Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SC900 > ITExams > Flashcards

ITExams Flashcards

1
Q

Which score measures an organization’s progress in completing actions that help reduce risks associated to data protection and regulatory standards?

A. Microsoft Secure Score
B. Productivity Score
C. Secure score in Azure Security Center
D. Compliance score
A

C. Secure score in Azure Security Center

Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager?view=o365-worldwide https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-score-calculation?view=o365-worldwide

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What do you use to provide real-time integration between Azure Sentinel and another security source?

A. Azure AD Connect
B. a Log Analytics workspace
C. Azure Information Protection
D. a connector
A

D. a connector

Explanation:
To on-board Azure Sentinel, you first need to connect to your security sources. Azure Sentinel comes with a number of connectors for Microsoft solutions, including Microsoft 365 Defender solutions, and Microsoft 365 sources, including Office 365, Azure AD, Microsoft Defender for Identity, and Microsoft Cloud App
Security, etc.
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which Microsoft portal provides information about how Microsoft cloud services comply with regulatory standard, such as International Organization for
Standardization (ISO)?

A. the Microsoft Endpoint Manager admin center
B. Azure Cost Management + Billing
C. Microsoft Service Trust Portal
D. the Azure Active Directory admin center
A

C. Microsoft Service Trust Portal

Explanation:
The Microsoft Service Trust Portal contains details about Microsoft’s implementation of controls and processes that protect our cloud services and the customer data therein.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-worldwide

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which three statements accurately describe the guiding principles of Zero Trust? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Define the perimeter by physical locations.
B. Use identity as the primary security boundary.
C. Always verify the permissions of a user explicitly.
D. Always assume that the user system can be breached.
E. Use the network as the primary security boundary.
A

B. Use identity as the primary security boundary.
C. Always verify the permissions of a user explicitly.
D. Always assume that the user system can be breached.

Explanation:
https://docs.microsoft.com/en-us/security/zero-trust/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What can you use to provide a user with a two-hour window to complete an administrative task in Azure?

A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
B. Azure Multi-Factor Authentication (MFA)
C. Azure Active Directory (Azure AD) Identity Protection
D. conditional access policies
A

D. conditional access policies

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In a hybrid identity model, what can you use to sync identities between Active Directory Domain Services (AD DS) and Azure Active Directory (Azure AD)?

A. Active Directory Federation Services (AD FS)
B. Microsoft Sentinel
C. Azure AD Connect
D. Azure AD Privileged Identity Management (PIM)
A

C. Azure AD Connect

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of Azure Active Directory (Azure AD) Password Protection?

A. to control how often users must change their passwords
B. to identify devices to which users can sign in without using multi-factor authentication (MFA)
C. to encrypt a password by using globally recognized encryption standards
D. to prevent users from using specific words in their passwords
A

D. to prevent users from using specific words in their passwords

Explanation:
Azure AD Password Protection detects and blocks known weak passwords and their variants, and can also block additional weak terms that are specific to your organization.
With Azure AD Password Protection, default global banned password lists are automatically applied to all users in an Azure AD tenant. To support your own business and security needs, you can define entries in a custom banned password list.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group?

A. access reviews
B. managed identities
C. conditional access policies
D. Azure AD Identity Protection
A

A. access reviews

Explanation:
Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

SC900 (27 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions