Microsoft sc-900 dumps are very suitable as a solution to pass Exam SC-900 “Microsoft Security Compliance and Identity Fundamentals”.
Because candidates understand that studying and practicing the test is the best way to actually pass the exam! Microsoft sc-900 dumps provide 191 practical exam questions to help you practice the test ahead of time, Can ensure that you successfully pass the Microsoft SC-900 exam.
Download Microsoft sc-900 dumps: https://www.leads4pass.com/sc-900.html, choose PDF or VCE to help you practice the latest exam questions.
Practice Microsoft sc-900 dumps exam questions online for free:
| From | Number of exam questions | Associated certification |
| Lead4Pass | 15/191 | Microsoft Fundamentals |
Question 1:
Which Azure Active Directory (Azure AD) feature can you use to evaluate group membership and automatically remove users that no longer require membership in a group?
A. access reviews
B. managed identities
C. conditional access policies
D. Azure AD Identity Protection
Correct Answer: A
Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
Question 2:
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview
Question 3:
HOTSPOT
Select the answer that correctly completes the sentence.
Hot Area:
Correct Answer:
Question 4:
You plan to move resources to the cloud.
You are evaluating the use of Infrastructure as a service (laaS), Platform as a service (PaaS), and Software as a service (SaaS) cloud models.
You plan to manage only the data, user accounts, and user devices for a cloud-based app.
Which cloud model will you use?
A. IaaS
B. SaaS
C. PaaS
Correct Answer: A
Question 5:
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Yes
Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs.
Box 2: No
Azure AD B2C is a separate service from Azure Active Directory (Azure AD). It is built on the same technology as Azure AD but for a different purpose. It allows businesses to build customer-facing applications, and then allow anyone to sign up into those applications with no restrictions on user accounts.
Box 3: Yes
Custom-branded identity solution
Azure AD B2C is a white-label authentication solution. You can customize the entire user experience with your brand so that it blends seamlessly with your web and mobile applications.
Customize every page displayed by Azure AD B2C when your users sign up, sign in, and modify their profile information. Customize the HTML, CSS, and JavaScript in your user journeys so that the Azure AD B2C experience looks and feels like it\’s a native part of your application.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/overview
Question 6:
What can you use to deploy Azure resources across multiple subscriptions in a consistent manner?
A. Microsoft Sentinel
B. Microsoft Defender for Cloud
C. Azure Policy
D. Azure Blueprints
Correct Answer: D
Question 7:
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Question 8:
HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point
Hot Area:
Correct Answer:
Box 1: Yes
From Microsoft Defender for Cloud, you can enable Microsoft Defender for Storage to get alerted about suspicious activities related to your storage resources.
Note: Microsoft Defender for Storage is an Azure-native layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit your storage accounts.
Defender for Storage continually analyzes the telemetry stream generated by the Azure Blob Storage and Azure Files services. When potentially malicious activities are detected, security alerts are generated.
These alerts are displayed in Microsoft Defender for Cloud, together with the details of the suspicious activity along with the relevant investigation steps, remediation actions, and security recommendations.
Box 2: No Box 3: Yes
Microsoft Defender for Cloud is a solution for cloud security posture management (CSPM) and cloud workload protection (CWP) that finds weak spots across your cloud configuration, helps strengthen the overall security posture of your environment, and can protect workloads across multi-cloud and hybrid environments from evolving threats.
Microsoft Defender for Servers is one of the plans provided by Microsoft Defender for Cloud\’s enhanced security features. Defender for Servers protects your Windows and Linux machines in Azure, AWS, GCP, and on-premises.
Reference: https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-servers-introduction
Question 9:
Which three authentication methods does Windows Hello for Business support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. fingerprint
B. facial recognition
C. PIN
D. email verification
E. security question
Correct Answer: ABC
Question 10:
Which type of identity is created when you register an application with Active Directory (Azure AD)?
A. a user account
B. a user-assigned managed identity
C. a system-assigned managed identity
D. a service principal
Correct Answer: D
When you register an application through the Azure portal, an application object and service principal is automatically created in your home directory or tenant.
Question 11:
What are the three uses of Microsoft Cloud App Security? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. to discover and control the use of shadow IT
B. to provide secure connections to Azure virtual machines
C. to protect sensitive information hosted anywhere in the cloud
D. to provide pass-through authentication to on-premises applications
E. to prevent data leaks to non-compliant apps and limit access to regulated data
Correct Answer: ACE
Reference: https://docs.microsoft.com/en-us/defender-cloud-apps/what-is-defender-for-cloud-apps
Question 12:
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Box 1: Yes
Azure AD supports custom roles.
Box 2: Yes
Global Administrator has access to all administrative features in Azure Active Directory.
Box 3: No
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/roles/concept-understand-roles
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
Question 13:
Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization?
A. sensitivity label policies
B. Customer Lockbox
C. information batteries
D. Privileged Access Management (PAM)
Correct Answer: C
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers
Question 14:
In a Core eDiscovery workflow, what should you do before you can search for content?
A. Create an eDiscovery hold.
B. Run Express Analysis.
C. Configure attorney-client privilege detection.
D. Export and download results.
Correct Answer: A
Question 15:
Which Microsoft 365 feature can you use to restrict communication and the sharing of information between members of two departments at your organization?
A. sensitivity label policies
B. Customer Lockbox
C. information Barriers
D. Privileged Access Management (PAM)
Correct Answer: C
…
Details of skills measured by the Microsoft sc-900 exam and recent changes:
- Describe the concepts of security, compliance, and identity (10–15%)
- Describe the capabilities of Microsoft Azure Active Directory, part of Microsoft Entra (25–30%)
- Describe the capabilities of Microsoft Security solutions (25–30%)
- Describe the capabilities of Microsoft compliance solutions (25–30%)
Want more valid exam questions after taking the Microsoft sc-900 online practice above? Download Microsoft sc-900 dumps: https://www.leads4pass.com/sc-900.html, use PDF or VCE practice A complete set of SC-900 practical exam questions ensures 100% success in passing the exam.
Final details on preparing for the Microsoft sc-900 exam:
| Exam name: | Microsoft Security Compliance and Identity Fundamentals |
| Exam code: | SC-900 |
| Languages: | English, Japanese, Chinese (Simplified), Korean, French, Spanish, Portuguese (Brazil), Russian, Arabic (Saudi Arabia), Indonesian (Indonesia), German, Chinese (Traditional), Italian |
| Retirement date: | none |
| Price: | $99 |
| Number of exam questions: | 40-60 |
| Question type: | Multiple choice questions, correct sorting questions, drag and drop questions, review, and other forms |
| Time: | 120 minutes |
| Passing score: | 700 |
