Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsSC-100DomainsDesign a strategy for data and applications
SC-100Free — No Signup

Design a strategy for data and applications

Practice SC-100 Design a strategy for data and applications questions with full explanations on every answer.

22questions

Start practicing

Design a strategy for data and applications — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

SC-100 Domains

Design solutions that align with security best practices and prioritiesDesign security operations, identity, and compliance capabilitiesDesign security solutions for infrastructureDesign a Zero Trust strategy and architectureDesign security solutions for applications and dataEvaluate GRC and security operations strategiesDesign security for infrastructureDesign a strategy for data and applicationsRecommend security best practices and priorities

Practice Design a strategy for data and applications questions

10Q20Q30Q50Q

All SC-100 Design a strategy for data and applications questions (22)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A company is designing a data protection strategy for Azure SQL Database. They need to ensure that backups are retained for 7 years to meet regulatory compliance. Which Azure feature should they use?

2

A company deploys Azure App Service with a custom domain and SSL certificate. They want to enforce HTTPS only. Which configuration setting should they enable?

3

A company uses Azure Policy to audit storage accounts for secure transfer (HTTPS) enforcement. The policy is set to 'AuditIfNotExists' but compliance shows 0% non-compliant storage accounts even though some accounts have secure transfer disabled. What is the most likely cause?

4

A company is designing a microservices architecture on Azure Kubernetes Service (AKS). They need to secure communication between services using mutual TLS (mTLS). Which solution should they implement?

5

A company stores sensitive data in Azure Blob Storage. They want to prevent data exfiltration by blocking public access and restricting network access to only their on-premises data center via VPN. Which two features should they use?

6

A company uses Azure Key Vault to store secrets for their applications. They want to ensure that secrets can be automatically rotated when they are close to expiration. Which solution should they implement?

7

A company is migrating on-premises applications to Azure. They need to ensure that applications can use their existing Active Directory credentials for authentication. Which Azure service should they use?

8

A company wants to protect their Azure App Service web application from common web vulnerabilities like SQL injection and XSS. Which Azure service should they enable?

9

A company is designing a data classification strategy for their Azure environment. They need to identify sensitive data stored in Azure SQL Database. Which TWO solutions should they consider?

10

A company uses Azure Storage for sensitive data. They need to ensure that data is encrypted at rest and that encryption keys are managed by the customer (Customer-Managed Keys). Which THREE actions are required?

11

A company is designing a secure DevOps pipeline for deploying Azure App Service applications. They need to ensure that secrets are not exposed in source code. Which TWO practices should they implement?

12

You are the security architect for Contoso Ltd., a company that runs a critical e-commerce application on Azure Kubernetes Service (AKS). The application consists of multiple microservices that communicate over HTTP. The application uses Azure SQL Database for transactional data and Azure Redis Cache for session state. Recently, a security audit revealed that several microservices are vulnerable to SQL injection attacks because they construct SQL queries by concatenating user input. Additionally, the Redis cache is exposed to the internet with no firewall rules, and the connection string is stored in plain text in the application configuration file. The development team is concerned about performance and wants to minimize changes to the codebase. You need to design a strategy to mitigate these vulnerabilities with minimal code changes. Which of the following is the best course of action?

13

A company uses Azure App Service to host a web application that stores sensitive data in Azure SQL Database. The security team requires that data at rest in the database be encrypted using a customer-managed key stored in Azure Key Vault. The key must be rotated automatically every 90 days. What is the recommended approach to meet these requirements?

14

A multinational corporation is designing a data classification strategy for Microsoft 365. They have the following requirements: (1) Documents containing financial data must be labeled as 'Confidential' automatically. (2) Labels must be applied based on content patterns, such as credit card numbers. (3) The solution must work across Exchange Online, SharePoint Online, and OneDrive for Business. Which two components are essential?

15

A security administrator applies the Azure Policy definition shown in the exhibit to a management group containing multiple subscriptions. After the policy is assigned, a development team reports they cannot create a new storage account in their subscription. What is the most likely cause?

16

A company is designing an application architecture using Azure Kubernetes Service (AKS) and Azure Cosmos DB. The application requires that secrets (database connection strings) be injected into pods securely without storing them in the container image. The solution must minimize management overhead. What is the recommended approach?

17

A company uses Azure SQL Database and needs to implement column-level encryption for a column containing social security numbers (SSNs). The encryption must use a customer-managed key stored in Azure Key Vault. The application queries this column using parameterized queries. Which technology should be used?

18

A company is planning to use Azure Logic Apps to integrate multiple SaaS applications. The workflow will process sensitive customer data and must comply with data residency requirements, ensuring that data does not leave a specific Azure region. The solution must minimize latency. What is the recommended deployment strategy?

19

Order the steps to respond to a Microsoft Defender for Cloud security alert.

20

Order the steps to perform a disaster recovery failover of an Azure VM to a secondary region using Azure Site Recovery.

21

Match each identity security concept to its definition.

22

Match each Zero Trust principle to its implementation in Azure.

Practice all 22 Design a strategy for data and applications questions

Other SC-100 exam domains

Design solutions that align with security best practices and prioritiesDesign security operations, identity, and compliance capabilitiesDesign security solutions for infrastructureDesign a Zero Trust strategy and architectureDesign security solutions for applications and dataEvaluate GRC and security operations strategiesDesign security for infrastructureRecommend security best practices and priorities

Frequently asked questions

What does the Design a strategy for data and applications domain cover on the SC-100 exam?

The Design a strategy for data and applications domain covers the key concepts tested in this area of the SC-100 exam blueprint published by Microsoft. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all SC-100 domains — no account required.

How many Design a strategy for data and applications questions are in the SC-100 question bank?

The Courseiva SC-100 question bank contains 22 questions in the Design a strategy for data and applications domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Design a strategy for data and applications for SC-100?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Design a strategy for data and applications questions for SC-100?

Yes — the session launcher on this page draws questions exclusively from the Design a strategy for data and applications domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your SC-100 domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide