Latest SC-100 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : SC-100
Exam Name : Microsoft Cybersecurity Architect
Vendor Name :
"Microsoft"

Download Full Version of SC-100

---

SC-100 Dumps

SC-100 Braindumps SC-100 Real Questions SC-100 Practice Test

SC-100 Actual Questions

Microsoft

SC-100

Microsoft Cybersecurity Architect

https://killexams.com/pass4sure/exam-detail/SC-100

Question: 33

You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL).

You need to recommend a security standard for onboarding applications to Azure. The standard will include recommendations for application design, development, and deployment

What should you include during the application design phase?

1. static application security testing (SAST) by using SonarQube

2. dynamic application security testing (DAST) by using Veracode

3. threat modeling by using the Microsoft Threat Modeling Tool

4. software decomposition by using Microsoft Visual Studio Enterprise

Answer: C
Explanation:

https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling

Question: 34

HOTSPOT

You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone requirements.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

Explanation:

Box 1: Virtual Network Integration – correct

Virtual network integration gives your app access to resources in your virtual network, but it doesn’t grant inbound private access to your app from the virtual network.

Box 2: Private Endpoints. – correct

You can use Private Endpoint for your Azure Web App to allow clients located in your private network to securely access the app over Private Link.

Question: 35

Your company is developing a serverless application in Azure that will have the architecture shown in the following exhibit.

What should you include in the recommendation?

1. Azure Active Directory (Azure AD) enterprise applications

2. an Azure App Service Environment (ASE)

3. Azure service endpoints

4. an Azure Active Directory (Azure AD) application proxy

Answer: B
Explanation:

App Service environments (ASEs) are appropriate for application workloads that require: Very high scale,Isolation and secure network access,High memory utilization.

This capability can host your: Windows web apps,Linux web apps Docker containers,Mobile apps Functions

https://docs.microsoft.com/en-us/azure/app-service/environment/overview

Question: 36

You need to recommend a solution to scan the application code. The solution must meet the application development requirements.

What should you include in the recommendation?

1. Azure Key Vault

2. GitHub Advanced Security

3. Application Insights in Azure Monitor

4. Azure DevTest Labs

Answer: B
Explanation:

https://docs.microsoft.com/en-us/learn/modules/introduction-github-advanced-security/2-what-is-github-advanced- security

Question: 37

HOTSPOT

You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE; Each correct selection is worth one point.

Answer:

Explanation:

Question: 38

You are designing a ransomware response plan that follows Microsoft Security Best Practices.

You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out. What should you include in the recommendations?

1. Privileged Access Workstations (PAWs)

2. emergency access accounts

3. device compliance policies

4. Customer Lockbox for Microsoft Azure

Answer: B
Question: 39 HOTSPOT

You need to recommend a multi-tenant and hybrid security solution that meets to the business requirements and the hybrid requirements.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct

selection is worth one point.

Answer:

Question: 40

HOTSPOT

You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (CI/CO) workflows.

You need to recommend best practices to secure the stages of the CI/CD workflows based on the Microsoft Cloud Adoption Framework for Azure.

What should you include in the recommendation for each stage? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Question: 41

A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure subscriptions. You are evaluating the security posture of the customer.

You discover that the AKS resources are excluded from the secure score recommendations. You need to produce accurate recommendations and update the secure score.

Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

1. Configure auto provisioning.

2. Assign regulatory compliance policies.

3. Review the inventory.

4. Add a workflow automation.

5. Enable Defender plans.

Answer: A,E
Explanation:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages

https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation

Question: 42

Your company has a Microsoft 365 E5 subscription.

Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The company identifies protected health information (PHI) within stored documents and communications.

What should you recommend using to prevent the PHI from being shared outside the company?

1. insider risk management policies

2. data loss prevention (DLP) policies

3. sensitivity label policies

4. retention policies

Answer: B
Explanation:

https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide

User: Christine***** I am very glad that I passed the SC-100 exam with a top score, and I owe it all to killexams.com. I used their exam simulator as my primary source of preparation, and I received a consistent passing score. The content is very reliable, and I am happy that I trusted killexams.com. Everything was expertly crafted and dependable. Thumbs up from me!

User: Isidora***** I passed my sc-100 exam with killexams.com, and the questions were valid and accurate. They offered a 99% pass rate and a money-back guarantee, but I did not need either as I got great scores.

User: Matias***** I successfully passed my sc-100 exam, thanks to Killexams.com practice tests and exam simulator. This amazing resource helped me immensely in my exam preparation, and I am grateful for their assistance.

User: Elijah***** I have recommended Killexams.com to several partners and colleagues, all of whom have been highly satisfied with the results. Their questions and answers have helped boost my career and prepared me well for my exams. I am a huge fan of Killexams.com, and I recently passed my sc-100 exam with an impressive score of 86/95 questions. They are undoubtedly the best training company out there.

User: Gabriela***** Spending the majority of my time surfing the internet was a common occurrence for me. However, my time on the internet proved to be useful when I discovered Killexams.com just before my SC-100 exam. It was a great stroke of luck for me, as it helped me to test myself correctly and put up an excellent performance in the exam.

---