Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version SC-100 Microsoft Exam

Page: 8 / 12
Total 296 questions

Microsoft Cybersecurity Architect Questions and Answers

Question 29

You have an Azure subscription that contains 100 virtual machines. The virtual machines are accessed by using Azure Bastion.

You need to recommend a solution to ensure that only specific users in specific locations can access the virtual machines. The solution must meet the following requirements:

• Restrict access to the virtual machines based on an originating IP address or a connection request by using just-in-time (JIT) VM access network-based controls.

• Restrict access to the virtual machines based on role-based access control (RBAC) role assignments by using JIT VM access authorization controls.

Which Microsoft cloud services should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 30

You have a Microsoft Entra tenant named contoso.com and use Microsoft Intune. Each user in contoso.com has a Microsoft Entra ID P1 license and a Windows 11 device that has the Global Secure Access client deployed.

You plan to deploy the following configuration of Microsoft Entra Internet Access:

• Enable a baseline profile.

• Create a security profile named Profile` that has a priority of 300 and contains a single web content filtering policy named WCFPolicy configure WCFPolicy1 as follows:

o Set Action to allow.

o Include a single rule that has a fully qualified domain name (FQDN) destination of ‘. adatum.com.

• Link Profile1 to a Conditional Access policy named CAPolicy1, apply CAPolicy1 to all users, and grant access unless a user ' s device is noncompliant

You need to evaluate the impact of the planned deployment on traffic to the following resources:

Which two traffic scenarios will occur? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point

Options:

A.

Traffic to https://www.fabrikam.com will be allowed from all the devices.

B.

Traffic to https://www.adatum.com:8433 will be blocked from all the devices.

C.

Traffic to https://www.adatumxom:8433 will be allowed from all the devices.

D.

Traffic to https://www.fabrikam.com will be allowed from compliant devices only.

E.

Traffic to https://www.adatum.com:8433 will be allowed from compliant devices only.

F.

Traffic to https://www.fabrikam.com will be blocked from noncompliant devices only.

Question 31

You need to recommend a solution to scan the application code. The solution must meet the application development requirements. What should you include in the recommendation?

Options:

A.

Azure Key Vault

B.

GitHub Advanced Security

C.

Application Insights in Azure Monitor

D.

Azure DevTest Labs

Question 32

You need to recommend a solution to meet the requirements for connections to ClaimsDB.

What should you recommend using for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Page: 8 / 12
Total 296 questions