Back to Microsoft Cybersecurity Architect

Microsoft exam questions

Microsoft Cybersecurity Architect SC-100 practice test

Practise questions on cloud computing concepts covering service models, deployment types, and essential characteristics for the SC-100 exam.

969
practice questions
9
topics covered
SC-100
exam code
Microsoft
vendor

Study modes

Three ways to study

Start with the Study Sheet to learn the material, switch to Practice Tests for active recall, then take a Mock Exam to simulate the real thing.

Study Sheet

All 969 questions with correct answers and explanations already visible. Read at your own pace — no time pressure.

Start reading →

Practice Test

Answer first, then see feedback and explanation. Tracks your score per session. Best for active recall and identifying weak areas.

Mock Exam

Full timed simulation with countdown. Answers hidden until the end. Includes all question types just like the real exam.

Start mock exam →

Study Sheet

All 969 SC-100 questions with answers

Every question in the bank, paginated 75 per page. Correct answers and full explanations are revealed upfront — ideal for first-pass learning and pre-exam review.

13 pages · 75 questions per page · 969 total

Related practice questions

Study SC-100 by topic

Topic pages go deep on individual concepts — each one covers a specific exam topic with questions, explanations, and study notes.

Design solutions that align with security best practices and priorities practice questions

Practise SC-100 questions linked to Design solutions that align with security best practices and priorities.

Design security operations, identity, and compliance capabilities practice questions

Practise SC-100 questions linked to Design security operations, identity, and compliance capabilities.

Design security solutions for infrastructure practice questions

Practise SC-100 questions linked to Design security solutions for infrastructure.

Design a Zero Trust strategy and architecture practice questions

Practise SC-100 questions linked to Design a Zero Trust strategy and architecture.

Design security solutions for applications and data practice questions

Practise SC-100 questions linked to Design security solutions for applications and data.

Evaluate GRC and security operations strategies practice questions

Practise SC-100 questions linked to Evaluate GRC and security operations strategies.

Design security for infrastructure practice questions

Practise SC-100 questions linked to Design security for infrastructure.

Design a strategy for data and applications practice questions

Practise SC-100 questions linked to Design a strategy for data and applications.

Recommend security best practices and priorities practice questions

Practise SC-100 questions linked to Recommend security best practices and priorities.

SC-100 fundamentals practice questions

Practise SC-100 questions linked to SC-100 fundamentals.

SC-100 scenario practice questions

Practise SC-100 questions linked to SC-100 scenario.

SC-100 troubleshooting practice questions

Practise SC-100 questions linked to SC-100 troubleshooting.

Courseiva uses original exam-style practice questions created for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps. Learn the difference →

Sample questions

Microsoft Cybersecurity Architect practice questions

Start practice test

Refer to the exhibit. You are reviewing a Conditional Access policy in Azure AD. The policy requires MFA and a compliant device for all users and all cloud apps. Some users report that they are able to access apps without being prompted for MFA even though their devices are compliant. What is the most likely reason?

Exhibit

{
  "policy": {
    "tenantId": "contoso.onmicrosoft.com",
    "displayName": "Require MFA for all users",
    "state": "enabled",
    "conditions": {
      "applications": {
        "includeApplications": ["All"]
      },
      "users": {
        "includeUsers": ["All"]
      }
    },
    "grantControls": {
      "builtInControls": ["mfa", "compliantDevice"]
    }
  }
}

A company, Fabrikam, has a hybrid identity environment with on-premises Active Directory synchronized to Azure AD using Azure AD Connect. They have implemented a Zero Trust strategy that includes requiring multi-factor authentication (MFA) for all users accessing cloud applications. They use Conditional Access policies to enforce MFA. Recently, they noticed that users who authenticate from the on-premises network are not being prompted for MFA when accessing cloud apps, even though the Conditional Access policy is configured to require MFA for all users. The network location is not excluded in the policy. The Conditional Access policy is enabled and in 'Enforce' mode. The users' devices are not domain-joined. What is the most likely reason for this behavior?

A company is deploying Microsoft Defender for Cloud to secure their hybrid cloud environment. They need to ensure that regulatory compliance with PCI DSS is continuously monitored and reported. Which solution should they use to automatically assess and report compliance posture?

A company is planning their Zero Trust data protection strategy. They want to classify and protect sensitive data stored in SharePoint Online. Which Microsoft tool should they use?

An organization is implementing a Zero Trust identity strategy. They have a mix of on-premises Active Directory and Azure AD. They want to enforce conditional access policies that require device compliance for accessing sensitive apps. However, some users report that their devices are not being evaluated for compliance even though they are enrolled in Microsoft Intune. What should the organization check first?

A company is implementing a Zero Trust identity strategy. They want to ensure that only compliant and managed devices can access corporate resources. Which THREE components should they include in their solution? (Choose three.)

A company is implementing a Zero Trust network strategy using Azure Virtual Network Manager (AVNM). They need to ensure that all traffic between virtual networks is encrypted and inspected by a firewall. Which configuration should they use?

A company is designing a Zero Trust security posture for their Azure environment. They need to assess and improve their security posture. Which TWO actions should they take? (Choose two.)

A large enterprise is implementing Microsoft Defender for Cloud to improve their security posture. Which TWO actions should they take to prioritize and remediate security recommendations effectively? (Choose two.)

An organization is planning to use Microsoft Defender for Cloud's regulatory compliance dashboard to track adherence to PCI DSS. The security team wants to ensure that all Azure resources are covered by the compliance assessment. What is the first step?

A company has a Microsoft Sentinel workspace that ingests data from multiple sources. The SOC team wants to improve the efficiency of investigating incidents by using UEBA capabilities. Which two actions should the team take to enable and configure UEBA in Sentinel?

A company uses Azure Policy to audit storage accounts for secure transfer (HTTPS) enforcement. The policy is set to 'AuditIfNotExists' but compliance shows 0% non-compliant storage accounts even though some accounts have secure transfer disabled. What is the most likely cause?

Question 13easymulti select
Read the full VPN explanation →

A company stores sensitive data in Azure Blob Storage. They want to prevent data exfiltration by blocking public access and restricting network access to only their on-premises data center via VPN. Which two features should they use?

A company is designing a defense-in-depth strategy for their Azure environment. They want to ensure that if a virtual machine is compromised, the attacker cannot move laterally to other VMs in the same virtual network. Which security control should they prioritize?

Question 15mediummultiple choice
Study the full multicast explanation →

You are designing a security strategy for a hybrid identity infrastructure that uses Microsoft Entra ID. The company requires that all administrative access to on-premises servers be secured using least-privilege principles and just-in-time (JIT) access. You plan to implement Microsoft Entra Privileged Identity Management (PIM) for Azure resources, but on-premises servers are not Azure resources. Which solution should you use to provide JIT access to on-premises servers?

Question 16hardmultiple choice
Read the full Ansible explanation →

A global organization uses Microsoft Sentinel for SIEM and Microsoft Defender for Cloud for cloud security posture management. The security team notices that critical alerts from Azure Active Directory Identity Protection are not triggering automated response playbooks in Sentinel. The team needs to ensure that all high-severity Identity Protection risk detections automatically create incidents in Sentinel and trigger a playbook to block the user. What should the team configure?

A company is designing a security operations strategy using Microsoft Sentinel. They want to prioritize triage of incidents that involve critical assets. The SOC manager suggests using the entity behavior analytics feature. Which capability of entity behavior analytics helps achieve this goal?

A SOC team uses Microsoft Sentinel for incident management. They need to ensure that when a high-severity incident is created, a Teams message is sent to the security team and an email is sent to the IT manager. What is the most efficient way to achieve this?

A company has a hybrid identity infrastructure with on-premises Active Directory synchronized to Azure AD using Azure AD Connect. The security team wants to use Microsoft Defender for Identity (MDI) to detect on-premises attacks. They have installed the MDI sensor on all domain controllers. However, they notice that some alerts are missing. What is the most likely cause?

A company uses Azure Front Door to load balance traffic across two origin servers in different Azure regions. They notice that failover is not working when one origin becomes unhealthy. What is the most likely cause?

A company uses Microsoft Defender for Cloud to assess compliance with Azure Security Benchmark (ASB). The security team wants to ensure that all recommendations are being followed. Which three actions should the team take to manage and remediate recommendations effectively?

Order the steps to configure Azure Policy to enforce tagging on resources.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

A company uses Azure Firewall to inspect outbound traffic from a hub virtual network. They need to ensure that traffic from a spoke virtual network to a specific SaaS application (api.contoso.com) bypasses the firewall for performance reasons. What is the most efficient way to achieve this?

A company deploys Azure Bastion in a VNet. They want to allow a security engineer to connect to a Windows VM in a peered VNet using Azure Bastion. The engineer can see the VM in the portal but cannot connect. Which configuration is most likely missing?

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

Exam question guide

How to use these SC-100 questions

Use these questions as active recall, not passive reading. Try the question first, review the answer choices, then open the explanation and connect the result back to the exam topic.

Quick answer

Tests understanding of cloud service models, deployment types, and characteristics like scalability and elasticity.

IaaS, PaaS, SaaS service model definitions and use cases

Public, private, hybrid cloud deployment distinctions

Key cloud characteristics: on-demand, broad network access

Metered usage and resource pooling concepts

These SC-100 practice questions are part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style SC-100 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.