New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Microsoft SC-900 Microsoft Security Compliance and Identity Fundamentals Exam Practice Test

Page: 1 / 20
Total 198 questions

Microsoft Security Compliance and Identity Fundamentals Questions and Answers

Question 1

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 1

Options:

Question 2

Select the answer that correctly completes the sentence.

Question # 2

Options:

Question 3

What can you use to deploy Azure resources across multiple subscriptions in a consistent manner?

Options:

A.

Microsoft Sentinel

B.

Microsoft Defender for Cloud

C.

Azure Policy

D.

Azure Blueprints

Question 4

What can you use to provide a user with a two-hour window to complete an administrative task in Azure?

Options:

A.

Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

B.

Azure Multi-Factor Authentication (MFA)

C.

Azure Active Directory (Azure AD) Identity Protection

D.

conditional access policies

Question 5

Select the answer that correctly completes the sentence.

Question # 5

Options:

Question 6

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 6

Options:

Question 7

You need to keep a copy of all files in a Microsoft SharePoint site for one year, even if users delete the files from the site. What should you apply to the site?

Options:

A.

a data loss prevention (DLP) policy

B.

a retention policy

C.

an insider risk policy

D.

a sensitivity label policy

Question 8

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Question 9

You need to create a data loss prevention (DLP) policy. What should you use?

Options:

A.

the Microsoft 365 admin center

B.

the Microsoft Endpoint Manager admin center

C.

the Microsoft 365 Defender portal

D.

the Microsoft 365 Compliance center

Question 10

Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group?

Options:

A.

access reviews

B.

managed identities

C.

conditional access policies

D.

Azure AD Identity Protection

Question 11

Select the answer that correctly completes the sentence.

Question # 11

Options:

Question 12

Select the answer that correctly completes the sentence.

Question # 12

Options:

Question 13

You have an Azure subscription that contains a Log Analytics workspace.

You need to onboard Microsoft Sentinel.

What should you do first?

Options:

A.

Create a hunting query.

B.

Correlate alerts into incidents.

C.

Connect to your security sources.

D.

Create a custom detection rule.

Question 14

Select the answer that correctly completes the sentence.

Question # 14

Options:

Question 15

Select the answer that correctly completes the sentence.

Question # 15

Options:

Question 16

What is an assessment in Compliance Manager?

Options:

A.

A grouping of controls from a specific regulation, standard or policy.

B.

Recommended guidance to help organizations align with their corporate standards.

C.

A dictionary of words that are not allowed in company documents.

D.

A policy initiative that includes multiple policies.

Question 17

Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 17

Options:

Question 18

Select the answer that correctly completes the sentence.

Question # 18

Options:

Question 19

Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Display policy tips to users who are about to violate your organization’s policies.

B.

Enable disk encryption on endpoints.

C.

Protect documents in Microsoft OneDrive that contain sensitive information.

D.

Apply security baselines to devices.

Question 20

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point

Question # 20

Options:

Question 21

Select the answer that correctly completes the sentence.

Question # 21

Options:

Question 22

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 22

Options:

Question 23

Select the answer that correctly completes the sentence.

Question # 23

Options:

Question 24

You have an Azure subscription.

You need to implement approval-based, tiProme-bound role activation.

What should you use?

Options:

A.

Windows Hello for Business

B.

Azure Active Directory (Azure AD) Identity Protection

C.

access reviews in Azure Active Directory (Azure AD)

D.

Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

Question 25

You need to identify which cloud service models place the most responsibility on the customer in a shared responsibility model.

in which order should you list the service models from the most customer responsibility (on the top) to the least customer responsibility (on the bottom)? To answer, move all models from the list of models to the answer area and arrange them in the correct order.

Question # 25

Options:

Question 26

Select the answer that correctly completes the sentence.

Question # 26

Options:

Question 27

Select the answer that correctly completes the sentence.

Question # 27

Options:

Question 28

You have an Azure subscription.

You need to implement approval-based time-bound role activation.

What should you use?

Options:

A.

Microsoft Entra ID Protection

B.

Microsoft Entra Conditional access

C.

Microsoft Entra Privileged Management

D.

Microsoft Entra Access Reviews

Question 29

Which three statements accurately describe the guiding principles of Zero Trust? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Define the perimeter by physical locations.

B.

Use identity as the primary security boundary.

C.

Always verity the permissions of a user explicitly.

D.

Always assume that the user system can be breached.

E.

Use the network as the primary security boundary.

Question 30

Select the answer that correctly completes the sentence.

Question # 30

Options:

Question 31

Select the answer that correctly completes the sentence.

Question # 31

Options:

Question 32

Which three authentication methods can Microsoft Entra users use to reset their password? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

text message to a phone

B.

certificate

C.

mobile app notification

D.

security questions

E.

picture password

Question 33

What is an example of encryption at rest?

Options:

A.

encrypting communications by using a site-to-site VPN

B.

encrypting a virtual machine disk

C.

accessing a website by using an encrypted HTTPS connection

D.

sending an encrypted email

Question 34

What is a characteristic of a sensitivity label in Microsoft 365?

Options:

A.

persistent

B.

encrypted

C.

restricted to predefined categories

Question 35

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 35

Options:

Question 36

For each of the following statements, select Yes if the statement is true Otherwise, select No.

NOTE Each correct selection is worth one point.

Question # 36

Options:

Question 37

What can you use to provision Azure resources across multiple subscriptions in a consistent manner?

Options:

A.

Microsoft Defender for Cloud

B.

Azure Blueprints

C.

Microsoft Sentinel

D.

Azure Policy

Question 38

In the shared responsibility model for an Azure deployment, what is Microsoft solely responsible for managing?

Options:

A.

the management of mobile devices

B.

the permissions for the user data stored in Azure

C.

the creation and management of user accounts

D.

the management of the physical hardware

Question 39

Which feature is included in Microsoft Entra ID Governance?

Options:

A.

Verifiable credentials

B.

Permissions Management

C.

Identity Protection

D.

Privileged Identity Management

Question 40

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 40

Options:

Question 41

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 41

Options:

Question 42

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 42

Options:

Question 43

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 43

Options:

Question 44

Select the answer that correctly completes the sentence.

Question # 44

Options:

Question 45

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point

Question # 45

Options:

Question 46

Select the answer that correctly completes the sentence.

Question # 46

Options:

Question 47

What can you use to ensure that all the users in a specific group must use multi-factor authentication (MFA) to sign in to Azure AD?

Options:

A.

Azure Policy

B.

a communication compliance policy

C.

a Conditional Access policy

D.

a user risk policy

Question 48

What are three uses of Microsoft Cloud App Security? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

to discover and control the use of shadow IT

B.

to provide secure connections to Azure virtual machines

C.

to protect sensitive information hosted anywhere in the cloud

D.

to provide pass-through authentication to on-premises applications

E.

to prevent data leaks to noncompliant apps and limit access to regulated data

Question 49

What Microsoft Purview feature can use machine learning algorithms to detect and automatically protect sensitive items?

Options:

A.

eDiscovery

B.

Data loss prevention

C.

Information risks

D.

Communication compliance

Question 50

Which Microsoft Defender for Cloud metric displays the overall security health of an Azure subscription?

Options:

A.

resource health

B.

secure score

C.

the status of recommendations

D.

completed controls

Question 51

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 51

Options:

Question 52

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 52

Options:

Question 53

Which two cards are available in the Microsoft 365 Defender portal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Options:

A.

Users at risk

B.

Compliance Score

C.

Devices at risk

D.

Service Health

E.

User Management

Question 54

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 54

Options:

Question 55

What should you create to search and export content preserved in an eDiscovery hold?

Options:

A.

a Microsoft SharePoint Online site

B.

a case

C.

a Microsoft Exchange Online public folder

D.

Azure Files

Question 56

You need to connect to an Azure virtual machine by using Azure Bastion. What should you use?

Options:

A.

an SSH client

B.

PowerShell remoting

C.

the Azure portal

D.

the Remote Desktop Connection client

Question 57

Match the types of compliance score actions to the appropriate tasks.

To answer. drag the appropriate action type from the column on the left to its task on the right. Each type may be used once. more than once, or not at all.

NOTE: Each correct match is worth one point.

Question # 57

Options:

Page: 1 / 20
Total 198 questions