Exam SC-900 Microsoft Security, Compliance, and Identity Fundamentals _ All Tests

Document Content and Description Below

Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals 2021 All Tests. in 370 Pages 1) Which ms 365 feature can use to restrict users from sending email ---(DLP). 2) In a core ed... iscovery workflow---Export & Download results. or (eDiscovery hold) .... 3) what can u protect by using the info protection solution--sensitive data from begin expose to unauthorized users 4) Which secuirty methodology does this represent --Defense in depth 5) in the microsoft cloud app framework for --Define strategy,plan,Adopt,manage,govern 7) which AAD feature can use to restrict ms intune --conditional access policies. 8) you can add, u can add, u can add -(yes,No,yes) 9) Users,multiple,a sensitivity label -(s,s,no) 10) Can be used to provide - (customer lockbox) 11) provides a centrl loc for managing --(Microsoft 365 compliance center). 12) In the microsoft cloud application ---(define startegy plan) 13) Which portal provides info about microsft manages-(microsoft service portal) 14) In software ,in infra,in all azure cloud ---(s,s,s) or (n,n,s) 15) Digitally,verifying,verigying(s,n,s) 16) u plan is implement -(Threat modelling) 17) which 3 authenticaton methods AAD use to reset pwd-(mobile app notification,txt msg to phone,security questions) 18) In azure sentinal we can automate common tasks-- playbooks. 19) __ in the Microsoft 365 security center is used to identify devices that are affected by an alert.(INCIDENTS). 20) --- is requires additional verification, such as a verification code sent to mobile phone.--(Multi-factor authentication (MFA)). 21) Which Feature provides the extended detection and response(XDR)capabilities of Azure Sentinel?----Integration with Microsoft 365 Defender. 22) azure,hybrid,hybrid-(s,n,s) 23) app registering in Azure active directery are associated automatically to a --(User acct) 24) AN external, A notification(SSPR), tO PEROFRM -- (n,s,s) 25) what can u protect by using informaton protection solution in the MS 365 compliance --(files from malware and virus) 26) conditional access,cs,cs-(s,n,s) 27) enable collobaration with business parterns from external-(azure AD B2C). 28) what is the purpose of AAD pwd protection --(To prevent users from using specific words in their passwords) 29) What can u specify in ms 365 sensitivty lables --(Which watermark to add to files)30) ___ provides benchmark --(security baselines for azure) 30) what features in ms defender for endpoint provides the first line of--(Automated investigation) 31) when u enable security defaults in azure active directory will be enabled for all-(azure AD PIM) or (MFA) 32) what should u use in d microsoft 365 security center to view security trens and track -(Reports) 33) u can manage microsoft intune-(microsoft ENDPOINT Manager) 34) Which two types of resources can be protected by using Azure Firewall?---(azure VM,AZURE virtual networks) 35) Microsoft,Microsoft,Microsoft ---(Ture,True,False) 36) Which of the following is the process of checking if a signed-in user has access to a particular resource in Azure? --(Authorization) 37) when users sign in to the azure portal they are first --(Authenticated) 38) restrict communication and sharing --(Information barriers) 39) __ can be used to provide MS support engineers --- (Customer lockbox) 1) The audit teams need to conduct compliance investigations across emails. They need access to crucial events, such as when mail items were accessed, when mail items were applied to and forwarded. What capability can the team use------ A) ----Use Advanced Auditing so that you access and investigate those events. 2) Within an organization, there are many users who will need to access Azure and perform different actions across various scopes. The admin wants to implement action management at all scopes across Azure for the organization. What can the admin use to address this need? A) ----Use Azure role-based access control (RBAC) 3) The compliance admin has been asked to use Advanced e-Discovery to help a legal team that is working on a case. What is the workflow the admin will use? A) ----Add custodians to a case, search custodial sources for relevant data, add data to a review set, review and analyze data, then finally export and download the case data. 4) The compliance team wants to control the use privileged admin accounts with standing access to sensitive data, so that admins receive only the level of access they need, when they need it. How can this requirement be implemented? A) -------Use privileged access management 5) Which of the following provides advanced and intelligent protection of Azure and hybrid resources and workloads? A) -----Azure Defender 6) Can Privileged Identity Management be used to provide time-bound assignments for Azure AD roles? A) ----YES 7) Can Privileged Identity Management be used to provide time-bound assignments for Azure AD roles? A) ----YES 8) With PaaS, the cloud provider manages the hardware and operating systems, and the customer is responsible for applications and data. 9) The compute layer can secure access to virtual machines either on-premises or in the cloud by closing certain ports. 10) In the CIA model of security trade-offs, which refers to keeping data or messages correct? A) ----Integrity 11) In the shared responsibility model for an Azure deployment, what is Microsoft solely responsible for managing? A) ---- the management of the physical hardware 12) Select the answer that correctly completes the sentence. The Microsoft Cloud Adoption Framework for AZURE provides best practices from Microsoft employees, partners, and customers, including tools and guidance to assist in an Azure deployment. 13) Microsoft Defender for Identity is a cloud-based solution that leverages on-premises Active Directory signals as identity, detect, and investigate advanced threats. 14) Compliance Manager tracks only customer-managed controls. ------------ NO Compliance Manager provides predefined templates for creating assessments. ------------ YES Compliance Manager can help you asses whether data adheres to specific data protection standards. ----------- YES 15) Microsoft Cloud App Security can use conditional access policies to control sessions in real time. 16) Which score measures an organization’s progress in completing actions that help reduce risks associated to data protection and regulatory standards? A) ----Compliance score 17) What can you use to provide a user with a two-hour window to complete an administrative task in Azure? A) ---- conditional access policies 18) In a hybrid identity model, what can you use to sync identities between Active Directory Domain Services (AD DS) and Azure Active Directory (Azure AD) A) ----Azure AD Connect 19) Azure Active Directory (Azure AD) is an identity provider used for authentication and authorization. 20) What is a case for implementing information barrier policies in Microsoft 365 A) ---- to restrict Microsoft Exchange Online email between certain groups within an organization 21) With Advanced Audit in Microsoft 365, you can identify when email items were accessed --------------------YES Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing----------NO Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data------------------------YES 22) Customer Lockbox is used to identify, hold, and export electronic information that might be used in an investigation. A) ----- Customer Lockbox 23) Which Azure Directory (Azure AD) feature can use to provide just-in-time (JIT) access to manage Azure resources? A) ---- Azure AD Privileged Identity Management (PIM) 24) What are two capabilities of Microsoft Defender for Endpoint? A) ------attack surface reduction B) ------ Microsoft Cloud App Security 25) Federation is issued to establish a trust relationship between organizations 26) You can use Incidents in the Microsoft 365 security enter to view an aggregation of alerts to the same attack. 27) Which score measures an organization’s progress in completing actions that help reduce risks associated to data protection and regulatory standards? A) ---- 28) What do you use to provide real-time integration between Azure Sentinel and another security source? A) ---- a connector 29) Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? A) ---- Display policy tips to users who are about to violate your organization Etm policies. B) ----Protect documents in Microsoft OneDrive that contain sensitive information. 30) What can you use to provision Azure resource across multiple subscriptions in a consistent manner? A) ------ Azure Blueprints 31) Which Microsoft portal provides information about how Microsoft cloud services comply with regulatory standard, such as International Organization for Standardization (ISO) A) ------ Microsoft Service Trust Portal 32) AZURE FIERWALL provides Network Address Translation (NAT) services AZURE BASTION provides secure and seamless Remote Desktop connectivity to Azure virtual machines Network security group (NSG) provides traffic filtering that can be applied to specific network interfaces on a virtual network 33) AZURE SENTINEL is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response. 34) Azure Defender can detect vulnerabilities and threats for Azure Storage---------- YES Cloud Security posture Management (CSPM) is available for all Azure subscriptions------ YES Azure Security Center can evaluate the security of workloads deployed to Azure or on-premises- ---------- YES 35) With Advanced Audit in Microsoft 365, you can identify when email items were accessed----YES Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing----- NO Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth foe accessing audit data------ YES 36) Azure Active Directory (Azure AD) Identity Protection can add users to groups based on the user’s risk level ------- NO Azure Active Directory (Azure AD) Identity Protection can detect whether user credentials were leaked to the public ------- YES Azure Active Directory (Azure AD) Identity Protection can be used to invoke Multi-Factor Authentication based on a user’s risk level. ------- YES 37) Which Microsoft 365 compliance center feature can you use to identify all the documents on a Microsoft SharePoint Online site that contain a specify keyword? Content Search 38) Compliance Manager assesses compliance data continually for an organization 39) Sensitivity labels can be used to encrypt documents ------ YES Sensitivity labels can add headers and footers to documents. ----- YES Sensitivity labels can apply watermarks to emails ----- YES 40) Which Microsoft 365 compliance feature can you use to encrypt content automatically based on specific conditions? ------------ Sensitivity labels 41) Azure Policy supports automatic remediation ---- YES Azure Policy can be used to ensure that new resources adhere to corporate standards ------ YES Compliance evaluation in Azure Policy occurs only when a target resource is created or modified-------- NO 42) All Azure Active Directory (Azure AD) license editions include the same features ---- NO You can manage an Azure Active Directory (Azure AD) tenant by using the Azure portal---- YES You must deploy Azure virtual machines to host an Azure Active Directory (Azure AD) tenant-NO 43) You can manage Microsoft Intune by using the Microsoft Endpoint Manager admin center. 44) Applying system updates increases an organization’s secure score in Azure Security Center---YES The secure score in Azure Security Center can evaluate resources across multiple Azure --- YES Enabling multi-factor authentication (MFA) increases an organization’s secure score in Azure Security Center. ------ YES 45) Verify explicitly is one of the guiding principles of Zero Trust ----- YES Assume breach is one of the guiding principles of Zero Trust ----- YES The Zero Trust security model assumes that a firewall secures the internal network from external threats ------ NO 46) Control is a key privacy principle of Microsoft ---- YES Transparency is a key privacy principle of Microsoft. ---- YES Shared responsibility is a key privacy principle of Microsoft. ---- NO 47) Encrypting a file makes the data in the file readable and usable to viewers that have the appropriate key. 48) You can create custom roles in Azure Active Directory (Azure AD) ----- YES Global administrator is a role in Azure Active Directory (Azure AD) ----- YES An Azure Active Directory (Azure AD) user can be assigned only one role ---- NO 49) Azure Active Directory (Azure AD) is deployed to an on-premises environment ----- NO Azure Active Directory (Azure AD) is provided as part of a Microsoft 365 subscription ----YES Azure Active Directory (Azure AD) is an identify and access management service ---- YES 50) With windows Hello for Business, a user’s biometric data used for authentication is stored on a local device only 51) What is the purpose of Azure Active Directory (Azure AD) Password Protection? -------- to prevent users from using specific word in their passwords 52) Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically removes users that no longer require membership in a group? --------- ACCESS REVIEWS 53) Multi-factor authentication (MFA) requires additional verification, such as a verification code sent to mobile phone 54) Conditional access policies can use the device state as a signal ---- YES Conditional access policies apply before first-factor authentication is complete ---- NO Conditional access policies can trigger multi-factor authentication (MFA) if a user attempts to access a specific application ----- YES 55) Microsoft Defender for Identity can identify advanced threats from on-premises Active Directory Domain Services (AD DS) signals. 56) Azure DDoS Protection Standard can be used to protect Virtual networks 57) What should you use in the Microsoft 365 security center to view security trends and track the protection status of identities? ------ Reports 58) 59) 60) 61) 62) SC-900_148q_June_2021_By_Drunkmonk SC-900_148q_June_2021_By_Drunkmonk Passing Score: 800 Time Limit: 120 min File Version: 1.0 Microsoft Certified: Security, Compliance, and Identity Fundamentals Skills measured Describe the concepts of security, compliance, and identity Describe the capabilities of Microsoft identity and access management solutions Describe the capabilities of Microsoft security solutions Describe the capabilities of Microsoft compliance solutions Exam by DrunkMonk SC-900_148q_June_2021_By_Drunkmonk Exam A QUESTION 1 What is the purpose of eDiscovery hold? Select two NOTE: Each correct selection is woth one point A. Quickly search the content locations on hold B. Access and export case data for any case in the organization C. Hold on users, create and edit searches, and export content D. Preserves content that may be relevant to the case during the investigation. Answer: AD Section: (none) Explanation/Reference: Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwide QUESTION 2 How can you add a group as a member of the eDiscovery Manager role group? A. By using Add-eDiscoveryCaseAdmin cmdlet in Security & Compliance Center PowerShell B. By using New-DistributionGroup -Type Security in Security & Compliance Center PowerShell C. By using Add-RoleGroupAdministrator cmdlet in Security & Compliance Center PowerShell D. By using Add-RoleGroupMember cmdlet in Security & Compliance Center PowerShell Answer: D Section: (none) Explanation/Reference: Explanation: You can add a mail-enabled security group as a member of the eDiscovery Managers subgroup in the eDiscovery Manager role group by using the Add-RoleGroupMember cmdlet in Security & Compliance Center PowerShell. Reference: QUESTION 3 Which of the following Insider risk management principle focuses on providing insights to enable reviewer notifications, data investigations, and user investigations? A. Transparency B. Configurable C. Integrated D. Actionable Answer: D SC-900_148q_June_2021_By_Drunkmonk Section: (none) Explanation/Reference: Explanation: Insider risk management is centered around the following principles: Transparency: Balance user privacy versus organization risk with privacy-by-design architecture. Configurable: Configurable policies based on industry, geographical, and business groups. Integrated: Integrated workflow across Microsoft 365 compliance solutions. Actionable: Provides insights to enable reviewer notifications, data investigations, and user investigations. Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide QUESTION 4 Where are all data files and email messages associated with alert activities are automatically captured and displayed? A. Alerts B. Case Notes C. Content Explorer D. User Activity E. Case Overview Answer: C Section: (none) Explanation/Reference: Explanation: Content Explorer: All data files and email messages associated with alert activities are automatically captured and displayed in the Content explorer. Reviewers can filter and view files and messages by data source, file type, tags, conversation, and many more attributes. Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide QUESTION 5 Insider risk management supports exporting alert information to security information and event management (SIEM) services via the ________________. A. Data leaks by priority users B. Audit log C. Office 365 Management APIs integration D. Advanced eDiscovery Answer: C Section: (none) Explanation/Reference: Explanation: Insider risk management supports exporting alert information to security information and event management (SIEM) services via the Office 365 Management APIs. Reference: SC-900_148q_June_2021_By_Drunkmonk QUESTION 6 Which of the following is not a feature of Advanced eDiscovery? Select two NOTE: Each correct selection is woth one point A. Escalating a case for investigation allows you to transfer data and management of the case B. It allows legal teams to manage the entire legal hold notification workflow C. Exporting alert information to security information and event management (SIEM) services D. Provides an end-to-end workflow to preserve, collect, review, analyze, and export content Answer: AC Section: (none) Explanation/Reference: Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide QUESTION 7 Which of the following should be configured to receive alerts for suspicious activities associated with data theft by departing users? A. Data leaks by disgruntled users B. Security policy violations by priority users C. General security policy violations D. Microsoft 365 HR connector Answer: D Section: (none) Explanation/Reference: Explanation: When users leave an organization, either voluntarily or as the result of termination, there is often legitimate concerns that company, customer, and user data are at risk. Users may innocently assume that project data isn't proprietary, or they may be tempted to take company data for personal gain and in violation of company policy and legal standards. Insider risk management policies that use the Data theft by departing users policy template automatically detect activities typically associated with this type of theft. With this policy, you'll automatically receive alerts for suspicious activities associated with data theft by departing users so you can take appropriate investigative actions. Configuring a Microsoft 365 HR connector for your organization is required for this policy template. Ref [Show More]

Last updated: 1 month ago

Preview 10 out of 370 pages