100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
sc-900 exam questions £7.16   Add to cart

Exam (elaborations)

sc-900 exam questions

 3 views  0 purchase

sc-900 exam questions

Preview 2 out of 13  pages

  • June 20, 2024
  • 13
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
All documents for this subject (15)
avatar-seller
denicetho
sc-900 exam questions
Which functionality is provided by Azure AD? - ANS-Azure AD provides SSO. Azure AD
provides federation. Azure AD is one perimeter of defense in depth. Azure AD does not
provide file services. Azure AD does not provide the encryption of data in transit.

Which two authentication methods are available in Azure AD during sign in? Each
correct answer presents a complete solution. - ANS-Passwords are the most common
form of authentication and are supported in Azure AD. Text messaging can be used as
a primary form of authentication. The Google Authenticator app can be used as a
primary form of authentication to sign into any Azure AD account. Calling the Microsoft
Helpdesk is not a valid authentication method in Azure AD. Security questions are not
used during sign in.

An organization is migration to the Microsoft cloud. The plan is to use a hybrid identity
model.
What can be used to sync identities between Active Directory Domain Services (AD DS)
and Azure AD? - ANS-Azure AD Connect is designed to meet and accomplish hybrid
identity goals. ADFS cannot be used for hybrid identity models. Microsoft Sentinel is not
an identity product. PIM is used for managing and monitoring access to important
resources.

Which authentication method can use a time-based, one-time password? - ANS-OATH
hardware tokens use time-based, one-time passwords. Strong passwords are not
one-time passwords. Password hash synchronization syncs hashes across Active
Directory and Azure AD. Windows Hello uses a camera or passcode for authentication.

What can you use to prevent users from using an organization's name or the names of
the organization's products as passwords in Azure AD? - ANS-Azure AD Password
Protection - The global banned password list does not cover your own organization and
product names. Azure AD Password Protection provides protection from password
spray. MFA does not manage password entries.

Based on a Microsoft Azure Security Score recommendation, an administrator decides
to improve identity security within an organization.
What provides the greatest protection to user identities? - ANS-using the Microsoft
Authenticator app - The Microsoft Authenticator app (phone sign in) is the strongest
authentication method. Enforcing a password change or enforcing a complex password

, will not provide the greatest protection alone. Using soft tokens does not offer as strong
a protection as Microsoft Authenticator.

What are three things that a user can use for Azure AD Multi-Factor Authentication
(MFA)? Each correct answer presents a complete solution. - ANS-something the
claimant knows, something the claimant has, something the claimant is. - Azure AD
MFA works by requiring something you know (such as a password), and something you
have (such as a phone), or something you are (biometrics).

Which Azure AD feature helps reduce help desk calls and the loss of productivity when
a user cannot sign in to their device or an application? - ANS-SSPR is a feature of
Azure AD that allows users to change or reset their password without administrator or
help desk involvement. Without enabling SSPR, Identity protection cannot provide the
requested solution. Conditional Access brings signals together, to make decisions, and
enforce organizational policies but not SSPR. Azure AD Password Protection reduces
the risk when users set weak passwords.

Which three actions should be performed to enable self-service password reset (SSPR)
for a user? Each correct answer presents part of the solution. - ANS-Assign an Azure
AD license, Enable SSPR for the user, Register an authentication method, To use
SSPR, users must be assigned an Azure AD license that is enabled for SSPR by an
administrator and registered with the authentication methods they want to use. Two or
more authentication methods are recommended in case one is unavailable.

What should you use in Azure AD to provide users with the ability to perform
administrative tasks? - ANS-roles - Roles in Azure AD have permission to perform
certain administrative tasks. You assign these roles to users.

Which Azure feature provides network-level filtering, application-level filtering, and
outbound SNAT? - ANS-

What are types of distributed denial-of-service (DDoS) attacks? - ANS-resource layer
attacks, protocol attacks, and volumetric attacks - Resource layer attacks, protocol
attacks, and volumetric attacks are the most common DDoS attacks. Password sprays
and MITM attacks are not DDoS attacks.

What can you use in Azure to implement network segmentation based on departments?
- ANS-virtual networks - The main reasons for network segmentation are the ability to
group related assets that are a part of (or support) workload operations, the isolation of
resources, and to use governance policies set by an organization. Virtual networks

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller denicetho. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £7.16. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£7.16
  • (0)
  Add to cart