Skip Navigation Links
 

Microsoft - SC-900: Microsoft Security, Compliance, and Identity Fundamentals

Sample Questions

Question: 41
Measured Skill: Describe the capabilities of Microsoft identity and access management solutions (25-30%)

Select the answer that correctly completes the sentence.

www.cert2brain.com

AWith Windows Hello for Business, a user's biometric data used for authentication is stored on an external device.
B With Windows Hello for Business, a user's biometric data used for authentication is stored on a local device only.
C With Windows Hello for Business, a user's biometric data used for authentication is stored in Azure Active Directory (Azure AD).
D With Windows Hello for Business, a user's biometric data used for authentication is replicated to all the devices designated by the user.

Correct answer: B

Explanation:

In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN.

Windows Hello addresses the following problems with passwords:

  • Strong passwords can be difficult to remember, and users often reuse passwords on multiple sites.
  • Server breaches can expose symmetric network credentials (passwords).
  • Passwords are subject to replay attacks.
  • Users can inadvertently expose their passwords due to phishing attacks.

Windows Hello lets users authenticate to:

  • a Microsoft account.
  • an Active Directory account.
  • a Microsoft Azure Active Directory (Azure AD) account.
  • Identity Provider Services or Relying Party Services that support Fast ID Online (FIDO) v2.0 authentication (in progress)

After an initial two-step verification of the user during enrollment, Windows Hello is set up on the user's device and Windows asks the user to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Windows Hello to authenticate users.

As an administrator in an enterprise or educational organization, you can create policies to manage Windows Hello for Business use on Windows 10-based devices that connect to your organization.

Reference: Windows Hello for Business Overview



Question: 42
Measured Skill: Describe the capabilities of Microsoft security solutions (30-35%)

Select the answer that correctly completes the sentence.

www.cert2brain.com

AMicrosoft Cloud App Security is a cloud-based solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats.
B Microsoft Defender for Endpoint is a cloud-based solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats.
C Microsoft Defender for Identity is a cloud-based solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats.
D Microsoft Defender for Office 365 is a cloud-based solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats.

Correct answer: C

Explanation:

Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:

  • Monitor users, entity behavior, and activities with learning-based analytics
  • Protect user identities and credentials stored in Active Directory
  • Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
  • Provide clear incident information on a simple timeline for fast triage 

Defender for Identity monitors and analyzes user activities and information across your network, such as permissions and group membership, creating a behavioral baseline for each user. Defender for Identity then identifies anomalies with adaptive built-in intelligence, giving you insights into suspicious activities and events, revealing the advanced threats, compromised users, and insider threats facing your organization. Defender for Identity's proprietary sensors monitor organizational domain controllers, providing a comprehensive view for all user activities from every device.

Reference: What is Microsoft Defender for Identity?



Question: 43
Measured Skill: Describe the capabilities of Microsoft identity and access management solutions (25-30%)

Select the answer that correctly completes the sentence.

www.cert2brain.com

AAzure AD Privileged Identity Management (PIM) can use conditional access policies to control sessions in real time.
B Azure Defender can use conditional access policies to control sessions in real time.
C Azure Sentinel can use conditional access policies to control sessions in real time.
D Microsoft Cloud App Security can use conditional access policies to control sessions in real time.

Correct answer: D

Explanation:

Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) that supports various deployment modes including log collection, API connectors, and reverse proxy. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your Microsoft and third-party cloud services.

Microsoft Cloud App Security natively integrates with leading Microsoft solutions and is designed with security professionals in mind. It provides simple deployment, centralized management, and innovative automation capabilities.

CASBs address security gaps in an organization's use of cloud services by providing granular visibility into and control over user activities and sensitive data. CASB coverage scope applies broadly across SaaS, PaaS, and IaaS. For SaaS coverage, CASBs commonly work with the most popular content collaboration platforms (CCP), CRM systems, HR systems, Enterprise resource planning (ERP) solutions, service desks, office productivity suites, and enterprise social networking sites. For IaaS and PaaS coverage, several CASBs govern the API-based usage of popular cloud service providers (CSP) and extend visibility and governance to applications running in these clouds.

Cloud App Security integrates visibility with your cloud by:

  • Using Cloud Discovery to map and identify your cloud environment and the cloud apps your organization is using.
  • Sanctioning and unsanctioning apps in your cloud.
  • Using easy-to-deploy app connectors that take advantage of provider APIs, for visibility and governance of apps that you connect to.
  • Using Conditional Access App Control protection to get real-time visibility and control over access and activities within your cloud apps.
  • Helping you have continuous control by setting, and then continually fine-tuning, policies.

Reference: Microsoft Cloud App Security overview



Question: 44
Measured Skill: Describe the capabilities of Microsoft security solutions (30-35%)

Select the answer that correctly completes the sentence.

www.cert2brain.com

AAzure DDOS Protection Standard can be used to protect Azure AD applications.
B Azure DDOS Protection Standard can be used to protect Azure AD users.
C Azure DDOS Protection Standard can be used to protect resource groups.
D Azure DDOS Protection Standard can be used to protect virtual networks.

Correct answer: D

Explanation:

Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application's resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet.

Every property in Azure is protected by Azure's infrastructure DDoS (Basic) Protection at no additional cost. The scale and capacity of the globally deployed Azure network provides defense against common network-layer attacks through always-on traffic monitoring and real-time mitigation. DDoS Protection Basic requires no user configuration or application changes. DDoS Protection Basic helps protect all Azure services, including PaaS services like Azure DNS.

Azure DDoS Protection Standard, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It is automatically tuned to help protect your specific Azure resources in a virtual network. Protection is simple to enable on any new or existing virtual network, and it requires no application or resource changes. It has several advantages over the basic service, including logging, alerting, and telemetry.

DDoS Protection Standard is designed for services that are deployed in a virtual network. For other services, the default DDoS Protection Basic service applies. 

Reference: Azure DDoS Protection Standard overview



Question: 45
Measured Skill: Describe the capabilities of Microsoft security solutions (30-35%)

Select the answer that correctly completes the sentence.

www.cert2brain.com

AAzure Advisor is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response.
B Azure Bastion is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response.
C Azure Monitor is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response.
D Azure Sentinel is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution used to provide a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Correct answer: D

Explanation:

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Azure Sentinel is your birds-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.

  • Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. 

  • Detect previously undetected threats, and minimize false positives using Microsoft's analytics and unparalleled threat intelligence. 

  • Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft. 

  • Respond to incidents rapidly with built-in orchestration and automation of common tasks.

Reference: What is Azure Sentinel?





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2021 by cert2brain.com