Browse Exams Pricing

ExamsSC-100Questions

SC-100 Exam Questions

236 real SC-100 exam questions with expert-verified answers and explanations. Page 4 of 5.

Question #183Design security operations, identity, and compliance capabilities
You have a Microsoft 365 tenant. Your company uses a third-party software as a service (SaaS) app named App1 that is integrated with an Azure AD tenant. You need to design a securi...
Identity GovernanceAccess ReviewsSelf-service AccessEntitlement Management
Question #184Design security solutions for applications and data
You have an Azure subscription. You have a DNS domain named contoso.com that is hosted by a third-party DNS registrar. Developers use Azure DevOps to deploy web apps to App Service...
Azure App Service SecurityDNS SecurityMicrosoft Defender for CloudApplication Security
Question #186Design security operations, identity, and compliance capabilities
Drag and Drop Question You are designing a security operations strategy based on the Zero Trust framework. You need to increase the operational efficiency of the Microsoft Security...
Zero TrustSecurity OperationsSOC EfficiencySecurity Strategy
Question #188Design security operations, identity, and compliance capabilities
Drag and Drop Question You have a hybrid Azure AD tenant that has pass-through authentication enabled. You are designing an identity security strategy. You need to minimize the imp...
Hybrid IdentityIdentity ProtectionBrute Force MitigationCredential Leak Mitigation
Question #196Design security operations, identity, and compliance capabilities
Drag and Drop Question You have a Microsoft 365 subscription. You need to recommend a security solution to monitor the following activities: - User accounts that were potentially c...
Identity ProtectionCloud Access Security Broker (CASB)Data Loss Prevention (DLP)Insider Risk Management
Question #198Design security operations, identity, and compliance capabilities
You have a Microsoft Entra tenant that contains 10 Windows 11 devices and two groups named Group1 and Group2. The Windows 11 devices are joined to the Microsoft Entra tenant and ar...
Privileged Access StrategyLeast PrivilegeLocal Administrator ManagementMicrosoft Intune
Question #199Design security solutions for infrastructure
You have an Azure subscription. You plan to deploy enterprise-scale landing zones based on the Microsoft Cloud Adoption Framework for Azure. The deployment will include a single- p...
Cloud Adoption FrameworkEnterprise-scale landing zonesAzure Private DNSNetwork security
Question #200Design security operations, identity, and compliance capabilities
You have 10 Azure subscriptions that contain 100 role-based access control (RBAC) role assignments. You plan to consolidate the role assignments. You need to recommend a solution t...
Azure RBACPermissions ManagementCloud Infrastructure Entitlement Management (CIEM)Least Privilege
Question #201Design solutions that align with security best practices and priorities
You have a Microsoft Entra tenant that syncs with an Active Directory Domain Services (AD DS) domain. You have an on-premises datacenter that contains 100 servers. The servers run...
Azure Backup SecurityRansomware RecoveryData ProtectionSecurity Best Practices
Question #206Design solutions that align with security best practices and priorities
Drag and Drop Question You need to design a solution to accelerate a Zero Trust security implementation. The solution must be based on the Zero Trust Rapid Modernization Plan (RaMP...
Zero TrustRapid Modernization Plan (RaMP)Security architectureImplementation strategy
Question #207Design security operations, identity, and compliance capabilities
You have a Microsoft 365 subscription. You have an Azure subscription. You need to implement a Microsoft Purview communication compliance solution for Microsoft Teams and Yammer. T...
Microsoft PurviewCommunication ComplianceAdaptive ScopesDynamic Policy Assignment
Question #208Design security operations, identity, and compliance capabilities
You have a Microsoft Entra tenant named contoso.com. You have an external partner that has a Microsoft Entra tenant named fabnkam.com. You need to recommend an identity governance...
B2B direct connectMicrosoft Teams shared channelsExternal collaborationIdentity governance
Question #209Design security operations, identity, and compliance capabilities
You have a multicloud environment that contains Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) subscriptions. You need to discover and review role assignments ac...
Multicloud IAMPermissions ManagementMicrosoft EntraCIEM
Question #210Design security operations, identity, and compliance capabilities
You have multiple Azure subscriptions that each contains multiple resource groups. You need to identify the privileged role assignments in each subscription and any associated secu...
Privileged Identity Management (PIM)Access ReviewsAzure RBACIdentity Governance
Question #211Design security operations, identity, and compliance capabilities
Your on-premises network contains an Active Directory Domain Services (AD DS) domain and a hybrid deployment between a Microsoft Exchange Server 2019 organization and an Exchange O...
Microsoft Defender for IdentityActive Directory securitySentinel integrationSensitive group monitoring
Question #212Design security operations, identity, and compliance capabilities
You have a Microsoft 365 subscription that contains 1,000 users and a group named Group1. All the users have Windows 11 devices. The users sign in to their devices by using their M...
Endpoint Privilege ManagementMicrosoft IntunePrivilege ElevationRemote Assistance
Question #213Design security solutions for infrastructure
You have a Microsoft 365 subscription and an Azure subscription. Microsoft Defender XDR and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual mac...
Application ControlMicrosoft Defender for EndpointEndpoint SecurityWindows Server Security
Question #214Design security solutions for applications and data
You have a Microsoft 365 subscription that contains 1,000 users. Each user is assigned a Microsoft 365 E5 license. The subscription uses sensitivity labels to classify corporate do...
Data Loss PreventionMicrosoft PurviewEndpoint DLPOneDrive Security
Question #215Design security solutions for applications and data
You have a Microsoft Entra tenant. The tenant contains 500 Windows devices that have the Global Secure Access client deployed. You have a third-party software as a service (SaaS) a...
Global Secure AccessSaaS Application ManagementMicrosoft Entra IDApplication Access Control
Question #216Design security operations, identity, and compliance capabilities
You have a Microsoft 365 tenant that contains two groups named Group1 and Group2. You use Microsoft Defender XDR to manage the tenants of your company's customers. You need to ensu...
Azure LighthouseMulti-tenant managementDelegated administrationRBAC
Question #217Design security solutions for applications and data
You have a Microsoft 365 subscription that contains 1,000 Microsoft Exchange Online mailboxes. Incoming email from the internet is scanned for security threats by using a third-par...
Microsoft Defender for Office 365Email SecurityMail FlowExchange Online Connectors
Question #230Design security operations, identity, and compliance capabilities
You have an Azure subscription that contains a Microsoft Sentinel workspace. Your on-premises network contains firewalls that support forwarding event logs in the Common Event Form...
Microsoft SentinelLog IngestionCEFSecurity Operations
Question #231Design security solutions for infrastructure
You have an Azure subscription that contains 100 virtual machines, a virtual network named VNet1, and 20 users. The virtual machines run Windows Server and are connected to VNet1....
Azure BastionSecure Remote AccessMicrosoft Entra IDVirtual Machine Security
Question #232Design security operations, identity, and compliance capabilities
You have a Microsoft 365 tenant that contains 5,000 users and 5,000 Windows 11 devices. All users are assigned Microsoft 365 E5 licenses and the Microsoft Defender Vulnerability Ma...
Microsoft Defender Vulnerability ManagementSecurity BaselinesCompliance AssessmentCIS Benchmarks
Question #233Design security solutions for infrastructure
You plan to deploy 20 Azure Kubernetes Service (AKS) clusters. The cluster configuration will be managed declaratively by using Kubernetes manifest files stored in Azure Repos. You...
KubernetesAKSGitOpsConfiguration Management
Question #234Design security operations, identity, and compliance capabilities
You have a Microsoft 365 tenant named contoso.com. You need to ensure that users can authenticate only to contoso.com. The solution must meet the following requirements: - Prevent...
Tenant RestrictionsMicrosoft Entra Global Secure AccessAuthentication ControlIdentity and Access Management
Question #235Design security operations, identity, and compliance capabilities
You have on-premises Windows 11 devices that have the Global Secure Access client deployed. You have a Microsoft 365 subscription that uses Microsoft SharePoint Online and Exchange...
Continuous Access EvaluationMicrosoft Entra Internet AccessConditional AccessMicrosoft 365 Security
Question #236Design security solutions for infrastructure
You have an Azure subscription that contains multiple network security groups (NSGs), multiple virtual machines, and an Azure Bastion host named bastion1. Several NSGs contain rule...
Azure Virtual Network ManagerNetwork Security GroupsAzure BastionNetwork Policy Enforcement
Question #237Design security solutions for applications and data
Your company has 10 branch offices. Each office has a local internet connection that uses a static IP address. You have an Azure subscription. The subscription contains a storage a...
Azure Private LinkStorage SecurityPaaS SecurityNetwork Access Control
Question #238Design security solutions for infrastructure
Your company has a main office and 10 branch offices. Each branch office contains an on- premises file server that runs Windows Server and multiple devices that run either Windows...
Global Secure AccessEntra Private Network ConnectorBranch Office IntegrationInternet Access
Question #239Design security solutions for applications and data
You have an Azure subscription that contains SQL Server on Azure virtual machines located in the West US Azure region. The virtual machines are only accessible by using private IP...
Azure App Service NetworkingPrivate ConnectivityService EndpointsCross-region Networking
Question #240Design solutions that align with security best practices and priorities
Your on-premises network contains an Active Directory Domain Services (AD DS) domain named corp.contoso.com and an AD DS-integrated application named App1. Your perimeter network c...
Microsoft Entra Application ProxyFirewall RulesKerberos Constrained DelegationSecurity Best Practices
Question #241Design security operations, identity, and compliance capabilities
You have a Microsoft Entra tenant named contoso.com and use Microsoft Intune. Each user in contoso.com has a Microsoft Entra ID P1 license and a Windows 11 device that has the Glob...
Microsoft Entra Internet AccessWeb Content FilteringConditional AccessGlobal Secure Access
Question #242Design security operations, identity, and compliance capabilities
Your company has a main office and a branch office. The main office contains 20 on-premises servers that run Windows Server and host apps that are published by using Microsoft Entr...
Global Secure AccessConditional AccessCompliant NetworkMicrosoft Entra
Question #249Design security solutions for infrastructure
You have an Azure subscription. The subscription contains 100 virtual machines that run Windows Server. The virtual machines are managed by using Azure Policy and Microsoft Defende...
Adaptive Application ControlsDefender for ServersApplication ControlVirtual Machine Security
Question #250Design security solutions for applications and data
You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1. You plan to migrate DB1 to Azure. You need to recommend an encrypted...
Azure SQL Database SecurityConfidential ComputingAlways Encrypted with Secure EnclavesData Encryption
Question #251Design security operations, identity, and compliance capabilities
Your company has a Microsoft 365 E5 subscription. The company wants to identify and classify data in Microsoft Teams, SharePoint Online, and Exchange Online. You need to recommend...
Data Loss Prevention (DLP)Sensitive Information TypesMicrosoft PurviewData Classification
Question #252Design security solutions for applications and data
You have an Azure subscription that contains multiple Azure Data Lake Storage accounts. You need to recommend a solution to encrypt the content of the accounts by using service-sid...
Azure Data Lake StorageCustomer-Managed Keys (CMK)Data EncryptionEncryption Granularity
Question #253Design security solutions for applications and data
You have an Azure subscription. You plan to deploy multiple containerized microservice-based apps to Azure Kubernetes Service (AKS). You need to recommend a solution that meets the...
Service MeshmTLSMicroservices SecurityAKS Security
Question #254Design security solutions for applications and data
You have an Azure subscription that contains multiple Azure Blob Storage accounts. You need to recommend a solution to detect threats in files after the files are uploaded to a blo...
Microsoft Defender for StorageMalware scanningAzure Blob StorageData security
Question #255Design security solutions for applications and data
You have an Azure subscription. You plan to deploy Azure Kubernetes Service (AKS) clusters that will be used to host web services. You need to recommend an ingress controller solut...
AKS IngressWeb Application FirewallAzure Application GatewayApplication Security
Question #256Design security operations, identity, and compliance capabilities
You have an Azure subscription. You plan to deploy Azure App Services apps by using Azure DevOps. You need to recommend a solution to ensure that deployed apps maintain compliance...
Azure PolicyComplianceMicrosoft Cloud Security BenchmarkApp Services
Question #257Design security solutions for applications and data
You have an on-premises app named App1. Remote users access App1 by using VPN connections. You have a third-party software as a service (SaaS) app named App2. You need to deploy Gl...
Global Secure AccessMicrosoft Entra Private AccessMicrosoft Entra Internet AccessSecure Application Access
Question #261Design security operations, identity, and compliance capabilities
You have a Microsoft 365 tenant that uses Microsoft SharePoint Online and Microsoft Purview. Microsoft Purview has a sensitivity label named Label1 that is applied to the files sto...
Microsoft PurviewData Loss Prevention (DLP)Endpoint DLPSensitivity Labels
Question #266Design security solutions for applications and data
Hotspot Question You have an Azure subscription. You plan to implement Azure Synapse Analytics SQL dedicated pools and SQL serverless pools. You need to recommend a solution to pro...
Azure Synapse AnalyticsEncryption at RestCustomer-Managed Keys (CMK)Data Security
Question #267Design security solutions for applications and data
Drag and Drop Question You have an Azure subscription that contains a resources group named RG1. RG1 contains multiple Azure Files shares. You need to recommend a solution to deplo...
Azure BackupData ProtectionAccess ControlImmutability
Question #269Design security operations, identity, and compliance capabilities
Your network contains an Active Directory Domain Services (AD DS) domain named Domain1. You have a Microsoft Entra tenant. Domain1 syncs with the tenant by using Microsoft Entra Co...
Identity Threat DetectionHybrid Identity SecurityActive Directory MonitoringMicrosoft Defender for Identity
Question #270Design security operations, identity, and compliance capabilities
You have an Azure subscription and an Azure DevOps organization. You need to recommend a solution for connecting Azure DevOps pipelines to the resources in the subscription by usin...
Workload Identity FederationManaged IdentitiesAzure DevOps PipelinesPrinciple of Least Privilege
Question #271Design security operations, identity, and compliance capabilities
You have a Microsoft 365 subscription. You have an Azure subscription. You need to implement a Microsoft Purview communication compliance solution for Microsoft Teams and Yammer. T...
Microsoft PurviewCommunication ComplianceAdaptive ScopesPolicy Management
Question #272Design security solutions for applications and data
You have a Microsoft 365 subscription that uses Microsoft Defender XDR and Microsoft Purview. On a Microsoft SharePoint Online site, you have a file named File1 that has a sensitiv...
Conditional AccessMicrosoft Defender for Cloud AppsInformation ProtectionSession Control

PreviousPage 4 of 5Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.