SC-100 · Question #323
SC-100 Question #323: Real Exam Question with Answer & Explanation
The correct answer is A: Microsoft Defender for Cloud Apps. {"question_number": 7, "correct_answer": "A", "explanation": "Microsoft Defender for Cloud Apps is Microsoft's Cloud Access Security Broker (CASB) and is explicitly designed to provide visibility into user activity across SaaS applications and detect anomalous or risky behavior i
Question
You have an Azure subscription and a Microsoft 365 subscription. Your company uses several software as a service (SaaS) applications. To align with Microsoft cloud security benchmark (MCSB) and Microsoft Cybersecurity Reference Architectures (MCRA), you plan to design a solution to provide visibility into user activity across the applications and detect potentially risky behavior in real time. Which service should you recommend?
Options
- AMicrosoft Defender for Cloud Apps
- BMicrosoft Purview Information Protection
- CMicrosoft Sentinel
- DMicrosoft Defender for Endpoint
Explanation
{"question_number": 7, "correct_answer": "A", "explanation": "Microsoft Defender for Cloud Apps is Microsoft's Cloud Access Security Broker (CASB) and is explicitly designed to provide visibility into user activity across SaaS applications and detect anomalous or risky behavior in real time. It aligns directly with both the Microsoft Cloud Security Benchmark (MCSB) and Microsoft Cybersecurity Reference Architectures (MCRA) recommendations for SaaS shadow IT discovery, session control, and behavioral analytics. Purview Information Protection (B) focuses on data classification and labeling. Microsoft Sentinel (C) is a SIEM/SOAR for log aggregation and threat detection across all sources - broader than SaaS-specific real-time monitoring. Defender for Endpoint (D) focuses on device-level endpoint protection.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.