New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Vce SC-100 Questions Latest

Page: 9 / 9
Question 36

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription.

All the on-premises servers in the perimeter network are prevented from connecting directly to the internet.

The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

• Ensure that the security operations team can access the security logs and the operation logs.

• Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network.

Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Options:

A.

Configure Azure Active Directory (Azure AD) Conditional Access policies.

B.

Use the Azure Monitor agent with the multi-homing configuration.

C.

Implement resource-based role-based access control (RBAC) in Microsoft Sentinel.

D.

Create a custom collector that uses the Log Analytics agent.

Question 37

You have an Azure subscription that contains several storage accounts. The storage accounts are accessed by legacy applications that are authenticated by using access keys.

You need to recommend a solution to prevent new applications from obtaining the access keys of the storage accounts. The solution must minimize the impact on the legacy applications.

What should you include in the recommendation?

Options:

A.

Apply read-only locks on the storage accounts.

B.

Set the AllowSharcdKeyAccess property to false.

C.

Set the AllowBlobPublicAcccss property to false.

D.

Configure automated key rotation.

Question 38

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report.

In the Secure management ports controls, you discover that you have 0 out of a potential 8 points. You need to recommend configurations to increase the score of the Secure management ports controls.

Solution: You recommend onboarding all virtual machines to Microsoft Defender for Endpoint.

Does this meet the goal?

Options:

A.

Yes

B.

No

Page: 9 / 9
Exam Code: SC-100
Exam Name: Microsoft Cybersecurity Architect
Last Update: Dec 22, 2024
Questions: 187
SC-100 pdf

SC-100 PDF

$28.5  $94.99
SC-100 Engine

SC-100 Testing Engine

$33  $109.99
SC-100 PDF + Engine

SC-100 PDF + Testing Engine

$43.5  $144.99