Free Exam/Cram Practice Materials - Best Exam Practice Materials

IT Certification Guaranteed, The Easy Way!

NO.1 Your on-premises network contains an e-commerce web app that was developed in Angular
and Node.js. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The
solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the
database. The solution must follow the Zero Trust model. Solution: You recommend implementing
Azure Front Door with Azure Web Application Firewall (WAF). Does this meet the goal?
A. Yes
B. No
Answer: A

NO.2 You are designing the security standards for a new Azure environment.
You need to design a privileged identity strategy based on the Zero Trust model.
Which framework should you follow to create the design?
A. Enhanced Security Admin Environment (ESAE)
B. Rapid Modernization Plan (RaMP)
C. Microsoft Security Development Lifecycle (SDL)
D. Microsoft Operational Security Assurance (OSA)
Answer: A

NO.3 You have a Microsoft 365 E5 subscription.

You are designing a solution to protect confidential data in Microsoft SharePoint Online sites that
contain more than one million documents.
You need to recommend a solution to prevent Personally Identifiable Information (Pll) from being
shared.
Which two components should you include in the recommendation? Each correct answer presents
part of the solution.
NOTE: Each correct selection is worth one point.
A. retention label policies
B. sensitivity label policies
C. data loss prevention (DLP) policies
D. eDiscovery cases
Answer: C,D

NO.4 You need to recommend an identity security solution for the Azure AD tenant of Litware. The
solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

2 from Freecram.net.
Get Latest & Valid SC-100 Exam's Question and Answers 1
https://www.freecram.net/exam/SC-100-microsoft-cybersecurity-architect-e14205.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer:

NO.5 Your company plans to provision blob storage by using an Azure Storage account The blob
storage will be accessible from 20 application sewers on the internet. You need to recommend a
solution to ensure that only the application servers can access the storage account. What should you
recommend using to secure the blob storage?
A. firewall rules for the storage account
B. inbound rules in Azure Firewall
C. service tags in network security groups (NSGs)
D. inbound rules in network security groups (NSGs)
E. managed rule sets in Azure Web Application Firewall (WAF) policies
Answer: D

NO.6 You need to recommend a solution to meet the security requirements for the virtual machines.
What should you include in the recommendation?
A. a network security group (NSG)
B. Azure Virtual Desktop
C. an Azure Bastion host
D. just-in-time (JIT) VM access
Answer: C

NO.7 You need to recommend a solution to secure the MedicalHistory data in the ClaimsDetail table.
The solution must meet the Contoso developer requirements.
What should you include in the recommendation?
A. Always Encrypted
B. Transparent Data Encryption (TDE)
C. dynamic data masking
D. data classification
E. row-level security (RLS)

3 from Freecram.net.
Get Latest & Valid SC-100 Exam's Question and Answers 2
https://www.freecram.net/exam/SC-100-microsoft-cybersecurity-architect-e14205.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer: B

NO.8 Your company plans to move all on-premises virtual machines to Azure. A network engineer
proposes the Azure virtual network design shown in the following table.

You need to recommend an Azure Bastion deployment to provide secure remote access to all the
virtual machines. Based on the virtual network design, how many Azure Bastion subnets are
required?
A. 3
B. 4
C. 1
D. 2
E. 5
Answer: C

NO.9 You need to recommend a solution to evaluate regulatory compliance across the entire
managed environment.
The solution must meet the regulatory compliance requirements and the business requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

4 from Freecram.net.
Get Latest & Valid SC-100 Exam's Question and Answers 3
https://www.freecram.net/exam/SC-100-microsoft-cybersecurity-architect-e14205.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

NO.10 You receive a security alert in Microsoft Defender for Cloud as shown in the exhibit. (Click the
Exhibit tab.)

After remediating the threat which policy definition should you assign to prevent the threat from
reoccurring?
A. Storage accounts should prevent shared key access
B. Storage account public access should be disallowed
C. Storage account keys should not be expired
D. Azure Key Vault Managed HSM should have purge protection enabled
Answer: B

5 from Freecram.net.
Get Latest & Valid SC-100 Exam's Question and Answers 4
https://www.freecram.net/exam/SC-100-microsoft-cybersecurity-architect-e14205.html