SC-100 : Microsoft Cybersecurity Architect Exam

SC-100 Dumps
SC-100 Braindumps
SC-100 Real Questions
SC-100 Practice Test
SC-100 Actual Questions


Microsoft
SC-100
Microsoft Cybersecurity Architect
https://killexams.com/pass4sure/exam-detail/SC-100
Question: 33
You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle
(SDL).
You need to recommend a security standard for onboarding applications to Azure. The standard will include
recommendations for application design, development, and deployment
What should you include during the application design phase?
A. static application security testing (SAST) by using SonarQube
B. dynamic application security testing (DAST) by using Veracode
C. threat modeling by using the Microsoft Threat Modeling Tool
D. software decomposition by using Microsoft Visual Studio Enterprise
Answer: C
Explanation:
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
Question: 34
HOTSPOT
You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone
requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct
selection is worth one point.

Answer:

Explanation:
Box 1: Virtual Network Integration – correct
Virtual network integration gives your app access to resources in your virtual network, but it doesn’t grant inbound
private access to your app from the virtual network.
Box 2: Private Endpoints. – correct
You can use Private Endpoint for your Azure Web App to allow clients located in your private network to securely
access the app over Private Link.
Question: 35
Your company is developing a serverless application in Azure that will have the architecture shown in the following
exhibit.


You need to recommend a solution to isolate the compute components on an Azure virtual network.
What should you include in the recommendation?
A. Azure Active Directory (Azure AD) enterprise applications
B. an Azure App Service Environment (ASE)
C. Azure service endpoints
D. an Azure Active Directory (Azure AD) application proxy
Answer: B
Explanation:
App Service environments (ASEs) are appropriate for application workloads that require:
Very high scale,Isolation and secure network access,High memory utilization.
This capability can host your:
Windows web apps,Linux web apps
Docker containers,Mobile apps
Functions
https://docs.microsoft.com/en-us/azure/app-service/environment/overview
Question: 36
You need to recommend a solution to scan the application code. The solution must meet the application development
requirements.
What should you include in the recommendation?
A. Azure Key Vault
B. GitHub Advanced Security
C. Application Insights in Azure Monitor
D. Azure DevTest Labs
Answer: B
Explanation:
https://docs.microsoft.com/en-us/learn/modules/introduction-github-advanced-security/2-what-is-github-advanced-
security
Question: 37
HOTSPOT
You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity
requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE;
Each correct selection is worth one point.

Answer:

Explanation:
Question: 38
You are designing a ransomware response plan that follows Microsoft Security Best Practices.
You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.
What should you include in the recommendations?
A. Privileged Access Workstations (PAWs)
B. emergency access accounts
C. device compliance policies
D. Customer Lockbox for Microsoft Azure
Answer: B
Question: 39
HOTSPOT
You need to recommend a multi-tenant and hybrid security solution that meets to the business requirements and the
hybrid requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct
selection is worth one point.

Answer:

Question: 40
HOTSPOT
You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (CI/CO)
workflows.
You need to recommend best practices to secure the stages of the CI/CD workflows based on the Microsoft Cloud
Adoption Framework for Azure.
What should you include in the recommendation for each stage? To answer, select the appropriate options in the
answer area. NOTE: Each correct selection is worth one point.

Answer:

Question: 41
A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure
subscriptions. You are evaluating the security posture of the customer.
You discover that the AKS resources are excluded from the secure score recommendations. You need to produce
accurate recommendations and update the secure score.
Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the
solution. NOTE: Each correct selection is worth one point.
A. Configure auto provisioning.
B. Assign regulatory compliance policies.
C. Review the inventory.
D. Add a workflow automation.
E. Enable Defender plans.
Answer: A,E
Explanation:
https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages
https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation
Question: 42
Your company has a Microsoft 365 E5 subscription.
Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The
company identifies protected health information (PHI) within stored documents and communications.
What should you recommend using to prevent the PHI from being shared outside the company?
A. insider risk management policies
B. data loss prevention (DLP) policies
C. sensitivity label policies
D. retention policies
Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide

User: Leika***** I highly recommend killexams.com sc-100 practice tests. The questions are valid, and the answers are accurate. I have double-checked them with my peers, and they have passed the exam with ease. The exam was expensive and stressful, so I decided to get a protection net, which means this study bundle. All in all, I passed my exam as I hoped, and now I endorse killexams.com to everyone.

User: Zigfrids***** I was worried about my schooling and did not want my parents to find out. I knew that performing well on my SC-100 exam would cover my errors and regain my parents trust. killexams.com provided me with appropriate guidance and helped me pass the exam with ease. I am grateful to killexams.com for its guidance and support.

User: Marie***** The SC-100 Questions and Answers provided by Killexams.com have been incredibly helpful to me during my certification exam. I am pleased with the results and plan to use their resources for future Microsoft certifications.

User: Oxana***** My initial view of the sc-100 exam fee guide was negative, as I preferred learning through a classroom-based approach. I joined a specific school, but it all seemed fake to me, and I quit soon after. I then did some research and finally changed my thinking, trying the sc-100 exam samples from Killexams.com. It gave me the high scores in the exam, and I am happy to have done so.

User: Francisco***** I never thought I could pass the SC-100 exam, but Killexams.com impressive study material provided me with the required capability to take the exam. I passed the exam with a score of 92%, which exceeded my expectations. The material was well thought out, powerful, and reliable to use. Thanks to Killexams.com for providing dynamic learning material.

---