Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsSC-100DomainsRecommend security best practices and priorities
SC-100Free — No Signup

Recommend security best practices and priorities

Practice SC-100 Recommend security best practices and priorities questions with full explanations on every answer.

24questions

Start practicing

Recommend security best practices and priorities — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

SC-100 Domains

Design solutions that align with security best practices and prioritiesDesign security operations, identity, and compliance capabilitiesDesign security solutions for infrastructureDesign a Zero Trust strategy and architectureDesign security solutions for applications and dataEvaluate GRC and security operations strategiesDesign security for infrastructureDesign a strategy for data and applicationsRecommend security best practices and priorities

Practice Recommend security best practices and priorities questions

10Q20Q30Q50Q

All SC-100 Recommend security best practices and priorities questions (24)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A company is designing a defense-in-depth strategy for their Azure environment. They want to ensure that if a virtual machine is compromised, the attacker cannot move laterally to other VMs in the same virtual network. Which security control should they prioritize?

2

A company uses Azure Policy to enforce compliance. They have a custom policy that denies creation of storage accounts without encryption enabled. A developer reports that they cannot create a storage account even though they specified encryption. What is the most likely cause?

3

A company is moving to a zero-trust security model. Which principle is most important for securing network traffic?

4

A company uses Azure Security Center and Azure Sentinel. They want to prioritize remediation of vulnerabilities based on risk. Which metric should they use to rank vulnerabilities?

5

A company is implementing a cloud security governance strategy. They need to ensure that all Azure resources are compliant with internal security policies before deployment. Which approach should they use?

6

A company wants to protect sensitive data in their Azure SQL Database from unauthorized access. Which feature should they enable?

7

A company is using Azure Active Directory (Azure AD) for identity management. They want to implement a policy that requires all users to use multi-factor authentication (MFA) when accessing Office 365 from outside the corporate network. Which conditional access policy setting should they configure?

8

A company is planning a migration to Azure and wants to ensure that their security operations center (SOC) has visibility into all Azure resources. They need to collect security logs from multiple subscriptions into a central workspace. Which Azure service should they use?

9

Which TWO of the following are best practices for securing Azure Kubernetes Service (AKS)?

10

Which THREE of the following are key components of a defense-in-depth strategy?

11

Which TWO of the following are true about Azure Policy initiatives?

12

Refer to the exhibit. A company creates this Azure Policy definition and assigns it to a subscription. A developer attempts to create a storage account with blob encryption enabled. The creation fails. What is the most likely reason?

13

Refer to the exhibit. The ContosoPlatform management group has an Azure Policy assignment that denies all deployments without encryption. The App1 subscription contains a storage account that was created without encryption. Why is the storage account still non-compliant?

14

You are the lead security architect for a multinational corporation that recently completed a merger. The new entity, Contoso Ltd., has a complex Azure environment with over 200 subscriptions spread across multiple management groups. The company's security team has identified several critical issues: (1) many subscriptions have Azure Security Center's Secure Score below 30%, (2) there are numerous unmanaged VMs with public IP addresses, (3) there is no centralized logging for security events, and (4) identity management is fragmented with multiple Azure AD tenants. The CEO mandates a 'zero-trust' security posture within 12 months. You have a limited budget and must prioritize the most impactful actions. Which course of action should you take first?

15

A company is deploying Microsoft Defender for Cloud to protect a multi-cloud environment that includes Azure and AWS. The security team wants to prioritize the highest-risk recommendations. Which feature should they use to identify and focus on the most critical security issues?

16

A financial services organization is designing a zero-trust architecture for its Azure environment. They need to ensure that all administrative access to critical systems uses just-in-time (JIT) access and that privileged role assignments are time-bound. Which combination of Microsoft security best practices should they implement?

17

A company uses Azure DevOps for CI/CD. The security team wants to ensure that secrets like API keys and connection strings are never stored in code repositories. Which best practice should they recommend?

18

A large enterprise is implementing Microsoft Defender for Cloud to improve their security posture. Which TWO actions should they take to prioritize and remediate security recommendations effectively? (Choose two.)

19

Refer to the exhibit. A security architect reviews the Azure AD Conditional Access policy JSON. The policy is intended to require MFA for all users accessing Azure management (Microsoft Azure Management app ID 797f4846-ba77-4853-9e6f-4433c3e1d1c5), except for the BreakGlassAdmin account and from trusted locations. However, some users report being prompted for MFA even when connecting from the corporate office (which is marked as a trusted location). What is the most likely cause?

20

You are the security architect for a multinational corporation that uses Azure Active Directory (Azure AD) and Microsoft 365. The company has recently experienced a security incident where a compromised user account was used to access sensitive data from a legacy application that does not support modern authentication. To mitigate this risk, you have been asked to recommend a set of security best practices and priorities. The environment includes 50,000 users, 200 applications (many legacy), and a hybrid identity setup with Active Directory Domain Services (AD DS) synchronized to Azure AD via Azure AD Connect. The security team wants to reduce the attack surface, enforce least privilege, and improve identity protection. Current issues include: (1) many users have standing admin privileges on workstations, (2) legacy apps use shared service accounts with weak passwords, (3) Conditional Access policies are not applied consistently, and (4) there is no process for reviewing privileged role assignments. Which course of action should you recommend as the highest priority?

21

Order the steps to configure Azure DDoS Protection Standard for a virtual network.

22

Order the steps to configure Azure Policy to enforce tagging on resources.

23

Match each compliance framework to its focus area.

24

Match each Azure policy effect to its behavior.

Practice all 24 Recommend security best practices and priorities questions

Other SC-100 exam domains

Design solutions that align with security best practices and prioritiesDesign security operations, identity, and compliance capabilitiesDesign security solutions for infrastructureDesign a Zero Trust strategy and architectureDesign security solutions for applications and dataEvaluate GRC and security operations strategiesDesign security for infrastructureDesign a strategy for data and applications

Frequently asked questions

What does the Recommend security best practices and priorities domain cover on the SC-100 exam?

The Recommend security best practices and priorities domain covers the key concepts tested in this area of the SC-100 exam blueprint published by Microsoft. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all SC-100 domains — no account required.

How many Recommend security best practices and priorities questions are in the SC-100 question bank?

The Courseiva SC-100 question bank contains 24 questions in the Recommend security best practices and priorities domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Recommend security best practices and priorities for SC-100?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Recommend security best practices and priorities questions for SC-100?

Yes — the session launcher on this page draws questions exclusively from the Recommend security best practices and priorities domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your SC-100 domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide