Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Microsoft SC-100 Practice Exam with Questions & Answers | Set: 3

Questions 21

You have three Microsoft Entra tenants named Tenant 1. Tenant2. and Tenant3.

You have three Azure subscriptions named Sub1, Sub2, and Sub3. Each tenant is associated with multiple Azure subscriptions.

Each subscription contains a single Microsoft Sentinel workspace as shown in the following table.

SC-100 Question 21

You need to recommend a solution that meets the following requirements:

• Ensures that the users in Tenant1 can manage the resources in Sub2 and Sub3 without having to switch subscriptions or sign in to a different tenant

• Implements multiple workspace view for Sentinel2 and Sentinel3

What should you use to delegate permissions, and which Microsoft Sentinel feature will users be able to manage in multiple workspace view? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-100 Question 21

Options:
Microsoft SC-100 Premium Access
Questions 22

You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos.

You need to recommend a solution to ensure that the configuration of all the clusters remains consistent by using the manifest files stored in Azure Repos.

What should you include in the recommendation?

Options:
A.

Gatekeeper

B.

Dependency Tracker

C.

Dependency

D.

Flux

Questions 23

You have a Microsoft 365 subscription.

You configure Microsoft Purview Information Protection to apply sensitivity labels automatically.

You need to recommend a solution that will prevent users from uploading unlabeled files to Microsoft SharePoint Online if the files contain content defined by Microsoft Purview classifiers as sensitive.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-100 Question 23

Options:
Questions 24

You have the resources shown in the following table.

SC-100 Question 24

You need to configure multi-user authorization (MUA) for Azure Backup to protect the Recovery Services vaults. The solution must maximize the security of the MUA configuration and follow the principle of least privilege.

To which location should you deploy Resource Guard, and which role-based access control (RBAC) role should you assign to the team responsible for managing the backup of Resource Guard? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-100 Question 24

Options:
Questions 25

You have a Microsoft 365 subscription that contains 500 users. Each user is assigned a Microsoft 365 E5 license and uses a Windows device. Microsoft Purview data loss prevention (DLP) policies are applied to Microsoft Exchange Online email and SharePoint Online sites. You plan to monitor the usage of third-party generative Al apps by using Microsoft Purview Data Security Posture Management for Al (DSPM for Al). What should you do first?

Options:
A.

Enable Microsoft Purview insider risk management for all the users.

B.

Onboard all endpoint devices to Microsoft Purview.

C.

Configure Microsoft Purview data connectors for the generative Al apps.

D.

License all the users for Microsoft 365 Copilot.

Questions 26

You are designing a security operations strategy based on the Zero Trust framework.

You need to minimize the operational load on Tier 1 Microsoft Security Operations Center (SOC) analysts.

What should you do?

Options:
A.

Enable built-in compliance policies in Azure Policy.

B.

Enable self-healing in Microsoft 365 Defender.

C.

Automate data classification.

D.

Create hunting queries in Microsoft 365 Defender.

Questions 27

You have an Azure subscription that contains an Azure Synapse Analytics workspace named workspace1. workspace1 contains a built-in serverless SQL pool and a dedicated SQL pool named Pool1.

You need to recommend a second layer of data encryption for workspace1.

What should you include in the recommendation for each pool? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-100 Question 27

Options:
Questions 28

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance.

Solution: You recommend access restrictions based on HTTP headers that have the Front Door ID.

Does this meet the goal?

Options:
A.

Yes

B.

No

Questions 29

You need to recommend a solution to secure the MedicalHistory data in the ClaimsDetail table. The solution must meet the Contoso developer requirements.

What should you include in the recommendation?

Options:
A.

Transparent Data Encryption (TDE)

B.

Always Encrypted

C.

row-level security (RLS)

D.

dynamic data masking

E.

data classification

Questions 30

You have an Azure subscription that contains a Microsoft Sentinel workspace.

Your on-premises network contains firewalls that support forwarding event logs m the Common Event Format (CEF). There is no built-in Microsoft Sentinel connector for the firewalls

You need to recommend a solution to ingest events from the firewalls into Microsoft Sentinel.

What should you include m the recommendation?

Options:
A.

an Azure logic app

B.

an on-premises Syslog server

C.

an on-premises data gateway

D.

Azure Data Factory