🛡️

SC-900 Exam Questions and Explanations

Jul 11, 2024

View transcript

SC-900 Exam Questions and Explanations

Introduction

  • Exam: Microsoft Security Compliance and Identity Fundamentals Exam (SC-900)
  • Content: 140 real exam questions with answers and explanations
  • PDF Availability: Can be downloaded from shapingpixel.com
  • Subscription Reminder: Subscribe to the YouTube channel if not already subscribed

Key Topics Covered

Azure Active Directory (AAD)

  1. All AAD license editions include the same features: False
  2. Managing an Azure AD tenant using the Azure portal: True
  3. Deploying Azure virtual machines to host an AD tenant: False
  • Editions of AAD: Free, Office 365 Apps, Premium P1, Premium P2
  • Full explanation on Azure AD features and licensing

Microsoft Cloud Adoption Framework

  • **Best practices from Microsoft employees, partners, and customers
  • **Tools and guidance for Azure deployment included.
  • Correct answer: Microsoft Cloud Adoption Framework

e-Discovery

  • Identifies, holds, and exports electronic information for investigations.
  • Microsoft Purview tools for content search and export.
  • Correct answer: e-Discovery (e-Discovery in Microsoft Purview)**

Microsoft Endpoint Manager

  • Management of Microsoft Intune.
  • Includes configuration of manager, desktop analytics, co-management, and Windows Autopilot.
  • Correct answer: Microsoft Endpoint Manager Admin Center

Federation

  • Used to establish trust relationships between organizations.
  • Correct answer: Trust relationship

Secure Score in Microsoft Defender

  • Statements about increasing Secure Score with updates, MFA, and multi-subscription evaluation.
  • All statements given are true.

Compliance Score

  • Measures progression in reducing data protection risks.
  • Correct answer: Compliance Score

Integration with Azure Sentinel

  • Real-time integration between Azure Sentinel and other security sources using a connector.
  • Correct answer: Connector

Microsoft Service Trust Portal

  • Information about regulatory compliance of Microsoft Cloud Services.
  • Correct answer: Microsoft Service Trust Portal

Shared Responsibility Model in Azure

  • Microsoft's responsibility: Management of physical hardware.
  • Correct answer: Management of physical hardware.

Zero Trust Security Model

  • Principles: Verify explicitly, least privileged access, assume breach.
  • Correct answers: True for explicit verification and assume breach; false for internal network firewall.

Microsoft Privacy Principles

  • Key principles: Control, Transparency, Security, Legal protections, No content-based targeting, Benefits to you.
  • Control and Transparency are true statements; Shared Responsibility is not a key privacy principle.

File Encryption

  • Encrypting files to make them readable only with the appropriate key.
  • Correct answer: Encrypting

Digital Signature

  • Verifying a digitally signed document requires a public key, not the private key.
  • Correct answers: True for the first two statements; false for the third statement.

Authentication and Authorization

  • User authentication before authorization.
  • Correct answer for authenticating users signing into the Azure portal: Authentication
  • Correct answer for process of identifying access to resource: Authorization

Azure AD Business to Business (B2B)

  • Collaboration with external users and guest access management.
  • Correct answer: Azure AD B2B

Cloud Adoption Framework Phases

  • Phases before 'Ready': Plan and Define Strategy
  • Correct answers: Plan and Define Strategy

Hybrid Identity

  • Syncing identities with Azure AD Connect, requiring only one Microsoft 365 tenant, and synchronizing AD DS with AAD.
  • Correct answers: True for statements regarding hybrid identity and AD synchronization.

Azure Defender and Security Baseline

  • Real-time integration, security benchmarks, and use cases for encryption and secure authentication practices.
  • Correct answers span across Microsoft's security principles and configurations.

Advanced Security Measures

  • Using multi-factor authentication, conditional access, information barriers, and automatic security detections/remediation.
  • Variety of scenarios answered including device compliance, guest user policies, and application-specific security measures.

Microsoft Security Tools and Recommendations

  • Defender for Cloud, Endpoint, Office 365, and Identity tools used for managing and detecting threats, vulnerabilities, and ensuring secure environments.
  • Security and compliance tools and policy recommendations spanning Microsoft's various platforms and encouraged practices.

Azure Networking Services

  • Firewall, Bastion, and Network Security Groups usage for secure connectivity and traffic filtering.
  • Expansion on various networking features and protective measures.

Security Information and Event Management (SIEM)

  • Azure Sentinel used for alert detection, threat visibility, proactive hunting, and response.
  • Included integrated tools for efficient security.

Conclusion

  • Comprehensive question and answer explanations to prepare for the SC-900 exam.
  • Encouragement to review explanations and understand the application of Microsoft security principles and practices.

Full transcript