtual machines to Azure. A network engineer proposes the Azure virtual network design shown in the following table.
SC-100 dumps exhibit
You need to recommend an Azure Bastion deployment to provide secure remote access to all the virtual machines. Based on the virtual network design, how many Azure Bastion subnets are required?

  • A. 1
  • B. 2
  • C. 3
  • D. 4
  • E. 5

Answer: A

NEW QUESTION 18

Your company has a hybrid cloud infrastructure.
The company plans to hire several temporary employees within a brief period. The temporary employees will need to access applications and data on the company' premises network.
The company's security policy prevents the use of personal devices for accessing company data and applications.
You need to recommend a solution to provide the temporary employee with access to company resources. The solution must be able to scale on demand.
What should you include in the recommendation?

  • A. Migrate the on-premises applications to cloud-based applications.
  • B. Redesign the VPN infrastructure by adopting a split tunnel configuration.
  • C. Deploy Microsoft Endpoint Manager and Azure Active Directory (Azure AD) Conditional Access.
  • D. Deploy Azure Virtual Desktop, Azure Active Directory (Azure AD) Conditional Access, and Microsoft Defender for Cloud Apps.

Answer: D

NEW QUESTION 19
......

Thanks for reading the newest SC-100 exam dumps! We recommend you to try the PREMIUM Certleader SC-100 dumps in VCE and PDF here: https://www.certleader.com/SC-100-dumps.html (105 Q&As Dumps)