Passleader offers free demo for SC-100 exam. "Microsoft Cybersecurity Architect", also known as SC-100 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft SC-100 exam, will help you answer those questions. The SC-100 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft SC-100 exams and revised by experts!

Free demo questions for Microsoft SC-100 Exam Dumps Below:

NEW QUESTION 1

You need to recommend a SIEM and SOAR strategy that meets the hybrid requirements, the Microsoft Sentinel requirements, and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 2

Your on-premises network contains an e-commerce web app that was developed in Angular and Node.js. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.
SC-100 dumps exhibit
You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend implementing Azure Front Door with Azure Web Application Firewall (WAF). Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

NEW QUESTION 3

Your company is moving all on-premises workloads to Azure and Microsoft 365. Vou need to design a security orchestration, automation, and response (SOAR) strategy in Microsoft Sentinel that meets the following requirements:
• Minimizes manual intervention by security operation analysts
• Supports Waging alerts within Microsoft Teams channels What should you include in the strategy?

  • A. data connectors
  • B. playbooks
  • C. workbooks
  • D. KQL

Answer: C

NEW QUESTION 4

You need to recommend a solution to meet the security requirements for the virtual machines. What should you include in the recommendation?

  • A. an Azure Bastion host
  • B. a network security group (NSG)
  • C. just-in-time (JIT) VM access
  • D. Azure Virtual Desktop

Answer: A

NEW QUESTION 5

Your company plans to deploy several Azure App Service web apps. The web apps will be deployed to the West Europe Azure region. The web apps will be accessed only by customers in Europe and the United States.
You need to recommend a solution to prevent malicious bots from scanning the web apps for vulnerabilities. The solution must minimize the attach surface.
What should you include in the recommendation?

  • A. Azure Firewall Premium
  • B. Azure Application Gateway Web Application Firewall (WAF)
  • C. network security groups (NSGs)
  • D. Azure Traffic Manager and application security groups

Answer: D

NEW QUESTION 6

Your company is designing an application architecture for Azure App Service Environment (ASE) web apps as shown in the exhibit. (Click the Exhibit tab.)
SC-100 dumps exhibit
Communication between the on-premises network and Azure uses an ExpressRoute connection.
You need to recommend a solution to ensure that the web apps can communicate with the on-premises application server. The solution must minimize the number of public IP addresses that are allowed to access the on-premises network.
What should you include in the recommendation?

  • A. Azure Traffic Manager with priority traffic-routing methods
  • B. Azure Application Gateway v2 with user-defined routes (UDRs).
  • C. Azure Front Door with Azure Web Application Firewall (WAF)
  • D. Azure Firewall with policy rule sets

Answer: A

NEW QUESTION 7

What should you create in Azure AD to meet the Contoso developer requirements?
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 8

You need to recommend a solution to scan the application code. The solution must meet the application development requirements. What should you include in the recommendation?

  • A. Azure Key Vault
  • B. GitHub Advanced Security
  • C. Application Insights in Azure Monitor
  • D. Azure DevTest Labs

Answer: D

NEW QUESTION 9

A customer uses Azure to develop a mobile app that will be consumed by external users as shown in the following exhibit.
SC-100 dumps exhibit
You need to design an identity strategy for the app. The solution must meet the following requirements:
• Enable the usage of external IDs such as Google, Facebook, and Microsoft accounts.
• Be managed separately from the identity store of the customer.
• Support fully customizable branding for each app.
Which service should you recommend to complete the design?

  • A. Azure Active Directory (Azure AD) B2C
  • B. Azure Active Directory (Azure AD) B2B
  • C. Azure AD Connect
  • D. Azure Active Directory Domain Services (Azure AD DS)

Answer: C

NEW QUESTION 10

You need to recommend a solution to evaluate regulatory compliance across the entire managed environment. The solution must meet the regulatory compliance requirements and the business requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 11

You are planning the security requirements for Azure Cosmos DB Core (SQL) API accounts. You need to recommend a solution to audit all users that access the data in the Azure Cosmos DB accounts. Which two configurations should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. Enable Microsoft Defender for Cosmos DB.
  • B. Send the Azure Active Directory (Azure AD) sign-in logs to a Log Analytics workspace.
  • C. Disable local authentication for Azure Cosmos DB.
  • D. Enable Microsoft Defender for Identity.
  • E. Send the Azure Cosmos DB logs to a Log Analytics workspace.

Answer: AD

NEW QUESTION 12

You have an Azure subscription that has Microsoft Defender for Cloud enabled. Suspicious authentication activity alerts have been appearing in the Workload protections dashboard.
You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort. What should you include in the recommendation?

  • A. Azure Monitor webhooks
  • B. Azure Logics Apps
  • C. Azure Event Hubs
  • D. Azure Functions apps

Answer: D

NEW QUESTION 13

You have an on-premises network that has several legacy applications. The applications perform LDAP queries against an existing directory service. You are migrating the on-premises infrastructure to a cloud-only infrastructure.
You need to recommend an identity solution for the infrastructure that supports the legacy applications. The solution must minimize the administrative effort to maintain the infrastructure.
Which identity service should you include in the recommendation?

  • A. Azure Active Directory Domain Services (Azure AD DS)
  • B. Azure Active Directory (Azure AD) B2C
  • C. Azure Active Directory (Azure AD)
  • D. Active Directory Domain Services (AD DS)

Answer: A

NEW QUESTION 14

Your company has a hybrid cloud infrastructure that contains an on-premises Active Directory Domain Services (AD DS) forest, a Microsoft B65 subscription, and an Azure subscription.
The company's on-premises network contains internal web apps that use Kerberos authentication. Currently, the web apps are accessible only from the network.
You have remote users who have personal devices that run Windows 11.
You need to recommend a solution to provide the remote users with the ability to access the web apps. The solution must meet the following requirements:
• Prevent the remote users from accessing any other resources on the network.
• Support Azure Active Directory (Azure AD) Conditional Access.
• Simplify the end-user experience.
What should you include in the recommendation?

  • A. Azure AD Application Proxy
  • B. Azure Virtual WAN
  • C. Microsoft Tunnel
  • D. web content filtering in Microsoft Defender for Endpoint

Answer: B

NEW QUESTION 15

You are evaluating an Azure environment for compliance.
You need to design an Azure Policy implementation that can be used to evaluate compliance without changing any resources.
Which effect should you use in Azure Policy?

  • A. Deny
  • B. Disabled
  • C. Modify
  • D. Append

Answer: A

NEW QUESTION 16

Your on-premises network contains an e-commerce web app that was developed in Angular and Node.js. The web app uses a MongoDB database You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.
SC-100 dumps exhibit
You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.
Solution: You recommend implementing Azure Application Gateway with Azure Web Application Firewall (WAF). Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 17

You are evaluating the security of ClaimsApp.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE; Each correct selection is worth one point.
SC-100 dumps exhibit


Solution:
SC-100 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 18

Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.
SC-100 dumps exhibit
You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model. Solution: You recommend creating private endpoints for the web app and the database layer. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 19
......

Thanks for reading the newest SC-100 exam dumps! We recommend you to try the PREMIUM Certshared SC-100 dumps in VCE and PDF here: https://www.certshared.com/exam/SC-100/ (105 Q&As Dumps)