SC-900 Describe the concepts of security, compliance, and identity • Complete Question Bank
Complete SC-900 Describe the concepts of security, compliance, and identity question bank — all 0 questions with answers and detailed explanations.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Detect and remediate identity-based risks
Discover and control cloud app usage
Classify and protect sensitive data
Protect devices from threats
Shadow IT discovery and threat protection
Drag a concept onto its matching description — or click a concept then click the description.
Prevent accidental sharing of sensitive info
Record user and admin activity
Keep or delete data for a specified time
Classify and protect content
Track compliance posture and recommendations
Drag a concept onto its matching description — or click a concept then click the description.
Enforce organizational standards and assess compliance
Define repeatable Azure resources and policies
Unified security management and threat protection
Cloud-native SIEM and SOAR solution
Securely store and manage secrets and keys
Refer to the exhibit.
```json
{
"properties": {
"displayName": "Block high-risk sign-ins",
"state": "enabled",
"conditions": {
"userRiskLevels": [],
"signInRiskLevels": ["high"]
},
"grantControls": {
"builtInControls": ["block"]
}
}
}
```Refer to the exhibit. ```kusto // KQL query in Microsoft Sentinel SecurityAlert | where TimeGenerated > ago(7d) | where AlertName has "MFA" | summarize Count = count() by AlertName, bin(TimeGenerated, 1d) | render timechart ```
Refer to the exhibit. ```powershell # PowerShell command to assign a sensitivity label Set-AIPFileLabel -Path "C:\Reports\FinancialReport.docx" -LabelID "e6c3f7b0-1a2b-4c5d-9e8f-0a1b2c3d4e5f" -Justification "Policy update" ```
{
"ConditionalAccessPolicy": {
"Name": "Require MFA for External Users",
"Conditions": {
"UsersAndGroups": {
"IncludeExternalUsers": true
},
"Applications": {
"IncludeAll": true
}
},
"Controls": {
"Grant": {
"RequireMfa": true
}
}
}
}{
"SensitivityLabel": {
"Name": "Confidential",
"Protection": {
"Encryption": {
"Enabled": true,
"ProtectionType": "UserDefined",
"UserPermissions": [
{
"User": "user@contoso.com",
"Rights": ["View", "Edit"]
}
]
}
},
"AutoLabeling": {
"Rule": {
"Condition": {
"ContainsSensitiveInformation": ["Credit Card Number"]
}
}
}
}
}{
"DLPRule": {
"Name": "Block Credit Card Sharing",
"Condition": {
"SensitiveInformation": ["Credit Card Number"]
},
"Action": {
"BlockAccess": true,
"NotifyUser": {
"EmailText": "Sharing credit card data is blocked."
}
}
}
}Refer to the exhibit.
```json
{
"properties": {
"contentType": {
"id": "0x010100B0C6F9B7D9F14F4A9A3B0C6F9B7D9F14"
},
"title": "Confidential Document",
"labels": [
{
"name": "Confidential",
"action": "encrypt",
"protection": {
"type": "user",
"value": "finance@contoso.com"
}
}
]
}
}
```Refer to the exhibit. ```kusto SigninLogs | where TimeGenerated > ago(1d) | where UserPrincipalName == "user@contoso.com" | summarize signinCount = count() by IPAddress | where signinCount > 10 ```
Refer to the exhibit.
```powershell
Get-AzureADPolicy | Where-Object {$_.Type -eq "TokenLifetimePolicy"}
```{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Authorization/policyAssignments",
"apiVersion": "2021-06-01",
"name": "audit-sql-encryption",
"properties": {
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86a912f6-9a06-4e26-b447-11b16ba8659f",
"parameters": {
"effect": {
"value": "AuditIfNotExists"
}
}
}
}
]
}{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/12345/resourcegroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {}
}
}
}{
"command": "Get-MgUser -Filter "startsWith(userPrincipalName,'j')" | Select-Object Id, UserPrincipalName, DisplayName"
}{
"query": "SigninLogs | where TimeGenerated > ago(1d) | where ResultType == 50057 | project UserPrincipalName, IPAddress, TimeGenerated"
}Refer to the exhibit.
{
"properties": {
"displayName": "MFA for Admins",
"state": "enabled",
"conditions": {
"applications": {
"includeApplications": ["All"]
},
"users": {
"includeRoles": ["Global Administrator", "Exchange Administrator"]
},
"locations": {
"includeLocations": ["All"]
}
},
"grantControls": {
"builtInControls": ["mfa"]
}
}
}