CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-100

Free SC-100 Exam Braindumps (page: 13)

Page 12 of 56
PDF with 249 Questions

You have Windows 11 devices and Microsoft 365 E5 licenses.
You need to recommend a solution to prevent users from accessing websites that contain adult content such as gambling sites.
What should you include in the recommendation?

  1. Compliance Manager
  2. Microsoft Defender for Cloud Apps
  3. Microsoft Endpoint Manager
  4. Microsoft Defender for Endpoint

Answer(s): D

Explanation:

Web content filtering is part of the Web protection capabilities in Microsoft Defender for Endpoint. It enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic because of compliance regulations, bandwidth usage, or other concerns.
Note: Turn on web content filtering
From the left-hand navigation in Microsoft 365 Defender portal, select Settings > Endpoints > General > Advanced Features. Scroll down until you see the entry for Web content filtering. Switch the toggle to On and Save preferences.
Configure web content filtering policies
Web content filtering policies specify which site categories are blocked on which device groups. To manage the policies, go to Settings > Endpoints > Web content filtering (under Rules).


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-content-filtering



DRAG DROP (Drag and Drop is not supported)
Your company has Microsoft 365 E5 licenses and Azure subscriptions.
The company plans to automatically label sensitive data stored in the following locations:
-Microsoft SharePoint Online
-Microsoft Exchange Online
-Microsoft Teams
You need to recommend a strategy to identify and protect sensitive data.
Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may only be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Box 1: Groups and sites
SharePoint online handles sites.
Azure Active Directory (Azure AD) supports applying sensitivity labels published by the Microsoft Purview compliance portal to Microsoft 365 groups. Sensitivity labels apply to group across services like Outlook, Microsoft Teams, and SharePoint.
Box 2: Schematized data assets
Label travels with the data: The sensitivity labels created in Microsoft Purview Information Protection can also be extended to the Microsoft Purview Data Map,
SharePoint, Teams, Power BI, and SQL. When you apply a label on an office document and then scan it into the Microsoft Purview Data Map, the label will be applied to the data asset.
After you enable and configure sensitivity labels for containers, users can additionally see and apply sensitivity labels to Microsoft team sites, Microsoft 365 groups, and SharePoint sites.
Box 3: Files and emails
Exchange Online handles files and emails.


Reference:

https://docs.microsoft.com/en-us/azure/purview/create-sensitivity-label https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-assign-sensitivity-labels



You are designing a ransomware response plan that follows Microsoft Security Best Practices.
You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.
What should you include in the recommendation?

  1. device compliance policies
  2. Privileged Access Workstations (PAWs)
  3. Customer Lockbox for Microsoft Azure
  4. emergency access accounts

Answer(s): B



Your company has a Microsoft 365 E5 subscription.
The company plans to deploy 45 mobile self-service kiosks that will run Windows 10.
You need to provide recommendations to secure the kiosks. The solution must meet the following requirements:
-Ensure that only authorized applications can run on the kiosks.
-Regularly harden the kiosks against new threats.
Which two actions should you include in the recommendations? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. Implement Automated investigation and Remediation (AIR) in Microsoft Defender for Endpoint.
  2. Onboard the kiosks to Microsoft intune and Microsoft Defender for Endpoint.
  3. Implement threat and vulnerability management in Microsoft Defender for Endpoint.
  4. Onboard the kiosks to Azure Monitor.
  5. Implement Privileged Access Workstation (PAW) for the kiosks.

Answer(s): B,C

Explanation:

Onboard devices and configure Microsoft Defender for Endpoint capabilities.
Deploying Microsoft Defender for Endpoint is a two-step process.
* Onboard devices to the service
* Configure capabilities of the service
B: Depending on the device, follow the configuration steps provided in the onboarding section of the Defender for Endpoint portal.
E: A Privileged workstation provides a hardened workstation that has clear application control and application guard. The workstation uses credential guard, device guard, app guard, and exploit guard to protect the host from malicious behavior. All local disks are encrypted with BitLocker and web traffic is restricted to a limit set of permitted destinations (Deny all).
Note: Privileged Access Workstation (PAW) ג€" This is the highest security configuration designed for extremely sensitive roles that would have a significant or material impact on the organization if their account was compromised. The PAW configuration includes security controls and policies that restrict local administrative access and productivity tools to minimize the attack surface to only what is absolutely required for performing sensitive job tasks. This makes the
PAW device difficult for attackers to compromise because it blocks the most common vector for phishing attacks: email and web browsing. To provide productivity to these users, separate accounts and workstations must be provided for productivity applications and web browsing. While inconvenient, this is a necessary control to protect users whose account could inflict damage to most or all resources in the organization.
Incorrect:
Not A: What is automated investigation and remediation?
Automated investigation and response capabilities help your security operations team by: Determining whether a threat requires action. Taking (or recommending) any necessary remediation actions. Determining whether and what other investigations should occur. Repeating the process as necessary for other alerts.
Not C: Threat & Vulnerability Management is a component of Microsoft Defender for Endpoint, and provides both security administrators and security operations teams with unique value, including:
- Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities.
- Invaluable device vulnerability context during incident investigations.
- Built-in remediation processes through Microsoft Intune and Microsoft System Center Configuration Manager.
Note: Microsoft's threat and vulnerability management is a built-in module in Microsoft Defender for Endpoint that can:
Discover vulnerabilities and misconfigurations in near real time.
Prioritize vulnerabilities based on the threat landscape and detections in your organization.
If you've enabled the integration with Microsoft Defender for Endpoint, you'll automatically get the threat and vulnerability management findings without the need for additional agents.
As it's a built-in module for Microsoft Defender for Endpoint, threat and vulnerability management doesn't require periodic scans.
Not D: You do not use Azure Monitor for onboarding.


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboard-configure https://docs.microsoft.com/en-us/security/compass/privileged-access-devices https://docs.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-tvm






Post your Comments and Discuss Microsoft SC-100 exam with other Community members:

SC-100 Discussions & Posts