New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Microsoft Certified: Cybersecurity Architect Expert SC-100 Microsoft Study Notes

Page: 7 / 9
Question 28

You have a Microsoft 365 subscription that is protected by using Microsoft 365 Defender

You are designing a security operations strategy that will use Microsoft Sentinel to monitor events from Microsoft 365 and Microsoft 365 Defender

You need to recommend a solution to meet the following requirements:

• Integrate Microsoft Sentinel with a third-party security vendor to access information about known malware

• Automatically generate incidents when the IP address of a command-and control server is detected in the events

What should you configure in Microsoft Sentinel to meet each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 29

Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.

Solution: You recommend creating private endpoints for the web app and the database layer.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 30

You are designing an auditing solution for Azure landing zones that will contain the following components:

• SQL audit logs for Azure SQL databases

• Windows Security logs from Azure virtual machines

• Azure App Service audit logs from App Service web apps

You need to recommend a centralized logging solution for the landing zones. The solution must meet the following requirements:

• Log all privileged access.

• Retain logs for at least 365 days.

• Minimize costs.

What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Options:

Question 31

You are designing the encryption standards for data at rest for an Azure resource

You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly.

Solution: For blob containers in Azure Storage, you recommend encryption that uses Microsoft-managed keys within an encryption scope.

Does this meet the goal?

Options:

A.

Yes

B.

No

Page: 7 / 9
Exam Code: SC-100
Exam Name: Microsoft Cybersecurity Architect
Last Update: Dec 22, 2024
Questions: 187
SC-100 pdf

SC-100 PDF

$28.5  $94.99
SC-100 Engine

SC-100 Testing Engine

$33  $109.99
SC-100 PDF + Engine

SC-100 PDF + Testing Engine

$43.5  $144.99