Free Microsoft SC-100 Exam Questions
Try our Free Demo Practice Tests for Comprehensive SC-100 Exam Preparation
-
Microsoft SC-100 Exam Questions
-
Provided By: Microsoft
- Exam: Microsoft Cybersecurity Architect
- Certification: Microsoft Certified Cybersecurity Architect Expert
-
Total Questions: 201
-
Updated On: Jun 06, 2025
-
Rated: 4.9 |
-
Online Users: 402
-
Question 1
-
You have a Microsoft 365 tenant. Your company uses a third-party software as a service (SaaS) app
named App1. App1 supports authenticating users by using Azure AO credentials. You need to
recommend a solution to enable users to authenticate to App1 by using their Azure AD credentials.
What should you include in the recommendation?
Answer: C
-
You have a Microsoft 365 tenant. Your company uses a third-party software as a service (SaaS) app
named App1. App1 supports authenticating users by using Azure AO credentials. You need to
recommend a solution to enable users to authenticate to App1 by using their Azure AD credentials.
What should you include in the recommendation?
-
Question 2
-
Your on-premises network contains an Active Directory Domain Services (AD DS) domain namedcorpxontoso.com and an AD DS-integrated application named App1.Your perimeter network contains a server named Server1 that runs Windows Server.You have a Microsoft Entra tenant named contoso.com that syncs with corp.contoso.com.You plan to implement a security solution that will include the following configurations:Manage access to App1 by using Microsoft Entra Private Access.Deploy a Microsoft Entra application proxy connector to Server1.Implement single sign-on (SSO) for App1 by using Kerberos constrained delegation. For Server1, configure the following rules in Windows Defender Firewall with Advanced Security:o Rule1: Allow TCP 443 inbound from a designated set of Azure URLs.o Rule2: Allow TCP 443 outbound to a designated set of Azure URLs.o Rule3: Allow TCP 80 outbound to a designated set of Azure URLs.o Rule4: Allow TCP 389 outbound to the domain controllers on corp.contoso.com.You need to maximize security for the planned implementation. The solution must minimize theimpact on the connector.Which rule should you remove?
Answer: C
-
Your on-premises network contains an Active Directory Domain Services (AD DS) domain namedcorpxontoso.com and an AD DS-integrated application named App1.Your perimeter network contains a server named Server1 that runs Windows Server.You have a Microsoft Entra tenant named contoso.com that syncs with corp.contoso.com.You plan to implement a security solution that will include the following configurations:Manage access to App1 by using Microsoft Entra Private Access.Deploy a Microsoft Entra application proxy connector to Server1.Implement single sign-on (SSO) for App1 by using Kerberos constrained delegation. For Server1, configure the following rules in Windows Defender Firewall with Advanced Security:o Rule1: Allow TCP 443 inbound from a designated set of Azure URLs.o Rule2: Allow TCP 443 outbound to a designated set of Azure URLs.o Rule3: Allow TCP 80 outbound to a designated set of Azure URLs.o Rule4: Allow TCP 389 outbound to the domain controllers on corp.contoso.com.You need to maximize security for the planned implementation. The solution must minimize theimpact on the connector.Which rule should you remove?
-
Question 3
-
Your company develops several applications that are accessed as custom enterprise applications in
Azure Active Directory (Azure AD). You need to recommend a solution to prevent users on a specific
list of countries from connecting to the applications. What should you include in the
recommendation?
Answer: A
-
Your company develops several applications that are accessed as custom enterprise applications in
Azure Active Directory (Azure AD). You need to recommend a solution to prevent users on a specific
list of countries from connecting to the applications. What should you include in the
recommendation?
-
Question 4
-
You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server and 50 virtual machines that run Linux.
You need to perform vulnerability assessments on the virtual machines. The solution must meet the following requirements:
• Identify missing updates and insecure configurations.
• Use the Qualys engine.
What should you use?
Answer: A
-
You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server and 50 virtual machines that run Linux.
-
Question 5
-
Your company has a hybrid cloud infrastructure.The company plans to hire several temporary employees within a brief period. The temporaryemployees will need to access applications and data on the company' premises network.The company's security policy prevents the use of personal devices for accessing company data andapplications.You need to recommend a solution to provide the temporary employee with access to companyresources. The solution must be able to scale on demand.What should you include in the recommendation?
Answer: D
-
Your company has a hybrid cloud infrastructure.The company plans to hire several temporary employees within a brief period. The temporaryemployees will need to access applications and data on the company' premises network.The company's security policy prevents the use of personal devices for accessing company data andapplications.You need to recommend a solution to provide the temporary employee with access to companyresources. The solution must be able to scale on demand.What should you include in the recommendation?