SC-100 Design solutions that align with security best practices and priorities • Set 10
SC-100 Design solutions that align with security best practices and priorities Practice Test 10 — 15 questions with explanations. Free, no signup.
You are a security architect for a large financial services company. The company has a hybrid identity environment with on-premises Active Directory synchronized to Microsoft Entra ID using Microsoft Entra Connect. They use Microsoft 365 E5 licenses and have deployed Microsoft Defender for Cloud, Microsoft Defender for Identity, Microsoft Sentinel, and Microsoft Purview. The company has recently suffered a ransomware attack where an attacker gained access via a compromised service account that had permanent Global Administrator privileges. The attacker then used the account to create a backdoor user and exfiltrate sensitive data from SharePoint Online. After the incident, the CISO mandates a Zero Trust security transformation with the following requirements: 1. Eliminate standing privileged access for all cloud admins. 2. Require phishing-resistant authentication for all privileged roles. 3. Ensure that all sensitive data in SharePoint Online is automatically classified and protected. 4. Enable detection of lateral movement using anomalous behavior analytics. Which combination of actions should you recommend?