Free Microsoft SC-100 Exam Questions
Try our Free Demo Practice Tests for Comprehensive SC-100 Exam Preparation
-
Microsoft SC-100 Exam Questions
-
Provided By: Microsoft
- Exam: Microsoft Cybersecurity Architect
- Certification: Microsoft Certified Cybersecurity Architect Expert
-
Total Questions: 271
-
Updated On: May 23, 2026
-
Rated: 4.9 |
-
Online Users: 542
-
Question 1
-
Your company develops several applications that are accessed as custom enterprise applications in
Azure Active Directory (Azure AD). You need to recommend a solution to prevent users on a specific
list of countries from connecting to the applications. What should you include in the
recommendation?
Answer: A
-
Your company develops several applications that are accessed as custom enterprise applications in
Azure Active Directory (Azure AD). You need to recommend a solution to prevent users on a specific
list of countries from connecting to the applications. What should you include in the
recommendation?
-
Question 2
-
You are evaluating an Azure environment for compliance.
You need to design an Azure Policy implementation that can be used to evaluate compliance without changing any resources.
Which effect should you use in Azure Policy?
Answer: D
-
You are evaluating an Azure environment for compliance.
-
Question 3
-
You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluatingthe Azure Security Benchmark V3 report.In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.You need to recommend configurations to increase the score of the Secure management portscontrols.Solution: You recommend onboarding all virtual machines to Microsoft Defender for Endpoint.Does this meet the goal?
Answer: B
-
You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluatingthe Azure Security Benchmark V3 report.In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.You need to recommend configurations to increase the score of the Secure management portscontrols.Solution: You recommend onboarding all virtual machines to Microsoft Defender for Endpoint.Does this meet the goal?
-
Question 4
-
You are designing the encryption standards for data at rest for an Azure resourceYou need to provide recommendations to ensure that the data at rest is encrypted by using AES-256keys. The solution must support rotating the encryption keys monthly.Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses customer-managed keys (CMKs).Does this meet the goal?
Answer: B
-
You are designing the encryption standards for data at rest for an Azure resourceYou need to provide recommendations to ensure that the data at rest is encrypted by using AES-256keys. The solution must support rotating the encryption keys monthly.Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses customer-managed keys (CMKs).Does this meet the goal?
-
Question 5
-
You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by usingMicrosoft Intune.You are designing a privileged access strategy based on the rapid modernization plan (RaMP). Thestrategy will include the following configurations:Each user in Group1 will be assigned a Windows 11 device that will be configured as a privilegedaccess device.The Security Administrator role will be mapped to the privileged access security level.The users in Group1 will be assigned the Security Administrator role.The users in Group2 will manage the privileged access devices.You need to configure the local Administrators group for each privileged access device. The solutionmust follow the principle of least privilege.What should you include in the solution?
Answer: B
-
You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by usingMicrosoft Intune.You are designing a privileged access strategy based on the rapid modernization plan (RaMP). Thestrategy will include the following configurations:Each user in Group1 will be assigned a Windows 11 device that will be configured as a privilegedaccess device.The Security Administrator role will be mapped to the privileged access security level.The users in Group1 will be assigned the Security Administrator role.The users in Group2 will manage the privileged access devices.You need to configure the local Administrators group for each privileged access device. The solutionmust follow the principle of least privilege.What should you include in the solution?