Microsoft SC-900 Free Certification Exam Material Part-2

 

Azure Active Directory is used for authentication and authorization.

A.      a management group

B.      an extended detection and response (XDR) system.

C.      an identity provider

D.      security information and event management (SIEM) system.

Answer

C

Which service provides benchmark recommendations and guidance for protecting Azure Services.

A.      Azure Application Insights

B.      Security baselines for Azure

C.      Azure Network Watcher

D.      Log Analytics workspaces

Answer

B

What can you use to provide a user with a two-hour window to complete an administrative task in Azure?

A.      Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

B.      Azure Multi-Factor Authentication (MFA)

C.      conditional access policies

D.      Azure Active Directory (Azure AD) Identity Protection

Answer

C

With windows Hello for a Business , a user's biometric data used for authentication, stored?

A.      is stored on a local device only.

B.      is replicated to all the devices designated by the user.

C.      is stored in Azure Active Directory (Azure AD)

D.      is stored on an external device.

Answer

A

Validate the statements, if they are correct or not

A.      Verify explicitly is one of the guiding principles of Zero Trust.

B.      Assume breach is one of the guiding principles of Zero Trust.

C.      The Zero Trust security model assumes that a firewall secures the internal network from external threats.

Answer

C,B

Federation is used to establish between two organizations.

A.      a trust relationship

B.      multi -factor authentication (MFA)

C.      user account synchronization

D.      a VPN comection

Answer

A

Which score measures an organization's progress in completing actions that help reduce risks associated to data protection and regulatory standards?

A.      Productivity Score

B.      Compliance score

C.      Secure score in Azure Security Center

D.      Microsoft Secure Score.

Answer

B

Validate the statements, if they are correct or not

 * Azure Defender cạn detect vulnerabilities and threats for Azure  Storage.  (True)

* Cloud Security Posture Management (CSPM) is available for all Azure  subscriptions. (True)

 * Azure Security Center can evaluate the şecurity of workloads deployed to Azure or on-premises. (True)

Validate the statements, if they are correct or not

 * Network security groups (NSGS) can deny inbound traffic from the internet (True)

 * Network security groups (NSGS) can deny outbound traffic to the internet. (True)

 * Network security groups (NSGS) can firer traffic based on P address, protocol, and port. (True)

Which authentication requires additional verification, such as a verification code sent to a mobile phone.

A.      Multi-factor authentication (MFA)

B.      Pass-through authentication

C.      Password writeback

D.      Single sign-on (SSO)

Answer

A

_________ is the process of identifying whether a sign user can access a specific resource?

A.      Authorization

B.      Federation

C.      Authentication

D.      Single Sign-On(SSO)

Answer

A

Validate the statements, if they are correct or not

 * All Azure Active Directory (Azure AD) license editions include the same features. (False)

 * You can manage an Azure Active Directory (Azure AD) tenant by using the Azure portal. (True)

 * You must deploy Azure virtual machines to host an Azure Active Directory (Azure AD) tenant. (False)