A company's IT organization has been asked to find ways to
reduce IT costs, without compromising security. Which feature should they
consider implementing?
A.
FIDO2.
B. Self-service password reset.
C.
Biometric sign-in on all devices.
Answer
B
Which relationship allows federated services to access
resources?
A.
Claim relationship.
B. A Trust relationship.
C.
Shared access relationship.
Answer
B
An organization has recently conducted a security audit and
found that four people who have left were still active and assigned global
admin roles. The users have now been deleted but the IT organization has been
asked to recommend a solution to prevent a similar security lapse happening in
future. Which solution should they recommend?
A.
Identity Protection.
B. Privileged Identity Management.
C.
Entitlement management.
Answer
B
An organization has much of its application data in Azure.
The security admin wants to use the encryption capabilities in Azure. Which
service would the admin use to store the application's secrets?
A. Azure Key Vault.
B.
Transparent data encryption.
C.
Secrets management.
Answer
A
An organization is launching a new app for its customers.
Customers will use a sign-in screen that is customized with the organization's
brand identity. Which type of Azure External identity solution should the organization
use?
A. Azure AD B2C
B.
None
C.
Azure AD B2B
D.
Azure AD Hybrid identities
Answer
A
After hearing of a breach at a competitor, the security team
wants to improve identity security within their organization. What should they
implement immediately to provide the greatest protection to user identities?
A. Multifactor authentication.
B.
Require biometrics for all sign-ins.
C.
Require strong passwords for all identities.
Answer
A
Authentication is the process of doing what?
A.
Enabling federated services.
B. Verifying that a user or device
is who they say they are.
C.
The process of profiling user behavior.
Answer
B
An organization is moving their IT infrastructure to the
cloud. They want to know how to create and implement business and technology
strategies in a way that will help them succeed in the cloud. What guidance can
they use to help them transition to the cloud?
A. They should use the Microsoft
Cloud Adoption Framework for guidance on moving to the cloud.
B.
They should use the Azure Cloud Succeed
Framework.
C.
They should use Azure Policy for guidance on
moving to the cloud.
Answer
A
Your IT organization recently discovered that several user
accounts in the finance department have been compromised. The CTO has asked for
a solution to reduce the impact of compromised user accounts. The IT admin team
is looking into Azure AD features. Which one should they recommend?
A.
Conditional Access.
B. Identity Protection.
C.
Entitlement management.
Answer
B
An organization needs to continuously monitor the security
status of its network. What Security Center tool would they use?
A.
Continuous assessment.
B. Network map.
C.
Network assessment.
Answer
B
As the lead admin, it's important to convince your team to
start using Azure Sentinel. You've put together a presentation. What áre the
four security operation areas of Azure Sentinel that cover this area?
A. Collect, Detect, Investigate,
and Respond.
B.
Collect, Detect, Investigate, and Redirect.
C.
Collect, Detect, Investigate, and Repair.
Answer
A
Which of the following measures might an organization
implement as part of the defense in-depth security methodology?
A.
Ensuring there's no segmentation of your
corporate network.
B. Multi-factor authentication for
all users.
C.
Locating all its servers in a single physical
location.
D.
none of the above
Answer
B
The compliance team wants to control the use privileged
admin accounts with standing access to sensitive data, so that admins receive
only the level of access they need, when they need it. How can this requirement
be implemented?
A.
Use the Audit log.
B. Use privileged access
management.
C.
Use Communication Compliance.
Answer
B
Your organization has many departments that collaborate
through Microsoft Teams. To comply with business policies, the IT organization
needs to make sure that users from one particular department are limited in
their access and interactions with other departments. What solution can address
this need?
A. Use information barriers.
B.
Use Communication Compliance.
C.
Use Customer Lockbox.
Answer
A
A lead admin for an organization is looking to protect
against malicious threats posed by email messages, links (URLS), and
collaboration tools. Which solution from the Microsoft 365 Defender suite is
best suited for this purpose?
A. Microsoft Defender for Office
365.
B.
Microsoft Defender for Endpoint.
C.
Microsoft Defender for Identity.
Answer
A
A lead admin for an organization is looking to protect
against malicious threats posed by email messages, links(URLS), and collaboration
tools. Which solution from the Microsoft 365 Defender suite is best suited for
this purpose?
A. Microsoft Defender for Office
365.
B.
Microsoft Defender for Endpoint.
C.
Microsoft Defender for Identity.
Answer
A
As the compliance admin for your organization, you need to
ensure that Azure resources meet your organization's business rules? Which
Azure capability should you use?
A.
Use Azure resource locks.
B.
Use Azure role-based access control (RBAC).
C. Use Azure Policy.
Answer
C
A new admin has joined the team and needs to be able to access
the Microsoft 365 Compliance Center. Which of the following roles could the
admin use to access the Compliance Center?
A.
User Administrator role
B.
Helpdesk Administrator role
C. Compliance Administrator role
Answer
C
A customer has identified an issue that requires a Microsoft
engineer to access the organization's content to determine the root cause and
fix the issue. To protect the organization, the engineer shouldn't be able to
access content and perform service operations without explicit approval. What
capability can address this requirement?
A. Use Customer Lockbox
B.
Use information barriers
C.
Use privileged access management
Answer
A
A cloud access security broker (CASB) provides protection
across 4 areas/pillars: visibility to detect all cloud services, data security,
threat protection, and compliance. These pillars represent the basis of the
Cloud App Security framework upon which MCAS is built. Which pillar is
responsible for identifying and controlling sensitive information?
A. Data Security.
B.
Threat protection.
C.
Compliance.
Answer
A
The compliance admin for the organization wants to explain
the importance of insider risk management, to the business leaders? What use
case would apply?
A. To identify and protect against
risks like an employee sharing confidential information.
B.
To identify and protect against malicious
software across your network, such as ransomware.
C.
To identify and protect against devices shutting
down at critical moments.
Answer
A
To comply with corporate policies, the compliance admin
needs to be able to identify and scan for offensive language across the
organization. What solution can the admin implement to address this need?
A.
Use Policy Compliance in Microsoft 365.
B.
Use information barriers.
C.
Use Communication Compliance.
Answer
C
Which tool can enable an organization's development team to
rapidly provision and run new resources, in a repeatable way that is in line
with the organization's compliance requirements?
A.
Azure Rapid Build
B. Azure Blueprints
C.
Azure Policy
Answer
B
Your new colleagues on the admin team are unfamiliar with
the concept of shared controls in Compliance Manager. How would the concept of
shared controls be explained? Controls that both your organization and
Microsoft share responsibility for implementing.
A.
Controls that both external regulators and
Microsoft share responsibility for implementing.
B. Controls that both your
organization and Microsoft share responsibility for implementing.
C.
Controls that both your organization and
external regulators share responsibility for implementing.
D.
None
Answer
B
Which of the following describes what an admin would need to
select to view security cards grouped by risk, detection trends, configuration,
and health, among others?
A.
Group by risk.
B.
Group by category.
C. Group by topic
Answer
C
Employees are allowed to bring and use their cell phones at
work. The employees don't want their phone to be under full corporate control,
but admins want to allow users to read emails and use Teams while protecting
corporate data. Which of the following will allow admins to accomplish these
goals?
A. Mobile Application Management
(MAM).
B.
Mobile Device Management (MDM).
C.
Role-based access control (RBAC).
Answer
A
An admin wants to get a comprehensive view of an attack
including where it started, what tactics were used, and how far it has gone in
the network. What can the admin use to view this type of information?
A. Incidents
B.
Reports
C.
Alerts
Answer
A
The compliance team needs to perform more advanced, complex,
and repetitive content search tasks. What can enable the team to do more
complex search tasks?
A. Use the PowerShell scripts provided
by Microsoft.
B.
Use the Microsoft 365 autocontent search client.
C.
Use the continuous eDiscovery autosearch client.
Answer
A
Which Azure Active Directory (Azure AD) feature can you use
to evaluate group membership and automatically remove users that no longer
require membership in a group?
A.
Azure AD Identity Protection
B.
managed identities
C.
conditional access policies
D. access reviews
Answer
D
What do you use to provide real-time integration between Azure
Sentinel and another security source?
A.
Azure AD Connect
B. a connector
C.
a Log Analytics workspace
D.
Azure Information Protection
Answer
B
Which of the service is used to identify, hold and export
electronic information that might be used in an investigation?
A.
A resource lock
B.
Customer Lockbox
C. eDiscovery
D.
Data Loss Prevention (DLP)
Answer
C
I hope it's helpful for you. If you have any queries, don't hesitate to contact me.
0 comments:
Post a Comment
If you have any doubts, please let me know. I will help you.