This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Thu May 16 9:33:02 2024 / +0000 GMT ___________________________________________________ Title: [December-2021]Braindump2go SC-900 VCE and SC-900 Dumps SC-900 101Q Free Offered[Q52-Q82] --------------------------------------------------- December/2021 Latest Braindump2go SC-900 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SC-900 Real Exam Questions!QUESTION 52A company wants to make use of Windows Hello for business when it comes to authentication. Which of the following are the authentication techniques available for Windows Hello for business? Choose 3 answers from the options given belowA. PINB. Facial RecognitionC. Email messageD. PasswordE. Fingerprint recognitionAnswer: ABEExplanation:The entire purpose of Windows Hello for business is to ensure passwords are not used in the authentication process. Here uses can use other techniques for authentication via the usage of PIN's and biometric recognition.Options C and D are incorrect since Windows Hello for Business tries to ensure that secure measures are used for the authentication process.Reference:https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overviewQUESTION 53Which of the following can be used to provide a secure score for the resources defined as part of your Azure account? A. Azure Security CenterB. Azure key VaultsC. Azure SentinelD. Azure Information ProtectionAnswer: AExplanation:You can accomplish this with the help of Azure Security CenterIf you go to Azure Security Center, in the Overview you can see the secure score. Reference:https://docs.microsoft.com/en-us/azure/security-center/security-center-introductionQUESTION 54Your company has just setup an Azure subscription. They have the following requirements- Be able to deploy a set of resources, resource groups, role assignments to a set of subscriptions.- Be able to ensure no one can delete resources defined in a resource group named lead2pass-staging- Ensure that all Windows Servers defined as Azure virtual machines should have the Microsoft IaaS Antimalware extension installedWhich of the following can be used for the following requirement?- Be able to ensure no one can delete resources defined in a resource group named lead2pass-rgA. Azure PolicyB. Azure BlueprintsC. Azure AD Identity ProtectionD. Azure Resource locksAnswer: DExplanation:https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resourcesQUESTION 55You are considering the use of sensitivity labels in Microsoft 365. Can sensitivity labels can be used to encrypt the contents in documents?A. YesB. NoAnswer: AExplanation:When you apply a “Confidential” label to a document, the label will encrypt the content in the document.Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwideQUESTION 56You are planning on making use of the Azure Bastion service. Can you use the Azure Bastion service to restrict traffic from the Internet onto an Azure virtual machine?A. YesB. NoAnswer: AExplanation:You cannot use the Azure Bastion service to restrict traffic into an Azure virtual machine. For this you will need to use Network Security groups. The Azure Bastion service is used to RDP/SSH into an Azure virtual machine via the Azure portal and the browser.Reference:https://docs.microsoft.com/en-us/azure/bastion/bastion-overviewQUESTION 57You are looking at the capabilities of Azure Active Directory. Can you use Azure Active Directory to manage device registrations in Azure Active Directory?A. YesB. NoAnswer: AExplanation:https://docs.microsoft.com/en-us/azure/active-directory/devices/overviewQUESTION 58Your company is planning on using Azure Cloud services. Which of the following can be used to ensure that data can be read only by authorized users?A. EncryptionB. DeduplicationC. ArchivingD. CompressionAnswer: AExplanation:You can ensure data is encrypted. Then only authorized users would have the encryption key. The encryption key can then be used to decrypt and read the data.Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/office-365-encryption-in-the-microsoft-cloud-overview?view=o365-worldwideQUESTION 59Your company is planning on using Azure Active Directory for the storage of identities. They want to make use of the self-service password reset feature.Which of the following authentication methods are available for self-service password reset? Choose 3 answers from the options given belowA. EmailB. A passport identification numberC. A picture messageD. Mobile app notificationE. Mobile app codeAnswer: ADEExplanation:Below are the authentication methods available for self-service password reset: Mobile app notification Mobile app code Email Mobile phone Office phone Security questionsReference:https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworksQUESTION 60Your company wants to start making use of Azure. They are looking at different security aspects when it comes to using Azure. Which of the following could be used for the following requirement?- Enforce Multi-Factor authentication based on the sign-in riskA. Azure AD Identity ManagementB. Azure Conditional AccessC. Azure AD RolesD. Azure AD ConnectAnswer: AExplanation:In Azure AD Identity Protection, you can configure the Sign-in risk policy to allow access and enforce the use of Multi-Factor Authentication. Reference:https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protectionQUESTION 61Which of the following is a scalable, cloud-native, security information event management and security orchestration automated response solution?A. Azure SentinelB. Azure Security CenterC. Azure Active DirectoryD. Azure AD Identity ProtectionAnswer: AExplanation:You can use Azure Sentinel as a scalable, cloud-native, security information event management and security orchestration automated response solution. Azure Sentinel has the capability to ingest data from a variety of sources and performance threat monitoring on that data.Reference:https://docs.microsoft.com/en-us/azure/sentinel/overviewQUESTION 62Which of the following provides advanced and intelligent protection of Azure and hybrid resources and workloads?A. Azure DefenderB. Azure PoliciesC. Azure BlueprintsD. Azure Active DirectoryAnswer: AExplanation:With Azure Defender , you can enable intelligent protection of your resources that are defined in Azure and also in your on-premises infrastructure.This is an additional security feature that comes as part of Azure Security Center as shown below Reference:https://docs.microsoft.com/en-us/azure/security-center/azure-defenderQUESTION 63Which of the following is available for the Azure Application Gateway service that helps to protect web applications from common exploits and vulnerabilities?A. Azure FirewallB. Azure Web Application FirewallC. Azure PolicyD. Azure Identity ProtectionAnswer: BExplanation:The Azure Web Application Firewall can be used along with the Azure Application Gateway resource to protect web applications from common exploits and vulnerabilities. It can help to protect against attacks such as SQL injection attacks or cross-site scripting attacks.Reference:https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overviewQUESTION 64You are evaluating the different services available in Azure when it comes to security. Which of the following can be accomplished with the use of the Azure Privileged Identity Managed service?A. Filter traffic to Azure virtual machinesB. Enable Multi-Factor Authentication for users based on detected sign-in risksC. Provide just-in-time access to resource roles in AzureD. Measure the security posture of resources defined in an Azure environmentAnswer: CExplanation:With Azure Privileged Identity Managed , you can provide just-in-time access to Azure AD roles and resource roles. Here users can request for access whenever required. And the access can be granted or denied accordingly.Reference:https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configureQUESTION 65You are evaluating the different discovery tools that are available with Microsoft 365. You need to map the tool that can be used for desired requirement below:- Be able to quickly find email in Exchange mailboxesWhich of the following would you use for this requirement?A. Core eDiscoveryB. Advanced eDiscoveryC. Sensitivity labelsD. Content searchAnswer: DExplanation:The Content search tool can be used to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations.Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/search-for-content?view=o365-worldwideQUESTION 66You are evaluating the different discovery tools that are available with Microsoft 365. You need to map the tool that can be used for desired requirement below:- Provide basic capabilities on searching and exporting of content in Microsoft 365Which of the following would you use for this requirement?A. Core eDiscoveryB. Privileged Access ManagementC. Sensitivity labelsD. Content searchAnswer: AExplanation:The Core eDiscovery tool helps you to find and export content in Microsoft 365 and Office 365. You can also use the tool to place an eDiscovery hold on certain content locations.Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwideQUESTION 67In the Microsoft Cloud Adoption Framework for Azure, which two phases are addressed before the Ready phase? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.A. PlanB. ManageC. AdoptD. GovernE. Define StrategyAnswer: AEExplanation:https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/overviewQUESTION 68What is an example of encryption at rest?A. encrypting communications by using a site-to-site VPNB. encrypting a virtual machine diskC. accessing a website by using an encrypted HTTPS connectionD. sending an encrypted emailAnswer: BExplanation:https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-atrestQUESTION 69Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization?A. sensitivity label policiesB. Customer LockboxC. information batteriesD. Privileged Access Management (PAM)Answer: CExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriersQUESTION 70Which three authentication methods does Windows Hello for Business support? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.A. fingerprintB. facial recognitionC. PIND. email verificationE. security questionAnswer: ABCExplanation:https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-how-it-works-authenticationQUESTION 71What feature in Microsoft Defender for Endpoint provides the first line of defense against cyberthreats by reducing the attack surface?A. automated remediationB. automated investigationC. advanced huntingD. network protectionAnswer: DExplanation:Network protection helps protect devices from Internet-based events. Network protection is an attack surface reduction capability.Reference:https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/network-protection?view=o365-worldwideQUESTION 72Which two types of resources can be protected by using Azure Firewall? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.A. Azure virtual machinesB. Azure Active Directory (Azure AD) usersC. Microsoft Exchange Online inboxesD. Azure virtual networksE. Microsoft SharePoint Online sitesAnswer: DEQUESTION 73You plan to implement a security strategy and place multiple layers of defense throughout a network infrastructure.Which security methodology does this represent?A. threat modelingB. identity as the security perimeterC. defense in depthD. the shared responsibility modelAnswer: CExplanation:https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/2-what-is-defense-in-depthQUESTION 74What can you use to scan email attachments and forward the attachments to recipients only if the attachments are free from malware?A. Microsoft Defender for Office 365B. Microsoft Defender AntivirusC. Microsoft Defender for IdentityD. Microsoft Defender for EndpointAnswer: AExplanation:https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection-service-descriptionQUESTION 75Which feature provides the extended detection and response (XDR) capability of Azure Sentinel?A. integration with the Microsoft 365 compliance centerB. support for threat huntingC. integration with Microsoft 365 DefenderD. support for Azure Monitor WorkbooksAnswer: CExplanation:https://docs.microsoft.com/en-us/microsoft-365/security/defender/eval-overview?view=o365-worldwideQUESTION 76What can you use to provide threat detection for Azure SQL Managed Instance?A. Microsoft Secure ScoreB. application security groupsC. Azure DefenderD. Azure BastionAnswer: CQUESTION 77Which Azure Active Directory (Azure AD) feature can you use to restrict Microsoft Intune-managed devices from accessing corporate resources?A. network security groups (NSGs)B. Azure AD Privileged Identity Management (PIM)C. conditional access policiesD. resource locksAnswer: CQUESTION 78Which Microsoft 365 feature can you use to restrict users from sending email messages that contain lists of customers and their associated credit card numbers?A. retention policiesB. data loss prevention (DLP) policiesC. conditional access policiesD. information barriersAnswer: BExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwideQUESTION 79In a Core eDiscovery workflow, what should you do before you can search for content?A. Create an eDiscovery hold.B. Run Express Analysis.C. Configure attorney-client privilege detection.D. Export and download results.Answer: AExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-core-ediscovery?view=o365-worldwideQUESTION 80Which Microsoft portal provides information about how Microsoft manages privacy, compliance, and security?A. Microsoft Service Trust PortalB. Compliance ManagerC. Microsoft 365 compliance centerD. Microsoft SupportAnswer: AExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-worldwideQUESTION 81What can you protect by using the information protection solution in the Microsoft 365 compliance center?A. computers from zero-day exploitsB. users from phishing attemptsC. files from malware and virusesD. sensitive data from being exposed to unauthorized usersAnswer: DExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/information-protection?view=o365-worldwideQUESTION 82What can you specify in Microsoft 365 sensitivity labels?A. how long files must be preservedB. when to archive an email messageC. which watermark to add to filesD. where to store filesAnswer: CExplanation:https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwideResources From:1.2021 Latest Braindump2go SC-900 Exam Dumps (PDF & VCE) Free Share:https://www.braindump2go.com/sc-900.html2.2021 Latest Braindump2go SC-900 PDF and SC-900 VCE Dumps Free Share:https://drive.google.com/drive/folders/1lBjx9vxksSKq1-ok4CmD-HBgZND4cDno?usp=sharing3.2021 Free Braindump2go SC-900 Exam Questions Download:https://www.braindump2go.com/free-online-pdf/SC-900-PDF(42-62).pdfhttps://www.braindump2go.com/free-online-pdf/SC-900-PDF-Dumps(1-20).pdfhttps://www.braindump2go.com/free-online-pdf/SC-900-VCE(63-85).pdfhttps://www.braindump2go.com/free-online-pdf/SC-900-VCE-Dumps(21-41).pdfFree Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams! --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2021-12-31 07:16:09 Post date GMT: 2021-12-31 07:16:09 Post modified date: 2021-12-31 07:16:09 Post modified date GMT: 2021-12-31 07:16:09 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com