Back to Microsoft Security, Compliance, and Identity Fundamentals SC-900 questions

Scenario-based practice

Drag and Drop Matching Questions

Practise Microsoft Security, Compliance, and Identity Fundamentals SC-900 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
SC-900
exam code
Microsoft
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related SC-900 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each Microsoft identity service to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Cloud-based identity and access management

Directory service for Windows domain networks

Collaboration with external partners

Customer identity and access management for apps

Integration of on-premises AD with Azure AD

Question 2mediummatching
Full question →

Match each Microsoft 365 compliance feature to its function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Prevent accidental sharing of sensitive info

Record user and admin activity

Keep or delete data for a specified time

Classify and protect content

Track compliance posture and recommendations

Question 3mediummatching
Full question →

Match each compliance framework to its primary focus.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Data protection and privacy for EU citizens

Information security management system standard

Cybersecurity risk management framework

Healthcare data privacy and security in the US

Service organization controls for data security

Question 4mediummatching
Full question →

Match each Microsoft Defender product to its focus area.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Protect on-premises Active Directory

Secure email and collaboration tools

Protect cloud workloads and resources

Secure Internet of Things devices

SaaS application security

Question 5mediummatching
Full question →

Match each Microsoft security feature to its primary purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Detect and remediate identity-based risks

Discover and control cloud app usage

Classify and protect sensitive data

Protect devices from threats

Shadow IT discovery and threat protection

Question 6mediummatching
Full question →

Match each authentication method to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Sign in without a password using biometrics or FIDO2

Require two or more verification methods

One credential for multiple applications

Policy-based access controls based on signals

Biometric or PIN-based sign-in for Windows

Question 7mediummatching
Full question →

Match each Azure security service to its purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Enforce organizational standards and assess compliance

Define repeatable Azure resources and policies

Unified security management and threat protection

Cloud-native SIEM and SOAR solution

Securely store and manage secrets and keys

Question 8mediummatching
Full question →

Match each compliance term to its correct definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Where data is stored geographically

Data subject to laws of the country where it is stored

Process of identifying and delivering electronic information for legal cases

Preserve data for litigation purposes

Categorizing data based on sensitivity

Question 9mediummatching
Full question →

Match each security control type to its example.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Warning signs or security policies

Firewall rules blocking unauthorized access

Intrusion detection system alerts

Patching a vulnerability after discovery

Requiring strong passwords via policy

Question 10mediummatching
Full question →

Match each identity term to its correct meaning.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

An entity that can be authenticated

Proving you are who you claim to be

Determining what an authenticated user can do

Trust relationship between identity providers

Creating and managing user accounts and access

These SC-900 practice questions are part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style SC-900 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.