SC-100 Certification Practice Question #47

Question

You are designing a ransomware mitigation strategy.

You perform a ransomware risk assessment and identify business-critical assets.

You need to recommend a solution to mitigate ransomware threats. The solution must follow Microsoft security best practices.

Which two actions should you include in the recommendation? Each correct answer presents a complete solution.

NOTE: Each correct answer is worth one point.

Accepted Answer

This is a choose-two question and each answer is a complete solution. MS Learn's ransomware mitigation guidance explicitly prioritizes two pillars: protect backups (immutable/offline storage with restricted access and tested restores — option C) and protect privileged access (PIM with JIT and approval workflows — option D, a Zero Trust least-privilege control). Both C and D carry the ✓ Most Voted marker, and CipherTrumpet's CD selection aligns. The captured Suggested Answer lists only "D," but since the question demands two complete answers and the docs/votes back the backup pillar equally, C is the clear second. Options A and B are anti-patterns — leaving traffic unrestricted and delaying patches both increase ransomware risk. Confidence is 88% rather than 90+ because the captured Suggested Answer field shows only one letter and individual comment vote counts are low, but MS Learn grounding for both C and D is unambiguous.

More SC-100 practice questions