Easily To Pass New Microsoft SC-900 Dumps with 87 Questions [Q45-Q68]

Easily To Pass New Microsoft SC-900 Dumps with 87 Questions

Latest SC-900 Study Guides 2021 - With Test Engine PDF

Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals

The content of this exam was updated on July 26, 2021.

This certification is targeted to those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.

This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.

Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

Part of the requirements for: Microsoft Certified: Security, Compliance, and Identity Fundamentals

Download exam skills outline

Skills measured

Describe the capabilities of Microsoft security solutions (35-40%)
The content of this exam was updated on July 26, 2021. Please download the exam skills outline below to see what changed.
Describe the capabilities of Microsoft identity and access management solutions (30-35%)
Describe the concepts of security, compliance, and identity (10-15%)
Describe the capabilities of Microsoft compliance solutions (25-30%)

NEW QUESTION 45
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:

Section: Describe the Concepts of Security, Compliance, and Identity
Explanation:
Box 1: Yes
System updates reduces security vulnerabilities, and provide a more stable environment for end users. Not applying updates leaves unpatched vulnerabilities and results in environments that are susceptible to attacks.
Box 2: Yes
Box 3: Yes
If you only use a password to authenticate a user, it leaves an attack vector open. With MFA enabled, your accounts are more secure.
Reference:
https://docs.microsoft.com/en-us/azure/security-center/secure-score-security-controls

NEW QUESTION 46
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:

Section: Describe the Capabilities of Microsoft Compliance Solutions
Explanation:
Box 1: Yes
You can use sensitivity labels to provide protection settings that include encryption of emails and documents to prevent unauthorized people from accessing this data.
Box 2: Yes
You can use sensitivity labels to mark the content when you use Office apps, by adding watermarks, headers, or footers to documents that have the label applied.
Box 3: Yes
You can use sensitivity labels to mark the content when you use Office apps, by adding headers, or footers to email that have the label applied.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide

NEW QUESTION 47
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
A screenshot of a computer Description automatically generated with low confidence

You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.

NEW QUESTION 48
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

NEW QUESTION 49
HOTSPOT
Select the answer that correctly completes the sentence.
Hot Area:

Answer:

Explanation:

Section: Describe the Capabilities of Microsoft Identity and Access Man-agement Solutions Explanation:
Biometrics templates are stored locally on a device.
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview

NEW QUESTION 50
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application, email Description automatically generated

Box 1: Yes
Azure Defender provides security alerts and advanced threat protection for virtual machines, SQL databases, containers, web applications, your network, your storage, and more Box 2: Yes Cloud security posture management (CSPM) is available for free to all Azure users.
Box 3: Yes
Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not - as well as on premises.

NEW QUESTION 51
What is the purpose of Azure Active Directory (Azure AD) Password Protection?

A. to prevent users from using specific words in their passwords
B. to identify devices to which users can sign in without using multi-factor authentication (MFA)
C. to control how often users must change their passwords
D. to encrypt a password by using globally recognized encryption standards

Answer: A

Explanation:
Explanation
Azure AD Password Protection detects and blocks known weak passwords and their variants, and can also block additional weak terms that are specific to your organization.
With Azure AD Password Protection, default global banned password lists are automatically applied to all users in an Azure AD tenant. To support your own business and security needs, you can define entries in a custom banned password list.

NEW QUESTION 52
Which Microsoft 365 compliance center feature can you use to identify all the documents on a Microsoft SharePoint Online site that contain a specific key word?

A. Content Search
B. Compliance Manager
C. Audit
D. Alerts

Answer: A

Explanation:
The Content Search tool in the Security & Compliance Center can be used to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business.
The first step is to starting using the Content Search tool to choose content locations to search and configure a keyword query to search for specific items.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-for-content?view=o365-worldwide

NEW QUESTION 53
Select the answer that correctly completes the sentence.

Answer:

Explanation:
Explanation
Graphical user interface, text, application Description automatically generated

NEW QUESTION 54
What should you use in the Microsoft 365 security center to view security trends and track the protection status of identities?

A. Incidents
B. Reports
C. Hunting
D. Attack simulator

Answer: B

Explanation:
Section: Describe the Capabilities of Microsoft Security Solutions
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/reports-and-insights-in-security-and- compliance?view=o365-worldwide

NEW QUESTION 55
HOTSPOT
Select the answer that correctly completes the sentence.
Hot Area:

Answer:

Explanation:

Section: Describe the Capabilities of Microsoft Identity and Access Man-agement Solutions Explanation:
Multi-factor authentication is a process where a user is prompted during the sign-in process for an additional form of identification, such as to enter a code on their cellphone or to provide a fingerprint scan.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks

NEW QUESTION 56
Select the answer that correctly completes the sentence.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

Federation is a collection of domains that have established trust. Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-fed

NEW QUESTION 57
Which Azure Active Directory (Azure AD) feature can you use to provide just-in-time (JIT) access to manage Azure resources?

A. Azure AD Privileged Identity Management (PIM)
B. conditional access policies
C. authentication method policies
D. Azure AD Identity Protection

Answer: A

Explanation:
Azure AD Privileged Identity Management (PIM) provides just-in-time privileged access to Azure AD and Azure resources Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

NEW QUESTION 58
What can you use to provision Azure resources across multiple subscriptions in a consistent manner?

A. Azure Sentinel
B. Azure Policy
C. Azure Blueprints
D. Azure Defender

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/governance/blueprints/overview

NEW QUESTION 59
Match the Azure networking service to the appropriate description.
To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all.
NOTE: Each correct match is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/networking/fundamentals/networking-overview https://docs.microsoft.com/en-us/azure/bastion/bastion-overview https://docs.microsoft.com/en-us/azure/firewall/features
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview

NEW QUESTION 60
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application, email Description automatically generated

Box 1: No
Box 2: Yes
Leaked Credentials indicates that the user's valid credentials have been leaked.
Box 3: Yes
Multi-Factor Authentication can be required based on conditions, one of which is user risk.

NEW QUESTION 61
What can you use to provide a user with a two-hour window to complete an administrative task in Azure?

A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
B. Azure Multi-Factor Authentication (MFA)
C. Azure Active Directory (Azure AD) Identity Protection
D. conditional access policies

Answer: A

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management: Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles Enforce multi-factor authentication to activate any role Use justification to understand why users activate Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit Prevents removal of the last active Global Administrator role assignment

NEW QUESTION 62
Select the answer that correctly completes the sentence.

Answer:

Explanation:

Explanation
Text, letter Description automatically generated

NEW QUESTION 63
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Text, letter Description automatically generated

NEW QUESTION 64
Which score measures an organization's progress in completing actions that help reduce risks associated to data protection and regulatory standards?

A. Secure score in Azure Security Center
B. Microsoft Secure Score
C. Compliance score
D. Productivity Score

Answer: C

Explanation:
Section: Describe the Concepts of Security, Compliance, and Identity
Explanation/Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-score-calculation?view=o365- worldwide

NEW QUESTION 65
Select the answer that correctly completes the sentence.

Answer:

Explanation:

Explanation
Text Description automatically generated with medium confidence

NEW QUESTION 66
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:

Section: Describe the Capabilities of Microsoft Identity and Access Man-agement Solutions Explanation:
Box 1: No
Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Box 2: Yes
Microsoft 365 uses Azure Active Directory (Azure AD). Azure Active Directory (Azure AD) is included with your Microsoft 365 subscription.
Box 3: Yes
Azure Active Directory (Azure AD) is a cloud-based user identity and authentication service.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/about-microsoft-365-identity?view=o365-worldwide