New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Microsoft Certified: Cybersecurity Architect Expert SC-100 Book

Page: 5 / 10
Total 187 questions

Microsoft Cybersecurity Architect Questions and Answers

Question 17

Your company has a hybrid cloud infrastructure that contains an on-premises Active Directory Domain Services (AD DS) forest, a Microsoft B65 subscription, and an Azure subscription.

The company's on-premises network contains internal web apps that use Kerberos authentication. Currently, the web apps are accessible only from the network.

You have remote users who have personal devices that run Windows 11.

You need to recommend a solution to provide the remote users with the ability to access the web apps. The solution must meet the following requirements:

• Prevent the remote users from accessing any other resources on the network.

• Support Azure Active Directory (Azure AD) Conditional Access.

• Simplify the end-user experience.

What should you include in the recommendation?

Options:

A.

Azure AD Application Proxy

B.

Azure Virtual WAN

C.

Microsoft Tunnel

D.

web content filtering in Microsoft Defender for Endpoint

Question 18

Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.

The company signs a contract with the United States government. You need to review the current subscription for NIST 800-53 compliance. What should you do first?

Options:

A.

From Defender for Cloud, review the Azure security baseline for audit report.

B.

From Defender for Cloud, review the secure score recommendations.

C.

From Azure Policy, assign a built-in initiative that has a scope of the subscription.

D.

From Defender for Cloud, enable Defender for Cloud plans.

Question 19

For of an Azure deployment you are designing a security architecture based on the Microsoft Cloud Security Benchmark. You need to recommend a best practice for implementing service accounts for Azure API management. What should you include in the recommendation?

Options:

A.

device registrations in Azure AD

B.

application registrations m Azure AD

C.

Azure service principals with certificate credentials

D.

Azure service principals with usernames and passwords

E.

managed identities in Azure

Question 20

You need to design a strategy for securing the SharePoint Online and Exchange Online data. The solution must meet the application security requirements.

Which two services should you leverage in the strategy? Each correct answer presents part of the solution. NOTE; Each correct selection is worth one point.

Options:

A.

Azure AD Conditional Access

B.

Microsoft Defender for Cloud Apps

C.

Microsoft Defender for Cloud

D.

Microsoft Defender for Endpoint

E.

access reviews in Azure AD

Page: 5 / 10
Total 187 questions