최신 SC-100 무료덤프 - Microsoft Cybersecurity Architect
Your company is developing a new Azure App Service web app. You are providing design assistance to verify the security of the web app.
You need to recommend a solution to test the web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection. What should you include in the recommendation?
You need to recommend a solution to test the web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection. What should you include in the recommendation?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Your company plans to apply the Zero Trust Rapid Modernization Plan (RaMP) to its IT environment.
You need to recommend the top three modernization areas to prioritize as part of the plan.
Which three areas should you recommend based on RaMP? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You need to recommend the top three modernization areas to prioritize as part of the plan.
Which three areas should you recommend based on RaMP? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
정답: A,C,E
Your company has Microsoft 365 E5 licenses and Azure subscriptions.
The company plans to automatically label sensitive data stored in the following locations:
* Microsoft SharePoint Online
* Microsoft Exchange Online
* Microsoft Teams
You need to recommend a strategy to identify and protect sensitive data.
Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
The company plans to automatically label sensitive data stored in the following locations:
* Microsoft SharePoint Online
* Microsoft Exchange Online
* Microsoft Teams
You need to recommend a strategy to identify and protect sensitive data.
Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1: Groups and sites
Box 2: Groups and sites
Box 3: Files and emails -
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide Go to label scopes
Your company is migrating data to Azure. The data contains Personally Identifiable Information (Pll). The company plans to use Microsoft Information Protection for the Pll data store in Azure. You need to recommend a solution to discover Pll data at risk in the Azure resources.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
정답:
Explanation:
Graphical user interface, text, application Description automatically generated
Prioritize security actions by data sensitivity, https://docs.microsoft.com/en-us/azure/defender-for-cloud
/information-protection. As to Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics (Azure resources as well): https://docs.microsoft.com/en-us/azure/azure-sql/database/data-discovery-and- classification-overview?view=azuresql
You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1.
You plan to migrate DB1 to Azure.
You need to recommend an encrypted Azure database solution that meets the following requirements:
* Minimizes the risks of malware that uses elevated privileges to access sensitive data
* Prevents database administrators from accessing sensitive data
* Enables pattern matching for server-side database operations
* Supports Microsoft Azure Attestation
* Uses hardware-based encryption
What should you include in the recommendation?
You plan to migrate DB1 to Azure.
You need to recommend an encrypted Azure database solution that meets the following requirements:
* Minimizes the risks of malware that uses elevated privileges to access sensitive data
* Prevents database administrators from accessing sensitive data
* Enables pattern matching for server-side database operations
* Supports Microsoft Azure Attestation
* Uses hardware-based encryption
What should you include in the recommendation?
정답: C
Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.
You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.
Solution: You recommend implementing Azure Key Vault to store credentials.
You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.
Solution: You recommend implementing Azure Key Vault to store credentials.
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure subscription that is used as an Azure landing zone for an application. You need to evaluate the security posture of all the workloads in the landing zone. What should you do first?
정답: D
A customer has a Microsoft 365 E5 subscription and an Azure subscription.
The customer wants to centrally manage security incidents, analyze log, audit activity, and search for potential threats across all deployed services.
You need to recommend a solution for the customer. The solution must minimize costs.
What should you include in the recommendation?
The customer wants to centrally manage security incidents, analyze log, audit activity, and search for potential threats across all deployed services.
You need to recommend a solution for the customer. The solution must minimize costs.
What should you include in the recommendation?
정답: C
You have a Microsoft 365 tenant.
Your company uses a third-party software as a service (SaaS) app named App1 that is integrated with an Azure AD tenant. You need to design a security strategy to meet the following requirements:
* Users must be able to request access to App1 by using a self-service request.
* When users request access to App1, they must be prompted to provide additional information about their request.
* Every three months, managers must verify that the users still require access to Appl.
What should you include in the design?
Your company uses a third-party software as a service (SaaS) app named App1 that is integrated with an Azure AD tenant. You need to design a security strategy to meet the following requirements:
* Users must be able to request access to App1 by using a self-service request.
* When users request access to App1, they must be prompted to provide additional information about their request.
* Every three months, managers must verify that the users still require access to Appl.
What should you include in the design?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You plan to deploy a dynamically scaling, Linux-based Azure Virtual Machine Scale Set that will host jump servers. The jump servers will be used by support staff who connect from personal and kiosk devices via the internet. The subnet of the jump servers will be associated to a network security group (NSG).
You need to design an access solution for the Azure Virtual Machine Scale Set. The solution must meet the following requirements:
* Ensure that each time the support staff connects to a jump server; they must request access to the server.
* Ensure that only authorized support staff can initiate SSH connections to the jump servers.
* Maximize protection against brute-force attacks from internal networks and the internet.
* Ensure that users can only connect to the jump servers from the internet.
* Minimize administrative effort.
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.
You need to design an access solution for the Azure Virtual Machine Scale Set. The solution must meet the following requirements:
* Ensure that each time the support staff connects to a jump server; they must request access to the server.
* Ensure that only authorized support staff can initiate SSH connections to the jump servers.
* Maximize protection against brute-force attacks from internal networks and the internet.
* Ensure that users can only connect to the jump servers from the internet.
* Minimize administrative effort.
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE:
Each correct selection is worth one point.
정답:
Explanation:
