Free SC-100 Exam Braindumps (page: 11)

Page 10 of 66

HOTSPOT (Drag and Drop is not supported)
You have 1,000 on-premises servers that run Windows Server 2022 and 500 on-premises servers that run Linux.
You have an Azure subscription that contains the following resources:
• A Log Analytics workspace
• A Microsoft Defender Cloud Security Posture Management (CSPM) plan
You need to deploy Update Management for the servers.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



HOTSPOT (Drag and Drop is not supported)
You have an Active Directory Domain Services (AD DS) domain that contains a virtual desktop infrastructure (VDI). The VDI uses non-persistent images and cloned virtual machine templates. VDI devices are members of the domain.
You have an Azure subscription that contains an Azure Virtual Desktop environment. The environment contains host pools that use a custom golden image. All the Azure Virtual Desktop deployments are members of a single Microsoft Entra Domain Services domain.
You need to recommend a solution to deploy Microsoft Defender for Endpoint to the hosts. The solution must meet the following requirements:
• Ensure that the hosts are onboarded to Defender for Endpoint during the first startup sequence.
• Ensure that the Microsoft Defender portal contains a single entry for each deployed VDI host.
• Minimize administrative effort.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



You have 10 Azure subscriptions that contain 100 role-based access control (RBAC) role assignments.
You plan to consolidate the role assignments.
You need to recommend a solution to identify which role assignments were NOT used during the last 90 days. The solution must minimize administrative effort.
What should you include in the recommendation?

  1. Microsoft Defender for Cloud
  2. Microsoft Entra access reviews
  3. Microsoft Entra Privileged Identity Management (PIM)
  4. Microsoft Entra Permissions Management

Answer(s): B



You have a Microsoft Entra tenant that syncs with an Active Directory Domain Services (AD DS) domain.
You have an on-premises datacenter that contains 100 servers. The servers run Windows Server and are backed up by using Microsoft Azure Backup Server (MABS).
You are designing a recovery solution for ransomware attacks. The solution follows Microsoft Security Best Practices.
You need to ensure that a compromised local administrator account cannot be used to stop scheduled backups.
What should you do?

  1. From Azure Backup, configure multi-user authorization by using Resource Guard.
  2. From Microsoft Entra Privileged Identity Management (PIM), create a role assignment for the Backup Contributor role.
  3. From Microsoft Azure Backup Setup, register MABS with a Recovery Services vault.
  4. From a Recovery Services vault, generate a security PIN for critical operations.

Answer(s): A






Post your Comments and Discuss Microsoft SC-100 exam with other Community members:

Exam Discussions & Posts