SC-100 Dumps
          SC-100 Braindumps
          SC-100 Real Questions
          SC-100 Practice Test
          SC-100 Actual Questions












































            Microsoft



            SC-100







            Microsoft Cybersecurity Architect










            https://killexams.com/pass4sure/exam-detail/SC-100









    Question: 33

    You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle
    (SDL).

    You need to recommend a security standard for onboarding applications to Azure. The standard will include
    recommendations for application design, development, and deployment

    What should you include during the application design phase?
    A. static application security testing (SAST) by using SonarQube
    B. dynamic application security testing (DAST) by using Veracode
    C. threat modeling by using the Microsoft Threat Modeling Tool
    D. software decomposition by using Microsoft Visual Studio Enterprise




    Answer: C


    Explanation:

    https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling

    Question: 34


    HOTSPOT

    You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone
    requirements.

    What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct
    selection is worth one point.





























    Answer:



























    Explanation:

    Box 1: Virtual Network Integration – correct

    Virtual network integration gives your app access to resources in your virtual network, but it doesn’t grant inbound
    private access to your app from the virtual network.


    Box 2: Private Endpoints. – correct

    You can use Private Endpoint for your Azure Web App to allow clients located in your private network to securely
    access the app over Private Link.

    Question: 35

    Your company is developing a serverless application in Azure that will have the architecture shown in the following
    exhibit.





































    You need to recommend a solution to isolate the compute components on an Azure virtual network.




    What should you include in the recommendation?
    A. Azure Active Directory (Azure AD) enterprise applications
    B. an Azure App Service Environment (ASE)
    C. Azure service endpoints
    D. an Azure Active Directory (Azure AD) application proxy




    Answer: B

    Explanation:


    App Service environments (ASEs) are appropriate for application workloads that require:

    Very high scale,Isolation and secure network access,High memory utilization.


    This capability can host your:

    Windows web apps,Linux web apps

    Docker containers,Mobile apps


    Functions

    https://docs.microsoft.com/en-us/azure/app-service/environment/overview

    Question: 36


    You need to recommend a solution to scan the application code. The solution must meet the application development
    requirements.


    What should you include in the recommendation?
    A. Azure Key Vault
    B. GitHub Advanced Security
    C. Application Insights in Azure Monitor
    D. Azure DevTest Labs




    Answer: B


    Explanation:

    https://docs.microsoft.com/en-us/learn/modules/introduction-github-advanced-security/2-what-is-github-advanced-
    security


    Question: 37

    HOTSPOT

    You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity
    requirements.


    What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE;
    Each correct selection is worth one point.























    Answer:


















    Explanation:

    Question: 38


    You are designing a ransomware response plan that follows Microsoft Security Best Practices.

    You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.


    What should you include in the recommendations?
    A. Privileged Access Workstations (PAWs)
    B. emergency access accounts
    C. device compliance policies
    D. Customer Lockbox for Microsoft Azure





    Answer: B

    Question: 39


    HOTSPOT

    You need to recommend a multi-tenant and hybrid security solution that meets to the business requirements and the
    hybrid requirements.

    What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct


    selection is worth one point.

























    Answer:




















    Question: 40


    HOTSPOT

    You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (CI/CO)
    workflows.

    You need to recommend best practices to secure the stages of the CI/CD workflows based on the Microsoft Cloud
    Adoption Framework for Azure.


    What should you include in the recommendation for each stage? To answer, select the appropriate options in the
    answer area. NOTE: Each correct selection is worth one point.




























    Answer:























    Question: 41

    A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure
    subscriptions. You are evaluating the security posture of the customer.

    You discover that the AKS resources are excluded from the secure score recommendations. You need to produce
    accurate recommendations and update the secure score.


    Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the
    solution. NOTE: Each correct selection is worth one point.
    A. Configure auto provisioning.
    B. Assign regulatory compliance policies.
    C. Review the inventory.
    D. Add a workflow automation.
    E. Enable Defender plans.




    Answer: A,E


    Explanation:

    https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages


    https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation

    Question: 42


    Your company has a Microsoft 365 E5 subscription.

    Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The
    company identifies protected health information (PHI) within stored documents and communications.

    What should you recommend using to prevent the PHI from being shared outside the company?
    A. insider risk management policies
    B. data loss prevention (DLP) policies
    C. sensitivity label policies
    D. retention policies





    Answer: B

    Explanation:

    https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide








                         6$03/( 48(67,216








            7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\  )XOO YHUVLRQ LV

            XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV


            .LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ
            H[DP SUHSDUDWLRQ  7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV  H[DP GXPSV  DQG SUDFWLFH WHVWV WR
            KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH  +HUH DUH VRPH NH\
            IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP


            $FWXDO ([DP 4XHVWLRQV  .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG
            LQ WHVW FHQWHUV  7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG
            UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV  %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV  FDQGLGDWHV FDQ
            IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP

            ([DP 'XPSV  .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW  7KHVH GXPSV FRQWDLQ D
            FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV  %\ XVLQJ WKHVH
            GXPSV  FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH
            FHUWLILFDWLRQ H[DP


            3UDFWLFH 7HVWV  .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP
            VLPXODWRU DQG RQOLQH WHVW HQJLQH  7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG
            KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP  7KH SUDFWLFH WHVWV FRYHU D ZLGH
            UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV

            *XDUDQWHHG 6XFFHVV  .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV  7KH\
            FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV  FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\
            ZLOO UHIXQG WKH SXUFKDVH SULFH  7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV
            SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV


            8SGDWHG &RQWHQW  .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR
            HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV  7KLV KHOSV
            FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV


            7HFKQLFDO 6XSSRUW  .LOOH[DPV FRP SURYLGHV IUHH   [  WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV
            ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV  7KHLU FHUWLILHG H[SHUWV
            DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ
            MRXUQH\



                             'PS .PSF FYBNT WJTJU IUUQT   LJMMFYBNT DPN WFOEPST FYBN MJTU
                                .LOO \RXU H[DP DW )LUVW $WWHPSW    *XDUDQWHHG