CertsTopics Logo

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

SC-100 Exam Results

Page: 4 / 11
Total 228 questions
Get SC-100 Full Access Download SC-100 PDF

Microsoft Cybersecurity Architect Questions and Answers

Question 13

Your company is developing an invoicing application that will use Azure Active Directory (Azure AD) B2C. The application will be deployed as an App Service web app. You need to recommend a solution to the application development team to secure the application from identity related attacks. Which two configurations should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Options:

A.

Azure AD Conditional Access integration with user flows and custom policies

B.

Azure AD workbooks to monitor risk detections

C.

custom resource owner password credentials (ROPC) flows in Azure AD B2C

D.

access packages in Identity Governance

E.

smart account lockout in Azure AD B2C

Question 14

You have a Microsoft 365 subscription that is protected by using Microsoft 365 Defender

You are designing a security operations strategy that will use Microsoft Sentinel to monitor events from Microsoft 365 and Microsoft 365 Defender

You need to recommend a solution to meet the following requirements:

• Integrate Microsoft Sentinel with a third-party security vendor to access information about known malware

• Automatically generate incidents when the IP address of a command-and control server is detected in the events

What should you configure in Microsoft Sentinel to meet each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 15

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription.

All the on-premises servers in the perimeter network are prevented from connecting directly to the internet.

The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

• Ensure that the security operations team can access the security logs and the operation logs.

• Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network.

Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Options:

A.

Azure Active Directory (Azure AD) Conditional Access policies

B.

a custom collector that uses the Log Analytics agent

C.

resource-based role-based access control (RBAC)

D.

the Azure Monitor agent

Question 16

Your company uses Azure Pipelines and Azure Repos to implement continuous integration and continuous deployment (CI/CD) workflows for the deployment of applications to Azure.

You are updating the deployment process to align with DevSecOps controls guidance in the Microsoft Cloud Adoption Framework for Azure.

You need to recommend a solution to ensure that all code changes are submitted by using pull requests before being deployed by the CI/CD workflow.

What should you include in the recommendation?

Options:

A.

custom roles in Azure Pipelines

B.

branch policies in Azure Repos

C.

Azure policies

D.

custom Azure roles

Page: 4 / 11
Total 228 questions
Get SC-100 Full Access Download SC-100 PDF