SC-100 Practice Questions — Page 14

You have a Microsoft Entra tenant named contoso.com that is linked to an Azure subscription named Sub1 and a Microsoft 365 subscription. Sub1 contains a publicly accessible Azure App Service web app named App1.

You have an external partner that has a Microsoft Entra tenant named fabrikam.com.

You need to recommend a solution that meets the following requirements:

• Ensures that the users in fabrikam.com can be granted permissions to specific Microsoft Teams channels in contoso.com

• Ensures that the users of App1 can authenticate by using social media accounts

• Minimizes administrative effort

Which authentication method should you recommend for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription.

You configure Microsoft Purview Information Protection to apply sensitivity labels automatically.

You need to recommend a solution that will prevent users from uploading unlabeled files to Microsoft SharePoint Online if the files contain content defined by Microsoft Purview classifiers as sensitive.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Your company has offices in 10 countries.

You have a Microsoft 365 subscription that contains 1,000 users. Each user is assigned a Microsoft 365 E5 license.

You plan to deploy a compliance assessment solution. The solution must meet the following requirements:

• Ensure that compliance is assessed based on the regulations of the country of each office.

• Provide improvement action guidance to ensure compliance of the subscription.

You need to recommend the service that should be used to perform the assessments, and identify additional costs that will be incurred.

What should you recommend and what should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

You need to recommend a security solution that meets the following requirements:

• Automatically identifies and stops external, brute force attacks against accounts in the subscription

• Automatically identifies and stops external attacks that use an internal account to exfiltrate data from Microsoft SharePoint Online sites in the subscription

What should you include in the recommendation for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription that uses Microsoft Purview.

You need to recommend a solution that will provide guidance on how to ensure that Personally Identifiable Information (PII) in the subscription adheres to local privacy regulations. The solution must minimize administrative effort.

Which Microsoft Purview solution should you include in the recommendation?

Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains 500 Windows 11 devices.

You have a Microsoft 365 subscription and an Azure subscription.

You have a Microsoft Entra tenant that syncs with the domain and is linked to the subscriptions. The devices are Microsoft Entra hybrid joined.

You plan to deploy a solution to mitigate attacks against privileged accounts. The solution will include Microsoft Sentinel rules that will detect attempts to use fake cached credentials.

You need to recommend a solution to create the fake cached credentials on client computers.

What should you recommend?

You have an Azure subscription and a Microsoft 365 subscription. All users are assigned Microsoft 365 E5 licenses. All computers run Windows 11 and are Microsoft Entra joined.

You need to recommend a solution to prevent computers that run early builds of Windows 11 from connecting to Microsoft 365 services.

Which two types of policies should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that uses Microsoft Defender XDR and Microsoft Purview.

You need to recommend a data protection solution. The solution must ensure that you can identify users that download atypical amounts of data from Microsoft SharePoint Online.

Which service should you include in the recommendation, and which policy should be configured? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have Microsoft Defender for Cloud assigned to Azure management groups.

You have a Microsoft Sentinel deployment.

During the triage of alerts, you require additional information about the security events, including suggestions for remediation.

Which two components can you use to achieve the goal? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure subscriptions.

You are evaluating the security posture of the customer.

You discover that the AKS resources are excluded from the secure score recommendations.

You need to produce accurate recommendations and update the secure score.

Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.