Exam (elaborations)
SC-900 Study Guide Questions & answers
SC-900 Study Guide Questions & answers
[Show more]
Content preview
SC-900 Study GuideInformation Barriers - ANS-Used to define and apply information barrier policies to
prevent unauthorized communication & collaboration between certain user groups via
Teams, SharePoint Online, and OneDrive to avoid conflict of interest.
Insider Risk Management - ANS-Used to minimize internal risk through detection,
investigation, & mitigation of intentional and unintentional breaches of your orgs. insider
policies. Helps minimize/avoid risks of sensitive data leaks, intellectual property theft,
insider trading, & fraud.
Privileged Access Management - ANS-Enables granular access control over privileged
admin tasks in O365. Helps replace constant admin access privileges with just-in-time
elevated access permissions.
Azure Blueprints - ANS-Orchestrate deployment of various resources and preserve a
relationship between what should be deployed & what is deployed, supporting tracking
and auditing of deployments.
Basic Auditing - ANS-audit records retained for 90 days. Supports export to CSV file.
Advanced Auditing - ANS-1-year retention for Exchange, SharePoint and Azure AD
audit records by default. Supports export to CSV file. Provides access to audit records
for high-value, crucial events, used in forensic and compliance investigations.
Default Audit retention period for M365 E3 subscription - ANS-90 days, via Basic Audit
as the default.
Azure Security Center (ASC) - ANS-Provides unified security management and
advanced threat protection across hybrid cloud and on-premises workloads.
Data Loss Prevention (DLP) - ANS-Protects sensitive data and minimizes the risk of
inappropriate sharing with others. Part of M365, implement through DLP policies.
DLP Policies - ANS-allow you to identify, monitor, and protect sensitive data across your
cloud and on-premises solutions.
eDiscovery - ANS-Process of identifying, holding, and exporting electronic content to
support your organization's internal or external investigations. Part of M365.
, Authentication - ANS-the process through which you prove who you say you are.
Authorization - ANS-the process of granting an identity the permission to do something.
Microsoft Defender for Office 365 tools that require Office 365 Plan 2 - ANS-Threat
Trackers, Attack Simulator, Threat Explorer, Automated investigation & response (AIR)
Threat Trackers - ANS-provide most recent info on cybersecurity issues.
Attack Simulator - ANS-lets you identify vulnerabilities by running realistic attack
scenarios.
Windows Hello for Business - ANS-use a PIN or biometric data that is tied to a device to
authenticate users and does not transmit data to an external server.
Conditional Access - ANS-uses signals from the user and their device to control access
to your org's resources.
Multifactor Authentication (MFA) - ANS-requires more than one for of verification,
improving security of an identity.
Identity - ANS-How someone or something can be authenticated to prove that they are
who they say they are. This is considered the primary security perimeter in modern
hybrid network environment.
Azure AD Password Protection - ANS-Helps prevent the use of weak and easily
guessed passwords. Enables custom banned passwords.
Federated Services - ANS-Provide access across orgs or domain boundaries. Identity
provider provides authentication services and passes authentication credentials to other
organizations or domains. requires one-way trust. Can use 3rd party sites as identity
providers.
Azure AD registered devices - ANS-include win 10 and mobile devices, typically
personal devices, use a personal Microsoft account or other account to sign in. Enables
a company to use tools like Microsoft Intune to ensure standards for security and
compliance on the devices.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EXAMQA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for CA$11.16. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
72349 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now