Free SC-900 Exam Braindumps (page: 14)

Page 13 of 56

HOTSPOT (Drag and Drop is not supported)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-admin-mfa



When security defaults are enabled for an Azure Active Directory (Azure AD) tenant, which two requirements are enforced? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

  1. All users must authenticate from a registered device.
  2. Administrators must always use Azure Multi-Factor Authentication (MFA).
  3. Azure Multi-Factor Authentication (MFA) registration is required for all users.
  4. All users must authenticate by using passwordless sign-in.
  5. All users must authenticate by using Windows Hello.

Answer(s): B,C

Explanation:

Security defaults make it easy to protect your organization with the following preconfigured security settings:
-Requiring all users to register for Azure AD Multi-Factor Authentication.
-Requiring administrators to do multi-factor authentication.
-Blocking legacy authentication protocols.
-Requiring users to do multi-factor authentication when necessary.
-Protecting privileged activities like access to the Azure portal.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals- security-defaults



Which type of identity is created when you register an application with Active Directory (Azure AD)?

  1. a user account
  2. a user-assigned managed identity
  3. a system-assigned managed identity
  4. a service principal

Answer(s): D

Explanation:

When you register an application through the Azure portal, an application object and service principal are automatically created in your home directory or tenant.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal- portal



Which three tasks can be performed by using Azure Active Directory (Azure AD) Identity Protection?
Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

  1. Configure external access for partner organizations.
  2. Export risk detection to third-party utilities.
  3. Automate the detection and remediation of identity based-risks.
  4. Investigate risks that relate to user authentication.
  5. Create and automatically assign sensitivity labels to data.

Answer(s): B,C,D






Post your Comments and Discuss Microsoft SC-900 exam with other Community members:

SC-900 Discussions & Posts