Pass with Confidence Using DumpsBase’s SC-100 Dumps (V19.02): Continue to Read SC-100 Free Dumps (Part 3, Q81-Q100) Online

1. You have a customer that has a Microsoft 365 subscription and uses the Free edition of Azure Active Directory (Azure AD)

The customer plans to obtain an Azure subscription and provision several Azure resources.

You need to evaluate the customer's security environment.

What will necessitate an upgrade from the Azure AD Free edition to the Premium edition?

2. HOTSPOT

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.

The Azure subscription contains a Microsoft Sentinel workspace. Microsoft Sentinel data connectors are configured for Microsoft 365, Microsoft 365 Defender, Defender for Cloud, and Azure.

You plan to deploy Azure virtual machines that will run Windows Server.

You need to enable extended detection and response (EDR) and security orchestration, automation, and response (SOAR) capabilities for Microsoft Sentinel.

How should you recommend enabling each capability? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

3. Your company has a hybrid cloud infrastructure that contains an on-premises Active Directory Domain Services (AD DS) forest, a Microsoft B65 subscription, and an Azure subscription.

The company's on-premises network contains internal web apps that use Kerberos authentication.

Currently, the web apps are accessible only from the network.

You have remote users who have personal devices that run Windows 11.

You need to recommend a solution to provide the remote users with the ability to access the web apps.

The solution must meet the following requirements:

• Prevent the remote users from accessing any other resources on the network.

• Support Azure Active Directory (Azure AD) Conditional Access.

• Simplify the end-user experience.

What should you include in the recommendation?

4. HOTSPOT

You need to recommend a solution to meet the AWS requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

5. You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report.

In the Secure management ports controls, you discover that you have 0 out of a potential 8 points. You need to recommend configurations to increase the score of the Secure management ports controls.

Solution: You recommend onboarding all virtual machines to Microsoft Defender for Endpoint.

Does this meet the goal?

6. HOTSPOT

Your company is migrating data to Azure. The data contains Personally Identifiable Information (Pll). The company plans to use Microsoft Information Protection for the Pll data store in Azure. You need to recommend a solution to discover Pll data at risk in the Azure resources.

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

7. Topic 3, Mix Questions

Your company has on-premises Microsoft SQL Server databases.

The company plans to move the databases to Azure.

You need to recommend a secure architecture for the databases that will minimize operational requirements for patching and protect sensitive data by using dynamic data masking. The solution must minimize costs.

What should you include in the recommendation?

8. Your company has an office in Seattle.

The company has two Azure virtual machine scale sets hosted on different virtual networks.

The company plans to contract developers in India.

You need to recommend a solution provide the developers with the ability to connect to the virtual machines over SSL from the Azure portal.

The solution must meet the following requirements:

• Prevent exposing the public IP addresses of the virtual machines.

• Provide the ability to connect without using a VPN.

• Minimize costs.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

9. Your company has a hybrid cloud infrastructure.

Data and applications are moved regularly between cloud environments.

The company's on-premises network is managed as shown in the following exhibit.

You are designing security operations to support the hybrid cloud infrastructure.

The solution must meet the following requirements:

✑ Govern virtual machines and servers across multiple environments.

✑ Enforce standards for all the resources across all the environment across the Azure policy.

Which two components should you recommend for the on-premises network? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.

10. HOTSPOT

You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

11. You have a Microsoft 365 E5 subscription.

You need to recommend a solution to add a watermark to email attachments that contain sensitive data.

What should you include in the recommendation?

12. Your company is moving a big data solution to Azure.

The company plans to use the following storage workloads:

• Azure Storage blob containers

• Azure Data Lake Storage Gen2

• Azure Storage file shares

• Azure Disk Storage

Which two storage workloads support authentication by using Azure Active Directory (Azure AD)? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

13. Your company has a Microsoft 365 E5 subscription.

The company wants to identify and classify data in Microsoft Teams, SharePoint Online, and Exchange Online.

You need to recommend a solution to identify documents that contain sensitive information.

What should you include in the recommendation?

14. HOTSPOT

You open Microsoft Defender for Cloud as shown in the following exhibit.

Use the drop-down menus to select the answer choice that complete each statements based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

15. You are designing security for an Azure landing zone.

Your company identifies the following compliance and privacy requirements:

• Encrypt cardholder data by using encryption keys managed by the company.

• Encrypt insurance claim files by using encryption keys hosted on-premises.

Which two configurations meet the compliance and privacy requirements? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

16. You have a Microsoft 365 E5 subscription and an Azure subscription. You are designing a Microsoft Sentinel deployment.

You need to recommend a solution for the security operations team. The solution must include custom views and a dashboard for analyzing security events.

What should you recommend using in Microsoft Sentinel?

17. A customer uses Azure to develop a mobile app that will be consumed by external users as shown in the following exhibit.

You need to design an identity strategy for the app.

The solution must meet the following requirements:

• Enable the usage of external IDs such as Google, Facebook, and Microsoft accounts.

• Be managed separately from the identity store of the customer.

• Support fully customizable branding for each app.

Which service should you recommend to complete the design?

18. A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure subscriptions. You are evaluating the security posture of the customer.

You discover that the AKS resources are excluded from the secure score recommendations. You need to produce accurate recommendations and update the secure score.

Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

19. You have an Azure subscription that has Microsoft Defender for Cloud enabled.

You are evaluating the Azure Security Benchmark V3 report as shown in the following exhibit.

You need to verify whether Microsoft Defender for servers is installed on all the virtual machines that run Windows.

Which compliance control should you evaluate?

20. DRAG DROP

Your company has Microsoft 365 E5 licenses and Azure subscriptions.

The company plans to automatically label sensitive data stored in the following locations:

• Microsoft SharePoint Online

• Microsoft Exchange Online

• Microsoft Teams

You need to recommend a strategy to identify and protect sensitive data.

Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.