CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-100

Free SC-100 Exam Braindumps (page: 7)

Page 6 of 56
PDF with 249 Questions

You have an operational model based on the Microsoft Cloud Adoption Framework for Azure.
You need to recommend a solution that focuses on cloud-centric control areas to protect resources such as endpoints, databases, files, and storage accounts.
What should you include in the recommendation?

  1. business resilience
  2. modem access control
  3. network isolation
  4. security baselines in the Microsoft Cloud Security Benchmark

Answer(s): D



You have an Azure subscription that has Microsoft Defender for Cloud enabled.
You are evaluating the Azure Security Benchmark V3 report as shown in the following exhibit.
You need to verify whether Microsoft Defender for servers is installed on all the virtual machines that run Windows.
Which compliance control should you evaluate?

  1. Asset Management
  2. Posture and Vulnerability Management
  3. Data Protection
  4. Endpoint Security
  5. Incident Response

Answer(s): D

Explanation:

Microsoft Defender for servers compliance control installed on Windows
Defender for clout "Endpoint Security" azure security benchmark v3
Endpoint Security covers controls in endpoint detection and response, including use of endpoint detection and response (EDR) and anti-malware service for endpoints in Azure environments.
Security Principle: Enable Endpoint Detection and Response (EDR) capabilities for VMs and integrate with SIEM and security operations processes.
Azure Guidance: Azure Defender for servers (with Microsoft Defender for Endpoint integrated) provides EDR capability to prevent, detect, investigate, and respond to advanced threats.
Use Microsoft Defender for Cloud to deploy Azure Defender for servers for your endpoint and integrate the alerts to your SIEM solution such as Azure Sentinel.
Incorrect:
Not A: Asset Management covers controls to ensure security visibility and governance over Azure resources, including recommendations on permissions for security personnel, security access to asset inventory, and managing approvals for services and resources (inventory, track, and correct).
Not B: Posture and Vulnerability Management focuses on controls for assessing and improving Azure security posture, including vulnerability scanning, penetration testing and remediation, as well as security configuration tracking, reporting, and correction in Azure resources.
Not C: Data Protection covers control of data protection at rest, in transit, and via authorized access mechanisms, including discover, classify, protect, and monitor sensitive data assets using access control, encryption, key and certificate management in Azure.
Not E: Incident Response covers controls in incident response life cycle - preparation, detection and analysis, containment, and post-incident activities, including using Azure services such as Microsoft Defender for Cloud and Sentinel to automate the incident response process.


Reference:

https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-endpoint-security



You have an Azure subscription that has Microsoft Defender for Cloud enabled.
Suspicious authentication activity alerts have been appearing in the Workload protections dashboard.
You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort.
What should you include in the recommendation?

  1. Azure Monitor webhooks
  2. Azure Event Hubs
  3. Azure Functions apps
  4. Azure Logics Apps

Answer(s): D

Explanation:

The workflow automation feature of Microsoft Defender for Cloud feature can trigger Logic Apps on security alerts, recommendations, and changes to regulatory compliance.
Note: Azure Logic Apps is a cloud-based platform for creating and running automated workflows that integrate your apps, data, services, and systems. With this platform, you can quickly develop highly scalable integration solutions for your enterprise and business-to-business (B2B) scenarios.
Incorrect:
Not C: Using Azure Functions apps would require more effort.


Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation



A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure subscriptions.
You are evaluating the security posture of the customer.
You discover that the AKS resources are excluded from the secure score recommendations.
You need to produce accurate recommendations and update the secure score.
Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. Enable Defender plans.
  2. Configure auto provisioning.
  3. Add a workflow automation.
  4. Assign regulatory compliance policies.
  5. Review the inventory.

Answer(s): A,B

Explanation:

D: How are regulatory compliance standards represented in Defender for Cloud?
Industry standards, regulatory standards, and benchmarks are represented in Defender for Cloud's regulatory compliance dashboard. Each standard is an initiative defined in Azure Policy.
To see compliance data mapped as assessments in your dashboard, add a compliance standard to your management group or subscription from within the
Security policy page.
When you've assigned a standard or benchmark to your selected scope, the standard appears in your regulatory compliance dashboard with all associated compliance data mapped as assessments.
B: Configure Defender for Containers components
If you disabled any of the default protections when you enabled Microsoft Defender for Containers, you can change the configurations and reenable them via auto provisioning.
1. To configure the Defender for Containers components:
2. Sign in to the Azure portal.
3. Navigate to Microsoft Defender for Cloud > Environment settings.
4. Select the relevant subscription.
5. From the left side tool bar, select Auto provisioning.
6. Ensure that Microsoft Defenders for Containers components (preview) is toggled to On.

Incorrect:
Not A: When you enable Microsoft Defender for Containers, Azure Kubernetes Service clusters, and Azure Arc enabled Kubernetes clusters (Preview) protection are both enabled by default.
To upgrade to Microsoft Defender for Containers, open the Defender plans page in the portal and enable the new plan:

Not C: No need for automation.
Note: Automate responses to Microsoft Defender for Cloud triggers.
Every security program includes multiple workflows for incident response. These processes might include notifying relevant stakeholders, launching a change management process, and applying specific remediation steps. Security experts recommend that you automate as many steps of those procedures as you can.
Automation reduces overhead. It can also improve your security by ensuring the process steps are done quickly, consistently, and according to your predefined requirements.


Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation






Post your Comments and Discuss Microsoft SC-100 exam with other Community members:

SC-100 Discussions & Posts