Back to Microsoft Cybersecurity Architect questions

Scenario-based practice

Select Two (Multi-Select) Questions

Practise Microsoft Cybersecurity Architect practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
SC-100
exam code
Microsoft
vendor

Scenario guide

How to approach select two (multi-select) questions

Multi-select questions tell you to 'Choose TWO' or 'Choose THREE'. Getting partial credit is not a thing — you must select all correct answers with no incorrect ones. The stem always states how many to choose, so trust it. These questions require precision, not best-guess elimination.

Quick answer

Select Two (Multi-Select) Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related SC-100 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Design solutions that align with security best practices and priorities practice questions

Practise SC-100 questions linked to Design solutions that align with security best practices and priorities.

Design security operations, identity, and compliance capabilities practice questions

Practise SC-100 questions linked to Design security operations, identity, and compliance capabilities.

Design security solutions for infrastructure practice questions

Practise SC-100 questions linked to Design security solutions for infrastructure.

Design a Zero Trust strategy and architecture practice questions

Practise SC-100 questions linked to Design a Zero Trust strategy and architecture.

Design security solutions for applications and data practice questions

Practise SC-100 questions linked to Design security solutions for applications and data.

Evaluate GRC and security operations strategies practice questions

Practise SC-100 questions linked to Evaluate GRC and security operations strategies.

Design security for infrastructure practice questions

Practise SC-100 questions linked to Design security for infrastructure.

Design a strategy for data and applications practice questions

Practise SC-100 questions linked to Design a strategy for data and applications.

Recommend security best practices and priorities practice questions

Practise SC-100 questions linked to Recommend security best practices and priorities.

SC-100 fundamentals practice questions

Practise SC-100 questions linked to SC-100 fundamentals.

SC-100 scenario practice questions

Practise SC-100 questions linked to SC-100 scenario.

SC-100 troubleshooting practice questions

Practise SC-100 questions linked to SC-100 troubleshooting.

Practice set

Practice scenarios

Question 1mediummulti select
Full question →

A company is implementing a Zero Trust identity strategy. They want to ensure that only compliant and managed devices can access corporate resources. Which THREE components should they include in their solution? (Choose three.)

Question 2hardmulti select
Full question →

A company is designing a Zero Trust security posture for their Azure environment. They need to assess and improve their security posture. Which TWO actions should they take? (Choose two.)

Question 3mediummulti select
Full question →

A large enterprise is implementing Microsoft Defender for Cloud to improve their security posture. Which TWO actions should they take to prioritize and remediate security recommendations effectively? (Choose two.)

Question 4hardmulti select
Full question →

A company has a Microsoft Sentinel workspace that ingests data from multiple sources. The SOC team wants to improve the efficiency of investigating incidents by using UEBA capabilities. Which two actions should the team take to enable and configure UEBA in Sentinel?

Question 5easymulti select
Read the full VPN explanation →

A company stores sensitive data in Azure Blob Storage. They want to prevent data exfiltration by blocking public access and restricting network access to only their on-premises data center via VPN. Which two features should they use?

Question 6mediummulti select
Full question →

A company uses Microsoft Defender for Cloud to assess compliance with Azure Security Benchmark (ASB). The security team wants to ensure that all recommendations are being followed. Which three actions should the team take to manage and remediate recommendations effectively?

Question 7mediummulti select
Full question →

Which TWO actions should you take to secure an Azure Kubernetes Service (AKS) cluster?

Question 8hardmulti select
Read the full VPN explanation →

Which THREE components are required to implement a secure hybrid network with Azure using a site-to-site VPN?

Question 9mediummulti select
Full question →

A company uses Azure Storage for sensitive data. They need to ensure that data is encrypted at rest and that encryption keys are managed by the customer (Customer-Managed Keys). Which THREE actions are required?

Question 10hardmulti select
Full question →

A company is designing a data classification strategy for their Azure environment. They need to identify sensitive data stored in Azure SQL Database. Which TWO solutions should they consider?

Question 11easymulti select
Full question →

A company is designing a secure DevOps pipeline for deploying Azure App Service applications. They need to ensure that secrets are not exposed in source code. Which TWO practices should they implement?

Question 12mediummulti select
Full question →

Which TWO of the following are best practices for securing Azure Kubernetes Service (AKS)?

Question 13mediummulti select
Full question →

Which THREE of the following are key components of a defense-in-depth strategy?

Question 14easymulti select
Full question →

A company wants to improve their security posture by using Microsoft Defender for Cloud. Which TWO of the following are features of Defender for Cloud that help with governance and compliance?

Question 15mediummulti select
Full question →

A company uses Microsoft Sentinel for threat detection. They want to use User and Entity Behavior Analytics (UEBA) to detect anomalies. Which THREE of the following are key components of UEBA in Sentinel?

Question 16mediummulti select
Full question →

A company is designing a security operations center (SOC) using Microsoft Sentinel. Which TWO of the following are best practices for managing incident response in Sentinel?

Question 17hardmulti select
Full question →

A company is implementing a Zero Trust security model using Microsoft 365 Defender. Which THREE of the following are key principles they should follow?

Question 18hardmulti select
Full question →

Which THREE of the following are best practices for securing Azure Kubernetes Service (AKS)?

Question 19hardmulti select
Full question →

Which TWO of the following are true about Azure Policy initiatives?

Question 20easymulti select
Full question →

Which TWO of the following are valid methods to secure traffic between on-premises and Azure?

These SC-100 practice questions are part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style SC-100 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.