Question 161
Your company has a hybrid cloud infrastructure.
Data and applications are moved regularly between cloud environments.
The company's on-premises network is managed as shown in the following exhibit.
You are designing security operations to support the hybrid cloud infrastructure. The solution must meet the following requirements:
* Govern virtual machines and servers across multiple environments.
* Enforce standards for all the resources across all the environment across the Azure policy.
Which two components should you recommend for the on-premises network? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point.
Data and applications are moved regularly between cloud environments.
The company's on-premises network is managed as shown in the following exhibit.
You are designing security operations to support the hybrid cloud infrastructure. The solution must meet the following requirements:
* Govern virtual machines and servers across multiple environments.
* Enforce standards for all the resources across all the environment across the Azure policy.
Which two components should you recommend for the on-premises network? Each correct answer presents part of the solution.
NOTE Each correct selection is worth one point.
Question 162
You have an Azure subscription.
You plan to implement Azure Synapse Analytics SQL dedicated pools and SQL serverless pools.
You need to recommend a solution to provide additional encryption-at-rest security for each type of pool. The solution must use customer-managed keys, whenever possible.
What should you recommend for each pool type? To answer, drag the appropriate recommendations to the correct pool types. Each recommendation may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You plan to implement Azure Synapse Analytics SQL dedicated pools and SQL serverless pools.
You need to recommend a solution to provide additional encryption-at-rest security for each type of pool. The solution must use customer-managed keys, whenever possible.
What should you recommend for each pool type? To answer, drag the appropriate recommendations to the correct pool types. Each recommendation may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Question 163
Your company finalizes the adoption of Azure and is implementing Microsoft Defender for Cloud.
You receive the following recommendations in Defender for Cloud
* Access to storage accounts with firewall and virtual network configurations should be restricted,
* Storage accounts should restrict network access using virtual network rules.
* Storage account should use a private link connection.
* Storage account public access should be disallowed.
You need to recommend a service to mitigate identified risks that relate to the recommendations. What should you recommend?
You receive the following recommendations in Defender for Cloud
* Access to storage accounts with firewall and virtual network configurations should be restricted,
* Storage accounts should restrict network access using virtual network rules.
* Storage account should use a private link connection.
* Storage account public access should be disallowed.
You need to recommend a service to mitigate identified risks that relate to the recommendations. What should you recommend?
Question 164
You have a Microsoft 365 tenant.
You need to recommend a Microsoft 365 Defender solution to enhance security for the tenant. The solution must meet the following requirements:
* Identify users that are downloading an unusually high number of files from Microsoft SharePoint Online sites and are possibly involved in a data exfiltration attempt.
* Block Microsoft Teams messages that contain potentially malicious content by using zero-hour auto purge (ZAP).
What should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to recommend a Microsoft 365 Defender solution to enhance security for the tenant. The solution must meet the following requirements:
* Identify users that are downloading an unusually high number of files from Microsoft SharePoint Online sites and are possibly involved in a data exfiltration attempt.
* Block Microsoft Teams messages that contain potentially malicious content by using zero-hour auto purge (ZAP).
What should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 165
Hotspot Question
You have an Azure subscription that contains Azure App Service apps. The apps have the following characteristics:
- The apps are deployed by using continuous integration and continuous
deployment (CI/CD) pipelines in Azure DevOps.
- The apps are deployed to a test environment first, and then to a
production environment.
- The source code for the apps is stored in Azure Repos.
You plan to implement DevSecOps controls based on the Microsoft Cloud Adoption Framework for Azure.
You need to recommend testing controls to meet the following requirements:
- All the source code must be tested for security vulnerabilities in
Azure Repos before deploying the apps.
- Once the apps are deployed to the test environment, they must be
tested for security vulnerabilities.
Which testing method should you recommend for each stage? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
You have an Azure subscription that contains Azure App Service apps. The apps have the following characteristics:
- The apps are deployed by using continuous integration and continuous
deployment (CI/CD) pipelines in Azure DevOps.
- The apps are deployed to a test environment first, and then to a
production environment.
- The source code for the apps is stored in Azure Repos.
You plan to implement DevSecOps controls based on the Microsoft Cloud Adoption Framework for Azure.
You need to recommend testing controls to meet the following requirements:
- All the source code must be tested for security vulnerabilities in
Azure Repos before deploying the apps.
- Once the apps are deployed to the test environment, they must be
tested for security vulnerabilities.
Which testing method should you recommend for each stage? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
Premium Bundle
Newest SC-100 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing SC-100 Exam! BraindumpsPass.com now offer the updated SC-100 exam dumps, the BraindumpsPass.com SC-100 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com SC-100 pdf dumps with Exam Engine here: