CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-100

Free SC-100 Exam Braindumps (page: 26)

Page 26 of 47
PDF with 185 Questions

Your company has a Microsoft 365 E5 subscription.

The company plans to deploy 45 mobile self-service kiosks that will run Windows 10.

You need to provide recommendations to secure the kiosks. The solution must meet the following requirements:

-Ensure that only authorized applications can run on the kiosks.
-Regularly harden the kiosks against new threats.

Which two actions should you include in the recommendations? Each correct answer presents part of the solution.

Note: Each correct selection is worth one point.

  1. Implement Automated investigation and Remediation (AIR) in Microsoft Defender for Endpoint.
  2. Onboard the kiosks to Microsoft intune and Microsoft Defender for Endpoint.
  3. Implement threat and vulnerability management in Microsoft Defender for Endpoint.
  4. Onboard the kiosks to Azure Monitor.
  5. Implement Privileged Access Workstation (PAW) for the kiosks.

Answer(s): B,E

Explanation:

Onboard devices and configure Microsoft Defender for Endpoint capabilities.
Deploying Microsoft Defender for Endpoint is a two-step process.
* Onboard devices to the service
* Configure capabilities of the service

B: Depending on the device, follow the configuration steps provided in the onboarding section of the Defender for Endpoint portal.

E: A Privileged workstation provides a hardened workstation that has clear application control and application guard. The workstation uses credential guard, device guard, app guard, and exploit guard to protect the host from malicious behavior. All local disks are encrypted with BitLocker and web traffic is restricted to a limit set of permitted destinations (Deny all).

Note: Privileged Access Workstation (PAW) – This is the highest security configuration designed for extremely sensitive roles that would have a significant or material impact on the organization if their account was compromised. The PAW configuration includes security controls and policies that restrict local administrative access and productivity tools to minimize the attack surface to only what is absolutely required for performing sensitive job tasks. This makes the PAW device difficult for attackers to compromise because it blocks the most common vector for phishing attacks: email and web browsing. To provide productivity to these users, separate accounts and workstations must be provided for productivity applications and web browsing.
While inconvenient, this is a necessary control to protect users whose account could inflict damage to most or all resources in the organization.

Incorrect:
Not A: What is automated investigation and remediation?
Automated investigation and response capabilities help your security operations team by: Determining whether a threat requires action. Taking (or recommending) any necessary remediation actions. Determining whether and what other investigations should occur. Repeating the process as necessary for other alerts.

Not C: Threat & Vulnerability Management is a component of Microsoft Defender for Endpoint, and provides both security administrators and security operations teams with unique value, including:

- Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities.

- Invaluable device vulnerability context during incident investigations.

- Built-in remediation processes through Microsoft Intune and Microsoft System Center Configuration Manager.

Note: Microsoft's threat and vulnerability management is a built-in module in Microsoft Defender for Endpoint that can:

Discover vulnerabilities and misconfigurations in near real time.
Prioritize vulnerabilities based on the threat landscape and detections in your organization.
If you've enabled the integration with Microsoft Defender for Endpoint, you'll automatically get the threat and vulnerability management findings without the need for additional agents.

As it's a built-in module for Microsoft Defender for Endpoint, threat and vulnerability management doesn't require periodic scans.

Not D: You do not use Azure Monitor for onboarding.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboard-configure https://docs.microsoft.com/en-us/security/compass/privileged-access-devices https://docs.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-tvm



You have a Microsoft 365 E5 subscription.

You need to recommend a solution to add a watermark to email attachments that contain sensitive data.
What should you include in the recommendation?

  1. Microsoft Defender for Cloud Apps
  2. Microsoft Information Protection
  3. insider risk management
  4. Azure Purview

Answer(s): A

Explanation:

Microsoft Defender for Cloud Apps File policies.
File Policies allow you to enforce a wide range of automated processes using the cloud provider's APIs. Policies can be set to provide continuous compliance scans, legal eDiscovery tasks, DLP for sensitive content shared publicly, and many more use cases. Defender for Cloud Apps can monitor any file type based on more than 20 metadata filters (for example, access level, file type).


Reference:

https://docs.microsoft.com/en-us/defender-cloud-apps/data-protection-policies



Your company plans to deploy several Azure App Service web apps. The web apps will be deployed to the West Europe Azure region. The web apps will be accessed only by customers in Europe and the United States.

You need to recommend a solution to prevent malicious bots from scanning the web apps for vulnerabilities. The solution must minimize the attack surface.

What should you include in the recommendation?

  1. Azure Firewall Premium
  2. Azure Traffic Manager and application security groups
  3. Azure Application Gateway Web Application Firewall (WAF)
  4. network security groups (NSGs)

Answer(s): C

Explanation:

Azure Application Gateway Web Application Firewall (WAF) provides centralized protection for your web applications, helps block common attacks like SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF), and helps minimize the attack surface by blocking malicious bots from scanning your web apps for vulnerabilities. By using WAF, you can ensure that the web apps are protected against common web application attacks while minimizing the attack surface.


Reference:

https://docs.microsoft.com/en-us/learn/modules/specify-security-requirements-for-applications/5-specify-security-strategy-apis https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You are designing the encryption standards for data at rest for an Azure resource.

You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly.

Solution: For blob containers in Azure Storage, you recommend encryption that uses Microsoft-managed keys within an encryption scope.

Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Need to use customer-managed keys instead.

Note: Automated key rotation in Key Vault allows users to configure Key Vault to automatically generate a new key version at a specified frequency. You can use rotation policy to configure rotation for each individual key. Our recommendation is to rotate encryption keys at least every two years to meet cryptographic best practices.

This feature enables end-to-end zero-touch rotation for encryption at rest for Azure services with customer-managed key (CMK) stored in Azure Key Vault. Please refer to specific Azure service documentation to see if the service covers end-to-end rotation.


Reference:

https://docs.microsoft.com/en-us/azure/key-vault/keys/how-to-configure-key-rotation



Page 26 of 47



Post your Comments and Discuss Microsoft SC-100 exam with other Community members:

John Helper commented on September 16, 2024
Good collection, will definitely help
Anonymous
upvote

Thabo commented on July 26, 2024
Fantastic study package.
Anonymous
upvote

Gordon commented on March 30, 2024
Fantastic study package. Well worth the cost. I prepared me to pass my exam.
GERMANY
upvote

Ted commented on March 14, 2024
To all those folks out there... The questions in this exam dumps is valid and almost same as in the exam. However, I found about 3 to 4 questions which did not have the complete answers. But the Explanation section helped a lot to clarify them.
UNITED KINGDOM
upvote

Ashford Domah Asante commented on February 13, 2024
I appreciate the accompanying notes and references. Can always make reference on the internet to double check.
Anonymous
upvote

NA commented on October 04, 2023
Spot on, good material.
Anonymous
upvote

Darrell commented on April 23, 2023
I appreciate the quick reply in providing me the updated version.
NETHERLANDS
upvote

Carrie commented on March 18, 2023
This prep guide is like a secret cheat code - Passed my exam with flying colors.
UNITED STATES
upvote

CRAIG commented on March 17, 2023
I could not have prepared for my test without these dumps - they were spot-on with the real exam questions.
UNITED KINGDOM
upvote

Himavan commented on January 22, 2023
The questions are good and helpful but I suggest you organize them by topic.
INDIA
upvote

John commented on August 16, 2022
Passed the exam. This is valid. Cheersss!
UNITED KINGDOM
upvote

Matthew commented on July 27, 2022
This study guide package is very good if you want to pass the certification exam. For deep learning I suggest other souces as this package only contains questions which are very similar to real exam.
NETHERLANDS
upvote