SC-900
1. ______________ Provides Network Address Translation (NAT) services 2. ______________ Provides secure and seamless Remote Desktop connectivity to Azure virtual machines 3. ______________ Provides traffic filtering that can be applied to specific network interfaces on a virtual network -Azure Bastion -Azure Firewall -Network security group (NSG)
1. Azure Firewall 2. Azure Bastion 3. Network security group (NSG)
DRAG DROP - Match the pillars of Zero Trust to the appropriate requirements. To answer, drag the appropriate pillar from the column on the left to its requirement on the right. Each pillar may be used once, more than once, or not at all. NOTE: Each correct match is worth one point. 1. _________ Must be segmented 2. ________ Must be verified by using strong authentication 3. ________ Must be classified labeled and encrypted based on its attributes -Data -Identities -Networks
1. Networks 2. Identities 3. Data
1. Global administrators are exempt from conditional access policies (Yes/No) 2. A conditional access policy can add users to Azure Active Directory (Azure AD) roles (Yes/No) 3. Conditional access policies can force the use of multi-factor authentication (MFA) to access cloud apps (Yes/No)
1. No 2. No 3. Yes
1. You can use Advanced Audit in Microsoft 365 to view billing details. (Yes/No) 2. You can use Advanced Audit in Microsoft 365 to view the contents of an email message. (Yes/No) 3. You can use Advanced Audit in Microsoft 365 to identify when a user uses the search bar in Outlook on the web to search for items in a mailbox. (Yes/No)
1. No 2. No 3. Yes
1. Conditional access policies always enforce the use of multi-factor authentication (MFA) (Yes/No) 2. Conditional access policies can be used to block access to an application based on the location of the user (Yes/No) 3. Conditional access policies only affect users who have Azure Active Directory (Azure AD)-joined devices (Yes/No)
1. No 2. Yes 3. No
1. Windows Hello for Business can use the Microsoft Authenticator app as an authentication method (Yes/No) 2. Windows Hello for Business can use a PIN code as an authentication method (Yes/No) 3. Windows Hello for Business authentication information syncs across all the devices registered by a user (Yes/No)
1. No 2. Yes 3. No
1.All Azure Active Directory (Azure AD) license editions include the same features. (Yes/No) 2. You can manage an Azure Active Directory (Azure AD) tenant by using the Azure portal. (Yes/No) 3. You must deploy Azure virtual machines to host an Azure Active Directory (Azure AD) tenant. (Yes/No)
1. No 2. Yes 3. No
1. Azure AD Identity Protection can add users to groups based on the user's risk level (Yes/No) 2. Azure AD Identity Protection can detect whether user credentials were leaked to the public (Yes/No) 3. Azure AD Identity Protection can be used to invoke Multi-Factor Authentication based on a user's risk level (Yes/No)
1. No 2. Yes 3. Yes
1. Azure Active Directory (Azure AD) Identity Protection can add users to groups based on the users' risk level. (Yes/No) 2. Azure Active Directory (Azure AD) Identity Protection can detect whether user credentials were leaked to the public. (Yes/No) 3. Azure Active Directory (Azure AD) Identity Protection can be used to invoke Multi-Factor Authentication based on a user's risk level. (Yes/No)
1. No 2. Yes 3. Yes
1. Azure Active Directory (Azure AD) is deployed to an on-premises environment (Yes/No) 2. Azure Active Directory (Azure AD) is provided as part of a Microsoft 365 subscription (Yes/No) 3. Azure Active Directory (Azure AD) is an identity and access management sevice (Yes/No)
1. No 2. Yes 3. Yes
1. Compliance Manager tracks only customer-managed controls. (Yes/No) 2. Compliance Manager provides predefined templates for creating assessments. (Yes/No) 3. Compliance Manager can help you assess whether data adheres to specific data protection standards. (Yes/No)
1. No 2. Yes 3. Yes
1. In software as a service (SaaS), applying service packs to application is the responsibility of the organization. (Yes/No) 2. In infrastructure as a service (IaaS), managing the physical network is the responsibility of the cloud provider. (Yes/No) 3. In all Azure cloud deployment types, managing the security of information and data is the responsibility of the organization. (Yes/No)
1. No 2. Yes 3. Yes
1. Software tokens are an example of pass wordless authentication (Yes/No) 2. Windows Hello is an example of pass wordless authentication (Yes/No) 3. FIDO2 security keys are an example of pass wordless authentication (Yes/No)
1. No 2. Yes 3. Yes
1. You can use information barriers with Microsoft Exchange (Yes/No) 2. You can use information barriers with Microsoft SharePoint (Yes/No) 3. You can use information barriers with Microsoft Teams (Yes/No)
1. No 2. Yes 3. Yes
1. You can use the insider risk management solution to detect phishing scams. (Yes/No) 2. You can access the insider risk management solution from the Microsoft Purview (Yes/No) 3. You can use the insider risk management solution to detect data leaks by unhappy employees. (Yes/No)
1. No 2. Yes 3. Yes
1.Microsoft Sentinel data connectors support only Microsoft services (Yes/No) 2. You can use Azure Monitor workbooks to monitor data collected by Microsoft Sentinel (Yes/No) 3. Hunting providers you with the ability to identify security threats before an alert is triggered (Yes/No)
1. No 2. Yes 3. Yes
1. ___________Use encryption to protect data at rest 2. _________ Actively monitor systems to identify irregularities that might represent risks -Corrective -Detective -Preventative
1. Preventative 2. Detective
You are evaluating the compliance score in Compliance Manager. Match the compliance score action subcategories to the appropriate actions. To answer, drag the appropriate action subcategory from the column on the left to its action on the right. Each action subcategory may be used once, more than once, or not at all. -Corrective -Detective -Preventative 1. _____________ Encrypt data at rest. 2. ____________ Perform a system access audit. 3. ____________ Make configuration changes in response to a security incident.
1. Preventative 2. Detective 3. Corrective
DRAG DROP - Match the Microsoft Defender for Office 365 feature to the correct description. To answer, drag the appropriate feature from the column on the left to its description on the right. Each feature may be used once, more than once, or not at all. NOTE: Each correct match is worth one point. Select and Place: 1. ___________ Provides intelligence on prevailing cybersecurity issues 2. __________ Provides real-time reports to identify and analyze recent threats 3. __________ Detects impersonation attempts -Threat Explorer -Threat Trackers -Anti-phishing protection
1. Threat Trackers 2. Threat Explorer 3. Anti-phishing protection
1. ___________ Review and filter alerts 2. __________ Create cases in the Case dashboard 3. _________ Send a reminder of corporate policies to users -Action -Investigate -Triage
1. Triage 2. Investigate 3. Action
DRAG DROP - Match the Microsoft 365 insider risk management workflow step to the appropriate task. To answer, drag the appropriate step from the column on the left to its task on the right. Each step may be used once, more than once, or not at all. NOTE: Each correct match is worth one point. Select and Place: 1. __________________ Review and filter alerts 2. __________________ Create cases in the Case dashboard 3. __________________ Send a reminder of corporate policies to users -Action -Investigate -Triage
1. Triage 2. Investigate 3. Action
1. Azure AD B2C enables external users to sign in by using their preferred social or enterprise account identities (Yes/No) 2. External Azure AD B2C users are managed in the same directory as users in the Azure AD (Yes/No) 3. Custom branding can be applied to Azure AD B2C authentication (Yes/No)
1. Yes 2. No 3. Yes
1. Azure AD Connect can be used to implement hybrid identity (Yes/No) 2. Hybrid identity requires the implementation of two Microsoft 365 tenants (Yes/No) 3. Authentication of hybrid identifies requires the synchronization of Active Directory Domain Services (AD DS) and Azure Active Directory (Azure AD) (Yes/No)
1. Yes 2. No 3. Yes
1. Conditional access policies can be applied to global administrators. (Yes/No) 2. Conditional access policies are evaluated before a user is authenticated. (Yes/No) 3. Conditional access policies can use a device platform, such as Android or iOS, as a signal. (Yes/No)
1. Yes 2. No 3. Yes
1. Conditional access policies can use the device state as a signal (Yes/No) 2. Conditional access policies apply before first-factor authentication is complete (Yes/No) 3. Conditional access policies can trigger multi-factor authentication (MFA) if a user attempts to access a specific application (Yes/No)
1. Yes 2. No 3. Yes
1. Each network security group (NSG) rule must have a unique name (Yes/No) 2. Network security group (NSG) default rules can be deleted (Yes/No) 3. Network security group (NSG) rules can be configured to check TCP, UDP, or ICMP network protocol types
1. Yes 2. No 3. Yes
1. Microsoft Intune can be used to manage Android devices. (Yes/No) 2. Microsoft Intune can be used to provision Azure subscriptions. (Yes/No) 3. Microsoft Intune can be used to manage organization-owned devices and personal devices. (Yes/No)
1. Yes 2. No 3. Yes
1. Users can apply sensitivity labels manually. (Yes/No) 2. Multiple sensitivity labels can be applied to the same file. (Yes/No) 3. A sensitivity label can apply a watermark to a Microsoft Word document. (Yes/No)
1. Yes 2. No 3. Yes
1. With Advanced Audit in Microsoft 365, you can identify when email items were accessed (Yes/No) 2. Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing (Yes/No) 3. Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data (Yes/No)
1. Yes 2. No 3. Yes
1. You can add a resource lock to an Azure subscription. (Yes/No) 2. You can add only one resource lock to an Azure resource. (Yes/No) 3. You can delete a resource group containing resources that have resource locks. (Yes/No)
1. Yes 2. No 3. Yes
1. You can create a hybrid identity in an on-premises Active Directory that syncs to Azure AD (Yes/No) 2. User accounts created in Azure AD sync automatically to an on-premises Active Directory (Yes/No) 3. When using a hybrid model, authentication can either be done by Azure AD or by another identity provider (Yes/No)
1. Yes 2. No 3. Yes
1. Authorization is used to identify the level of access to a resource (Yes/No) 2. Authentication is proving that users are who they say they are (Yes/No) 3. Authentication identifies whether you can read and write to a file (Yes/No)
1. Yes 2. Yes 3. No
1. Azure Policy supports automatic remediation. (Yes/No) 2. Azure Policy can be used to ensure that new resources adhere to corporate standards. (Yes/No) 3. Compliance evaluation in Azure Policy occurs only when a target resource is created or modified. (Yes/No)
1. Yes 2. Yes 3. No
1. Control is a key privacy principle of Microsoft. (Yes/No) 2. Transparency is a key privacy principle of Microsoft. (Yes/No) 3. Shared responsibility is a key privacy principle of Microsoft. (Yes/No)
1. Yes 2. Yes 3. No
1. Digitally signing a document requires a private key. (Yes/No) 2. Verifying the authenticity of a digitally signed document requires the public key of the signer. (Yes/No) 3. Verifying the authenticity of a digitally signed document requires the private key of the signer. (Yes/No)
1. Yes 2. Yes 3. No
1. Microsoft Defender for Endpoint can protect Android devices (Yes/No) 2. Microsoft Defender for Endpoint can protect Azure virtual machines that run Windows 10. (Yes/No) 3. Microsoft Defender for Endpoint can protect Microsoft Sharepoint Online sites and content from viruses. (Yes/No)
1. Yes 2. Yes 3. No
1. Microsoft Purview provides sensitive data classification (Yes/No) 2. Microsoft Sentinel is a data lifecycle management solution (Yes/No) 3. Microsoft Purview can only discover data that is stored in Azure (Yes/No)
1. Yes 2. Yes 3. No
1. Verify explicitly is one of the guiding principles of Zero Trust. (Yes/No) 2. Assume breach is one of the guiding principles of Zero Trust. (Yes/No) 3. The Zero Trust security model assumes that a firewall secures the internal network from external threats. (Yes/No)
1. Yes 2. Yes 3. No
1. You can create custom roles in Azure Active Directory (Azure AD) (Yes/No) 2. Global administrator is a role in Azure Active Directory (Azure AD) (Yes/No) 3. An Azure Active Directory (Azure AD) user can be assigned only one role (Yes/No)
1. Yes 2. Yes 3. No
1. Applying system updates increases an organization's secure score in Microsoft Defender for Cloud (Yes/No) 2. The secure score in Microsoft Defender for Cloud can evaluate resources across multiple Azure Subscriptions (Yes/No) 3. Enabling multi-factor authentication (MFA) increases an organization's secure score in Microsoft Defender for Cloud.
1. Yes 2. Yes 3. Yes
1. Azure Active Directory (Azure AD) Identity Protection generates risk detections once a user is authenticated (Yes/No) 2. Azure Active Directory (Azure AD) Identity Protection assigns a risk level of Low, Medium, or High to each risk event (Yes/No) 3. A user risk in Azure Active Directory (Azure AD) Identity Protection represents the probability that a given identity or account is compromised (Yes/No)
1. Yes 2. Yes 3. Yes
1. Azure Defender can detect vulnerabilities and threats for Azure Storage. (Yes/No) 2. Cloud Security Posture Management (CSPM) is available for all Azure subscriptions. (Yes/No) 3. Azure Security Center can evaluate the security of workloads deployed to Azure or on-premises. (Yes/No)
1. Yes 2. Yes 3. Yes
1. Enabling multi-factor authentication (MFA) increases the Microsoft Secure Score (Yes/No) 2. A higher Microsoft Secure Score means a lower identified risk level in the Microsoft 365 (Yes/No) 3. Microsoft Secure Score measures progress in completing actions based on controls that include key regulations and standards for data protection and governance (Yes/No)
1. Yes 2. Yes 3. Yes
1. Microsoft Defender for Cloud can detect vulnerabilities and threats for Azure Storage (Yes/No) 2. Cloud Security Posture Management (CSPM) is available for all Azure subscriptions (Yes/No) 3. Microsoft Defender for Cloud can evaluate the security of workloads deployed to Azure or on-premises (Yes/No)
1. Yes 2. Yes 3. Yes
1. Microsoft Secure Score in the Microsoft 365 security center can provide recommendations for Microsoft Cloud App Security. (Yes/No) 2. From the Microsoft 365 security center, you can view how your Microsoft Secure Score compares to the score of organizations like yours. (Yes/No) 3. Microsoft Secure Score in the Microsoft 365 security center gives you points if you address the improvement action by using a third-party application or software. (Yes/No)
1. Yes 2. Yes 3. Yes
1. Network security groups (NSGs) can deny inbound traffic from the internet (Yes/No) 2. Network security groups (NSGs) can deny outbound traffic to the internet (Yes/No) 3. Network security groups (NSGs) can filter traffic based on IP address, protocol, and port (Yes/No)
1. Yes 2. Yes 3. Yes
1. Sensitivity labels can be used to encrypt documents. (Yes/No) 2. Sensitivity labels can add headers and footers to documents. (Yes/No) 3. Sensitivity labels can apply watermarks to emails. (Yes/No)
1. Yes 2. Yes 3. Yes
1. You can create one Azure Bastion per virtual network. (Yes/No) 2. Azure Bastion provides secure user connections by using RDP. (Yes/No) 3. Azure Bastion provides a secure connection to an Azure virtual machine by using the Azure portal. (Yes/No)
1. Yes 2. Yes 3. Yes
___________ system is a tool that collects data from multiple systems, identifies correlations or anomalies, and generates alerts and incidents. -A security information and event management (SIEM) -A security orchestration automated response (SOAR) -A Trusted Automated eXchange of Indicator Information (TAXII) -An attack surface reduction (ASR)
A security information and event management (SIEM)
What can you use to provide a user with a two-hour window to complete an administrative task in Azure? A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM) B. Azure Multi-Factor Authentication (MFA) C. Azure Active Directory (Azure AD) Identity Protection D. conditional access policies
A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
Which two types of resources can be protected by using Azure Firewall? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. Azure virtual machines B. Azure Active Directory (Azure AD) users C. Microsoft Exchange Online inboxes D. Azure virtual networks E. Microsoft SharePoint Online sites
A. Azure virtual machines D. Azure virtual networks
In a Core eDiscovery workflow, what should you do before you can search for content? A. Create an eDiscovery hold. B. Run Express Analysis. C. Configure attorney-client privilege detection. D. Export and download results.
A. Create an eDiscovery hold.
Which two cards are available in the Microsoft 365 Defender portal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. Devices at risk B. Compliance Score C. Service Health D. User Management E. Users at risk
A. Devices at risk E. Users at risk
Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. Display policy tips to users who are about to violate your organization's policies. B. Enable disk encryption on endpoints. C. Protect documents in Microsoft OneDrive that contain sensitive information. D. Apply security baselines to devices.
A. Display policy tips to users who are about to violate your organization's policies. C. Protect documents in Microsoft OneDrive that contain sensitive information.
What can you use to scan email attachments and forward the attachments to recipients only if the attachments are free from malware? A. Microsoft Defender for Office 365 B. Microsoft Defender Antivirus C. Microsoft Defender for Identity D. Microsoft Defender for Endpoint
A. Microsoft Defender for Office 365
You need to create a data loss prevention (DLP) policy. What should you use? A. Microsoft Purview B. the Microsoft Endpoint Manager admin center C. the Microsoft 365 admin center D. the Microsoft 365 Defender portal
A. Microsoft Purview
Which Microsoft portal provides information about how Microsoft manages privacy, compliance, and security? A. Microsoft Service Trust Portal B. Purview Manager C. Microsoft Purview D. Microsoft Support
A. Microsoft Service Trust Portal
In the Microsoft Cloud Adoption Framework for Azure, which two phases are addressed before the Ready phase? Each correct answer presents a complete solution. A. Plan B. Manage C. Adopt D. Govern E. Define Strategy
A. Plan E. Define Strategy
Microsoft 365 Endpoint data loss prevention (Endpoint DLP) can be used on which operating systems? A. Windows 10 and newer only B. Windows 10 and newer and Android only C. Windows 10 and newer and iOS only D. Windows 10 and newer, Android, and iOS
A. Windows 10 and newer only
You need to keep a copy of all files in a Microsoft SharePoint site for one year, even if users delete the files from the site. What should you apply to the site? A. a retention policy B. an insider risk policy C. a data loss prevention (DLP) policy D. a sensitivity label policy
A. a retention policy
Which two Azure resources can a network security group (NSG) be associated with? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. a virtual network subnet B. a network interface C. a resource group D. a virtual network E. an Azure App Service web app
A. a virtual network subnet B. a network interface
Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group? A. access reviews B. managed identities C. conditional access policies D. Azure AD Identity Protection
A. access reviews
What are two capabilities of Microsoft Defender for Endpoint? Each correct selection presents a complete solution. NOTE: Each correct selection is worth one point. A. automated investigation and remediation B. transport encryption C. shadow IT detection D. attack surface reduction
A. automated investigation and remediation D. attack surface reduction
Which three authentication methods does Windows Hello for Business support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. fingerprint B. facial recognition C. PIN D. email verification E. security question
A. fingerprint B. facial recognition C. PIN
Which three authentication methods can Azure AD users use to reset their password? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. mobile app notification B. text message to a phone C. security questions D. certificate E. picture password
A. mobile app notification B. text message to a phone C. security questions
Which compliance feature should you use to identify documents that are employee resumes? A. pre-trained classifiers B. Activity explorer C. eDiscovery D. Content explorer
A. pre-trained classifiers
Which Microsoft Defender for Cloud metric displays the overall security health of an Azure subscription? A. secure score B. resource health C. completed controls D. the status of recommendations
A. secure score
Which three authentication methods can be used by Azure Multi-Factor Authentication (MFA)? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. text message (SMS) B. Microsoft Authenticator app C. email verification D. phone call E. security question
A. text message (SMS) B. Microsoft Authenticator app D. phone call
What are two reasons to deploy multiple virtual networks instead of using just one virtual network? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. to meet governance policies B. to connect multiple types of resources C. to separate the resources for budgeting D. to isolate the resources
A. to meet governance policies D. to isolate the resources
_______ is the process of identifying whether a signed-in user can access a specific resource. -Authentication -Authorization -Federation -Single sign-on (SSO)
Authorization
____________ enables collaboration with business partners from external organizations such as suppliers, partners, and vendors. External users, appear as guest users in the directory. -Active Directory Domain Services (AD DS) -Active Directory forest trusts -Azure Active Directory (Azure AD) business-to-business (B2B) -Azure Active Directory business-to-consumer B2C (Azure AD B2C)
Azure Active Directory (Azure AD) business-to-business (B2B)
___________ is a cloud service for storing application secrets -Azure Active Directory (Azure AD) Password Protection -Azure Bastion -Azure Information Protection (AIP) -Azure Key Vault
Azure Key Vault
Microsoft Sentinel provides quick insights into data by using ___________ -Azure Logic Apps. -Azure Monitor workbook templates -Azure Resource Graph Explorer -playbooks
Azure Monitor workbook templates
____________ is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat, visibility, proactive hunting, and threat response. -Azure Advisor -Azure Bastion -Azure Monitor -Azure Sentinel
Azure Sentinel
What is the maximum number of resources that Azure DDoS Protection Standard can protect without additional costs? A. 50 B. 100 C. 500 D. 1000
B. 100
When security defaults are enabled for an Azure Active Directory (Azure AD) tenant, which two requirements are enforced? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. All users must authenticate from a registered device. B. Administrators must always use Azure Multi-Factor Authentication (MFA). C. Azure Multi-Factor Authentication (MFA) registration is required for all users. D. All users must authenticate by using passwordless sign-in. E. All users must authenticate by using Windows Hello.
B. Administrators must always use Azure Multi-Factor Authentication (MFA). C. Azure Multi-Factor Authentication (MFA) registration is required for all users.
What can you use to deploy Azure resources across multiple subscriptions in a consistent manner? A. Microsoft Defender for Cloud B. Azure Blueprints C. Microsoft Sentinel D. Azure Policy
B. Azure Blueprints
Which three tasks can be performed by using Azure Active Directory (Azure AD) Identity Protection? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. Configure external access for partner organizations. B. Export risk detection to third-party utilities. C. Automate the detection and remediation of identity based-risks. D. Investigate risks that relate to user authentication. E. Create and automatically assign sensitivity labels to data.
B. Export risk detection to third-party utilities. C. Automate the detection and remediation of identity based-risks. D. Investigate risks that relate to user authentication.
What can you use to view the Microsoft Secure Score for Devices? A. Microsoft Defender for Cloud Apps B. Microsoft Defender for Endpoint C. Microsoft Defender for Identity D. Microsoft Defender for Office 365
B. Microsoft Defender for Endpoint
Which statement represents a Microsoft privacy principle? A. Microsoft manages privacy settings for its customers. B. Microsoft respects the local privacy laws that are applicable to its customers. C. Microsoft uses hosted customer email and chat data for targeted advertising. D. Microsoft does not collect any customer data.
B. Microsoft respects the local privacy laws that are applicable to its customers.
What should you use in the Microsoft 365 Defender portal to view security trends and track the protection status of identities? A. Attack simulator B. Reports C. Hunting D. Incidents
B. Reports
Which three statements accurately describe the guiding principles of Zero Trust? Each correct answer presents a complete solution A. Define the perimeter by physical locations B. Use identity as the primary security boundary C. Always verify the permissions of a user explicitly D. Always assume that the user system can be breached. E. Use the network as the primary security boundary.
B. Use identity as the primary security boundary C. Always verify the permissions of a user explicitly D. Always assume that the user system can be breached.
Which pillar of identity relates to tracking the resources accessed by a user? A. authorization B. auditing C. administration D. authentication
B. auditing
What can be created in Active Directory Domain Services (AD DS)? A. line-of-business (LOB) applications that require modern authentication B. computer accounts C. software as a service (SaaS) applications that require modern authentication D. mobile devices
B. computer accounts
Which Microsoft 365 feature can you use to restrict users from sending email messages that contain lists of customers and their associated credit card numbers? A. retention policies B. data loss prevention (DLP) policies C. conditional access policies D. information barriers
B. data loss prevention (DLP) policies
What is an example of encryption at rest? A. encrypting communications by using a site-to-site VPN B. encrypting a virtual machine disk C. accessing a website by using an encrypted HTTPS connection D. sending an encryption email
B. encrypting a virtual machine disk
Which Microsoft 365 compliance feature can you use to encrypt content automatically based on specific conditions? A. Content Search B. sensitivity labels C. retention policies D. eDiscovery
B. sensitivity labels
You need to connect to an Azure virtual machine by using Azure Bastion. What should you use? A. PowerShell remoting B. the Azure portal C. the Remote Desktop Connection client D. an SSH client
B. the Azure portal
What is a use case for implementing information barrier policies in Microsoft 365? A. to restrict unauthenticated access to Microsoft 365 B. to restrict Microsoft Teams chats between certain groups within an organization C. to restrict Microsoft Exchange Online email between certain groups within an organization D. to restrict data sharing to external email recipients
B. to restrict Microsoft Teams chats between certain groups within an organization
You have a Microsoft 365 E3 subscription. You plan to audit user activity by using the unified audit log and Basic Audit. For how long will the audit records be retained? A. 15 days B. 30 days C. 90 days D. 180 days
C. 90 days
What is an assessment in Compliance Manager? A. A policy initiative that includes multiple policies. B. A dictionary of words that are not allowed in company documents. C. A grouping of controls from a specific regulation, standard or policy. D. Recommended guidance to help organizations align with their corporate standards.
C. A grouping of controls from a specific regulation, standard or policy.
In a hybrid identity model, what can you use to sync identities between Active Directory Domain Services (AD DS) and Azure Active Directory (Azure AD) A. Active Directory Federation Services (AD FS) B. Microsoft Sentinel C. Azure AD Connect D. Azure AD Privileged Identity Management (PIM)
C. Azure AD Connect
Which Azure Active Directory (Azure AD) feature can you use to provide just-in-time (JIT) access to manage Azure resources? A. conditional access policies B. Azure AD Identity Protection C. Azure AD Privileged Identity Management (PIM) D. authentication method policies
C. Azure AD Privileged Identity Management (PIM)
To which type of resource can Azure Bastion provide secure access? A. Azure Files B. Azure SQL Managed Instances C. Azure virtual machines D. Azure App Service
C. Azure virtual machines
Which Microsoft 365 Purview feature can you use to identify all the documents on a Microsoft SharePoint Online site that contain a specific key word? A. Audit B. Purview Manager C. Content Search D. Alerts
C. Content Search
What can you use to provide threat detection for Azure SQL Managed Instance? A. Microsoft Secure Score B. application security groups C. Microsoft Defender for Cloud D. Azure Bastion
C. Microsoft Defender for Cloud
Which type of alert can you manage from the Microsoft 365 Defender portal? A. Microsoft Defender for Storage B. Microsoft Defender for SQL C. Microsoft Defender for Endpoint D. Microsoft Defender for IoT
C. Microsoft Defender for Endpoint
Which Microsoft portal provides information about how Microsoft cloud services comply with regulatory standard, such as International Organization for Standardization (ISO)? A. the Microsoft Endpoint Manager admin center B. Azure Cost Management + Billing C. Microsoft Service Trust Portal D. the Azure Active Directory admin center
C. Microsoft Service Trust Portal
What can you use to ensure that all the users in a specific group must use multi-factor authentication (MFA) to sign to Azure Active Directory (Azure AD)? A. Azure Policy B. a communication compliance policy C. a Conditional Access policy D. a user risk policy
C. a Conditional Access policy
Which Azure Active Directory (Azure AD) feature can you use to restrict Microsoft Intune-managed devices from accessing corporate resources? A. network security groups (NSGs) B. Azure AD Privileged Identity Management (PIM) C. conditional access policies D. resource locks
C. conditional access policies
You plan to implement a security strategy and place multiple layers of defense throughout a network infrastructure. Which security methodology does this represent? A. threat modeling B. identity as the security perimeter C. defense in depth D. the shared responsibility model
C. defense in depth
What is a function of Conditional Access session controls? A. enforcing device compliance B. enforcing client app compliance C. enable limited experiences, such as blocking download of sensitive information D. prompting multi-factor authentication (MFA)
C. enable limited experiences, such as blocking download of sensitive information
Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization? A. sensitivity label policies B. Customer Lockbox C. information barriers D. Privileged Access Management (PAM)
C. information barriers
Which feature provides the extended detection and response (XDR) capability of Azure Sentinel? A. integration with the Microsoft Purview B. support for threat hunting C. integration with Microsoft 365 Defender D. support for Azure Monitor Workbooks
C. integration with Microsoft 365 Defender
What is a characteristic of a sensitivity label in Microsoft 365? A. encrypted B. restricted to predefined categories C. persistent
C. persistent
What can you specify in Microsoft 365 sensitivity labels? A. how long files must be preserved B. when to archive an email message C. which watermark to add to files D. where to store files
C. which watermark to add to files
_______________ measures a company's progress in completing actions that help reduce risks around data protection and regulatory standards -Compliance score -Microsoft Purview compliance portal reports -The Trust Center -Trust Documents
Compliance score
________ can be used to provide Microsoft Support Engineers with access to an organization's data stored in Microsoft Exchange Online. SharePoint Online, and OneDrive for Business. -Customer Lockbox -Information barriers -Privileged Access Management (PAM) -Sensitivity labels
Customer Lockbox
You have an Azure subscription. You need to implement approval-based, time-bound role activation. What should you use? A. Windows Hello for Business B. Azure Active Directory (Azure AD) Identity Protection C. access reviews in Azure Active Directory (Azure AD) D. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
D. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
You need to ensure repeatability when creating new resources in an Azure subscription. What should you use? A. Microsoft Sentinel B. Azure Policy C. Azure Batch D. Azure Blueprints
D. Azure Blueprints
You have an Azure subscription that contains multiple resources. You need to assess compliance and enforce standards for the existing resources. What should you use? A. Azure Blueprints B. the Anomaly Detector service C. Microsoft Sentinel D. Azure Policy
D. Azure Policy
Which score measures an organization's progress in completing actions that help reduce risks associated to data protection and regulatory standards? A. Microsoft Secure Score B. Productivity Score C. Secure score in Azure Security Center D. Compliance score
D. Compliance score
Which service includes the Attack simulation training feature? A. Microsoft Defender for Cloud Apps B. Microsoft Defender for Identity C. Microsoft Defender for SQL D. Microsoft Defender for Office 365
D. Microsoft Defender for Office 365
What should you use to ensure that the members of an Azure Active Directory group use multi-factor authentication (MFA) when they sign in? A. Azure role-based access control (Azure RBAC) B. Azure Active Directory (Azure AD) Privileged Identity Management (PIM) C. Azure Active Directory (Azure AD) Identity Protection D. a conditional access policy
D. a conditional access policy
What do you use to provide real-time integration between Azure Sentinel and another security source? A. Azure AD Connect B. a Log Analytics workspace C. Azure Information Protection D. a connector
D. a connector
What are customers responsible for when evaluating security in a software as a service (SaaS) cloud services model? A. operating systems B. network controls C. applications D. accounts and identities
D. accounts and identities
What feature in Microsoft Defender for Endpoint provides the first line of defense against cyberthreats by reducing the attack surface? A. automated remediation B. automated investigation C. advanced hunting D. network protection
D. network protection
Which security feature is available in the free mode of Microsoft Defender for Cloud? A. threat protection alerts B. just-in-time (JIT) VM access to Azure virtual machines C. vulnerability scanning of virtual machines D. secure score
D. secure score
What can you protect by using the information protection solution in the Microsoft Purview? A. computers from zero-day exploits B. users from phishing attempts C. files from malware and viruses D. sensitive data from being exposed to unauthorized users
D. sensitive data from being exposed to unauthorized users
Which type of identity is created when you register an application with Active Directory (Azure AD)? A. a user account B. a user-assigned managed identity C. a system-assigned managed identity D. a service principal
D. service principal
In the shared responsibility model for an Azure deployment, what is Microsoft solely responsible for managing? A. the management of mobile devices B. the permissions for the user data stored in Azure C. the creation and management of user accounts D. the management of the physical hardware
D. the management of the physical hardware
What is the purpose of Azure Active Directory (Azure AD) Password Protection? A. to control how often users must change their passwords B. to identify devices to which users can sign in without using multi-factor authentication (MFA) C. to encrypt a password by using globally recognized encryption standards D. to prevent users from using specific words in their passwords
D. to prevent users from using specific words in their passwords
What does Conditional Access evaluate by using Azure Active Directory (Azure AD) Identity Protection? A. user actions B. group membership C. device compliance D. user risk
D. user risk
______ a file makes the data in the file readable and usable to viewers that have the appropriate key. -Archiving -Compressing -Deduplicating -Encrypting
Encrypting
__________ provides single-on (SSO) capabilities across multiple identity providers -A domain controller -Active Directory Domain Services (AD DS) -Azure Active Directory (AD) Privilege Identity Management (PIM) -Federation
Federation
You can use _______ in the Microsoft 365 security center to view an aggregation of alerts that relate to the same attack. -Reports -Hunting -Attack simulator -Incidents
Incidents
__________ can use conditional access policies to control sessions in real time. -Azure Active Directory (Azure AD) Privileged Identity Management (PIM) -Azure Defender -Azure Sentinel -Microsoft Cloud App Security
Microsoft Cloud App Security
____________ provides cloud workload protection for Azure and hybrid cloud resources. -Microsoft Defender for Cloud -Azure Monitor -Azure Security Benchmark -Microsoft Secure Score
Microsoft Defender for Cloud
______ is a cloud-based solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats. -Microsoft Defender for Cloud Apps -Microsoft Defender for Endpoint -Microsoft Defender for Identity -Microsoft Defender for Office 365
Microsoft Defender for Identity
You can manage Microsoft Intune by using the _____ -Azure Active Directory admin center -Microsoft Purview -Microsoft 365 Defender portal -Microsoft Endpoint Manager admin center
Microsoft Endpoint Manager admin center
Compliance Manager can be directly accessed from the ________________ -Microsoft 365 admin center -Microsoft 365 Defender portal -Microsoft Purview -Microsoft Support portal.
Microsoft Purview
Insider risk management is configured from the _________________ -Microsoft 365 admin center -Microsoft Purview -Microsoft 365 Defender portal -Microsoft Defender for Cloud Apps portal
Microsoft Purview
_________ provides a central location for managing information protection, information governance, and data loss prevention (DLP) policies. -Azure Defender -Microsoft Purview -The Microsoft Defender portal -Microsoft Endpoint Manager
Microsoft Purview
___________ provides a central location for managing information protection, information governance, and data loss prevention (DLP) policies. -Azure Defender -The Microsoft Purview -The Microsoft 365 security center -Microsoft Endpoint Manager
Microsoft Purview
____________ requires additional verification, such as a verification code sent to a mobile phone -Multi-factor authentication (MFA) -Pass-through authentication -Password writeback -Single sign-on (SSO)
Multi-factor authentication (MFA)
Which Service should you use to view your Azure secure score? To answer, select the appropriate service in the answer area. -Create a resource -Alerts -Application Insights -Subscriptions -Policy -Azure AD Connect Health -Security Center -Advisor -Monitor -More services
Security Center
_______ provides benchmark recommendations and guidance for protecting Azure services. -Azure Application Insights -Azure Network Watcher -Log Analytics workspaces -Security baselines for Azure
Security baselines for Azure
________provides best practices from Microsoft employees, partners, and customers, including tools and guidance to assist in an Azure deployment. -Azure Blueprints -Azure Policy -The Microsoft Cloud Adoption Framework for Azure -a resource lock
The Microsoft Cloud Adoption Framework for Azure
Federation is used to establish________ between organizations. -multi-factor authentication (MFA) -a trust relationship -user account synchronization -a VPN connection
a trust relationship
Azure Active Directory (Azure AD) is used for authentication and authorization ___________ -an extended detection and response (XDR) system -an identity provider -a management group -a security information and event management (SIEM) system
an identity provider
When users sign in to the Azure portal, they are first_______ -assigned permissions -authenticated -authorized -resolved
authenticated
When users sign in, __________ verifies their credentials to prove their identity -administration -auditing -authentication -authorization
authentication
When users attempt to access an application or a service _________ controls their level of access. -administration -auditing -authentication -authorization
authorization
Compliance Manager assesses compliance data __________ for an organization. -continually -monthly -on-demand -quarterly
continually
-Customer Lockbox -Data Loss prevention (DLP) -eDiscovery -a resource lock ____is used to identify, hold, and export electronic information that might be used in an investigation.
eDiscovery
In an environment that has on-premises resources and cloud resources, _______ should be the primary security perimeter. -the cloud -a firewall -identity -Microsoft Defender for Cloud
identity
You can use ____________ in the Microsoft 365 Defender portal to identify devices that are affected by an alert. -classifications -incidents -policies -Secure score
incidents
With Windows Hello for Business, a user's biometric data used for authentication___________ -is stored on an external device -is stored on a local device only -is stored in Azure Active Directory (Azure AD) -is replicated to all the devices designated by the user
is stored on a local device only
When using multi-factor authentication (MFA), a password is considered something you __________ -are -have -know -share
know
An Azure resources can use a system-assigned _____________ to access Azure services. -Azure Active Directory (Azure AD) joined device -managed identity -service principal -user identity
managed identity
When you enable security defaults in Azure Active Directory (Azure AD), _________ will be enabled for all Azure AD users -Azure AD Identity Protection -Azure AD Privileged Identity Management (PIM) -multi-factor authentication (MFA)
multi-factor authentication (MFA)
Microsoft Defender for Identity can identify advanced threats from ________ -Azure Active Directory (Azure AD) -Azure AD Connect -on-premises Active Directory Domain Services (AD DS)
on-premises Active Directory Domain Services (AD DS)
In Microsoft Sentinel, you can automate common tasks by using _________ -deep investigation tools -hunting search-and-query tools -playbooks -workbooks
playbooks
Microsoft Sentinel ___________ use Azure Logic Apps to automate and orchestrate responses to alerts. -analytic rules -hunting queries -playbooks -workbooks
playbooks
Applications registered in Azure Active Directory (Azure AD) are associated automatically to a ________ -guest account -managed identity -service principal -user account
service principal
Azure DDos Protection Standard can be used to protect ______________ -Azure Active Directory (Azure AD) application -Azure Active Directory (Azure AD) users -resource groups -virtual networks
virtual networks
In the Microsoft 365 Defender portal, an incident is a collection of correlated _____________ -alerts -events -vulnerabilities -Microsoft Secure Score improvement actions
vulnerabilities