| Exam Name: | Microsoft Cybersecurity Architect | ||
| Exam Code: | SC-100 Dumps | ||
| Vendor: | Microsoft | Certification: | Microsoft Certified: Cybersecurity Architect Expert |
| Questions: | 296 Q&A's | Shared By: | caelan |
You have an Azure subscription that contains Azure App Service web apps. The apps have the following characteristics:
• The apps are deployed by using continuous integration and continuous deployment (CI/CD) pipelines in Azure DevOps.
• The apps are deployed to a test environment first, and then to a production environment.
• The source code for the apps is stored in Azure Repos.
You plan to implement DevSecOps controls based on the Microsoft Cloud Adoption Framework for Azure. You need to recommend testing controls to meet the following requirements:
• All the source code must be tested for security vulnerabilities in Azure Repos before deploying the apps.
• Once the apps are deployed to the test environment they must be tested for security vulnerabilities.
Which testing method should you recommend for each stage? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.

You have a Microsoft 365 tenant that contains two groups named Group1 and Group2.
You use Microsoft Defender XDR to manage the tenants of your company ' s customers.
You need to ensure that the users in Group1 can perform security tasks in the tenant of each customer. The solution must meet the following requirements:
The Group1 users must only be assigned the Security Operator role for the customer tenants.
The users in Group2 must be able to assign the Security Operators role to the Group1 users for the customer tenants.
The use of guest accounts must be minimized.
Administrative effort must be minimized.
What should you include in the solution?
Your company has a Microsoft 365 subscription and uses Microsoft Defender for Identity.
You are informed about incidents that relate to compromised identities.
You need to recommend a solution to expose several accounts for attackers to exploit. When the attackers attempt to exploit the accounts, an alert must be triggered. Which Defender for Identity feature should you include in the recommendation?