Microsoft prepway microsoft Certified: Cybersecurity Architect Expert Sc-100 Release Date by Maira q59 vce pdf

Page: 5 / 8

Exam Name:	Microsoft Cybersecurity Architect
Exam Code:	SC-100 Dumps
Vendor:	Microsoft	Certification:	Microsoft Certified: Cybersecurity Architect Expert
Questions:	171 Q&A's	Shared By:	maira

Question 20

You have a customer that has a Microsoft 365 subscription and uses the Free edition of Azure Active Directory (Azure AD)

The customer plans to obtain an Azure subscription and provision several Azure resources.

You need to evaluate the customer's security environment.

What will necessitate an upgrade from the Azure AD Free edition to the Premium edition?

Options:

role-based authorization

Azure AD Privileged Identity Management (PIM)

resource-based authorization

Azure AD Multi-Factor Authentication

Discussion

Question 21

Your company has the virtual machine infrastructure shown in the following table.

Questions 21

The company plans to use Microsoft Azure Backup Server (MABS) to back up the virtual machines to Azure.

You need to provide recommendations to increase the resiliency of the backup strategy to mitigate attacks such as ransomware.

What should you include in the recommendation?

Options:

Use geo-redundant storage (GRS).

Use customer-managed keys (CMKs) for encryption.

Require PINs to disable backups.

Implement Azure Site Recovery replication.

Discussion

Question 22

Your company has an on-premise network in Seattle and an Azure subscription. The on-premises network contains a Remote Desktop server.

The company contracts a third-party development firm from France to develop and deploy resources to the virtual machines hosted in the Azure subscription.

Currently, the firm establishes an RDP connection to the Remote Desktop server. From the Remote Desktop connection, the firm can access the virtual machines hosted in Azure by using custom administrative tools installed on the Remote Desktop server. All the traffic to the Remote Desktop server is captured by a firewall, and the firewall only allows specific connections from France to the server.

You need to recommend a modern security solution based on the Zero Trust model. The solution must minimize latency tor developers.

Which three actions should you recommend? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

Configure network security groups (NSGs) to allow access from only specific logical groupings of IP address ranges.

Implement Azure Firewall to restrict host pool outbound access.

Configure Azure Active Directory (Azure AD) Conditional Access with multi-factor authentication (MFA) and named locations.

Migrate from the Remote Desktop server to Azure Virtual Desktop.

Deploy a Remote Desktop server to an Azure region located in France.

Discussion

Carson

Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.

Rufus (not set)

Me too. They're a lifesaver!

Zayaan

Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.

Harmony (not set)

That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun (not set)

That sounds really useful. I'll definitely check it out.

Ace

No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!

Harris (not set)

That sounds amazing. I'll definitely check them out. Thanks for the recommendation!

Question 23

Your company finalizes the adoption of Azure and is implementing Microsoft Defender for Cloud.

You receive the following recommendations in Defender for Cloud

• Access to storage accounts with firewall and virtual network configurations should be restricted,

• Storage accounts should restrict network access using virtual network rules.

• Storage account should use a private link connection.

• Storage account public access should be disallowed.

You need to recommend a service to mitigate identified risks that relate to the recommendations. What should you recommend?

Options:

Azure Storage Analytics