<div data-elementor-type="wp-post" data-elementor-id="803" class="elementor elementor-803" data-elementor-post-type="post">
				<div class="elementor-element elementor-element-f7cbe34 e-flex e-con-boxed e-con e-parent" data-id="f7cbe34" data-element_type="container">
					<div class="e-con-inner">
				<div class="elementor-element elementor-element-ce9d3dc elementor-widget elementor-widget-heading" data-id="ce9d3dc" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Intro</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-beee594 elementor-widget elementor-widget-text-editor" data-id="beee594" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<p>This is the second free SC-100 practise test I have created, if you haven&#8217;t done the first one, please go do that first here: <a href="http://techzilica.com/microsoft-365/microsoft-cybersecurity-architect-sc-100-practise-test-questions-1/">Microsoft Cybersecurity Architect (SC-100) Practise Test Questions #1</a></p><p>In this test, there is only one correct answer to each question.</p><p>If there is any issues that you spot, please leave a comment.</p>								</div>
				</div>
				<div class="elementor-element elementor-element-c116e3b elementor-widget elementor-widget-heading" data-id="c116e3b" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Questions</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-18587a6 elementor-widget elementor-widget-text-editor" data-id="18587a6" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<ol><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>How can you see a list of security recommendations, the impact of those recommendations and the current state of security according to Microsoft best-practice? </strong><br /><span data-contrast="auto">a) Security Suggestions</span> <br /><span data-contrast="auto">b) Microsoft Secure Score</span> <br /><span data-contrast="auto">c) Intune</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>How do you ensure administrative access can be maintained during an MFA outage or being unable to reach a person holding an important role to implement key changes and ensure security during an emergency? </strong><br /><span data-contrast="auto">a) Contact Microsoft Support</span> <br /><span data-contrast="auto">b) Break-Glass/Emergency Access Accounts</span> <br /><span data-contrast="auto">c) Microsoft Emergency Control Service</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>Which Microsoft service can fulfil Security Orchestration, Automation and Response capabilities? </strong><br /><span data-contrast="auto">a) Microsoft Cloud-App Security</span> <br /><span data-contrast="auto">b) Defender for Cloud</span> <br /><span data-contrast="auto">c) Microsoft Sentinel</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>A Salesperson has accidentally sent a spreadsheet containing a list of customers and their main contact to a competitor, what type of security technology would help prevent this happening? </strong><br /><span data-contrast="auto">a) DLP</span> <br /><span data-contrast="auto">B) DHCP</span> <br /><span data-contrast="auto">C) SIEM</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><b>What is meant by defence-in-depth? </b><br /><span data-contrast="auto">a) Having a firewall to protect your network</span> <br /><span data-contrast="auto">b) Conditional Access</span> <br /><span data-contrast="auto">c) Multiple layers of security controls</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>Which example is considered two different factors of authentication?</strong><br /><span data-contrast="auto">a) Password and a PIN code</span> <br /><span data-contrast="auto">b) PIN code and security question</span> <br /><span data-contrast="auto">c) Password and push notification response</span> <br /><span data-contrast="auto">d) Hardware token</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>What is a great way of securing use of Entra ID accounts with a lot of administrative power?</strong><br /><span data-contrast="auto">a) Privileged Access Workstations</span> <br /><span data-contrast="auto">b) Defender for Identity</span> <br /><span data-contrast="auto">c) Defender for Cloud-Apps</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>What is Privileged Identity Management (PIM)?</strong><br /><span data-contrast="auto">a) Allows for administrative roles to be explicitly turned on for a limited time (just-in-time) and for approvals to be applied to the be used for turning on the administrative roles</span> <br /><span data-contrast="auto">b) Allows you to scan for group membership misconfiguration and apply a regular access review regime</span> <br /><span data-contrast="auto">c) Allows users to be assigned roles based on their role by requesting them in a group of permissions (Access Package) by be approved by a group of package owners</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>What is the acronym for the Microsoft threat modelling elements of security breach?</strong><br /><span data-contrast="auto">a) STRAFE</span> <br /><span data-contrast="auto">b) SROMPE</span> <br /><span data-contrast="auto">C) STRIDE</span> <br /><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li><li data-leveltext="%1)" data-font="Calibri" data-listid="2" data-list-defn-props="{";335552541";:0,";335559683";:0,";335559684";:-1,";335559685";:720,";335559991";:360,";469769242";:[65533,0,46],";469777803";:";left";,";469777804";:";%1)";,";469777815";:";hybridMultilevel";}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><strong>Which Microsoft service provides DLP functionality?</strong><br /><span data-contrast="auto">a) Microsoft Purview</span> <br /><span data-contrast="auto">b) Microsoft Priva</span><span data-ccp-props="{";201341983";:0,";335559739";:160,";335559740";:259}"> </span></li></ol>								</div>
				</div>
				<div class="elementor-element elementor-element-11ea3aa elementor-widget elementor-widget-heading" data-id="11ea3aa" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Answers Below:</h2>				</div>
				</div>
					</div>
				</div>
		<div class="elementor-element elementor-element-39a4164 e-flex e-con-boxed e-con e-parent" data-id="39a4164" data-element_type="container">
					<div class="e-con-inner">
				<div class="elementor-element elementor-element-12cf634 elementor-widget-divider--separator-type-pattern elementor-widget-divider--view-line elementor-widget elementor-widget-divider" data-id="12cf634" data-element_type="widget" data-widget_type="divider.default">
				<div class="elementor-widget-container">
							<div class="elementor-divider" style="--divider-pattern-url: url(";data:image/svg+xml,%3Csvg xmlns=&#039;http://www.w3.org/2000/svg&#039; preserveAspectRatio=&#039;none&#039; overflow=&#039;visible&#039; height=&#039;100%&#039; viewBox=&#039;0 0 24 24&#039; fill=&#039;none&#039; stroke=&#039;black&#039; stroke-width=&#039;5&#039; stroke-linecap=&#039;square&#039; stroke-miterlimit=&#039;10&#039;%3E%3Cpolyline points=&#039;0,18 12,6 24,18 &#039;/%3E%3C/svg%3E";);">
			<span class="elementor-divider-separator">
						</span>
		</div>
						</div>
				</div>
				<div class="elementor-element elementor-element-8d49aa8 elementor-widget elementor-widget-heading" data-id="8d49aa8" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Answers</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-4d6fcf3 elementor-widget elementor-widget-text-editor" data-id="4d6fcf3" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<ol><li>B &#8211; Microsoft Secure Score provides you an easy to follow dashboard of Microsoft best-practises</li><li>B &#8211; Break-Glass accounts are suggested as security best-practise by Microsoft: <a href="https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/security-emergency-access">Manage emergency access admin accounts | Microsoft Learn</a></li><li>C &#8211; Sentinel can be configured to automatically take actions based off of alerts from a wide range of sources.</li><li>A &#8211; DLP is Data Loss Prevention, more on DLP can be found here: <a href="https://www.crowdstrike.com/cybersecurity-101/data-loss-prevention-dlp/">What is Data Loss Prevention (DLP)?</a></li><li>C &#8211; Multiple layers of security is what is meant by defence in depth; you can learn more here: <a href="https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-defense-in-depth/">What is defense in depth?</a></li><li>C &#8211; Password and push notification is the only listed answer with two distinct types of authentication, read more here: <a href="https://csrc.nist.gov/glossary/term/multi_factor_authentication">multi-factor authentication &#8211; Glossary | CSRC (nist.gov)</a></li><li>A &#8211; Privileged Access Workstations, are computers which are used only to do administrative functions such as a using a Global Administrator account, this means that if the user cannot be phished with a malicious email, as they shouldn&#8217;t receive email on their privileged access workstation as well as other things, which reduces the attack surface, read more here: <a href="https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-devices">Why are privileged access devices important</a></li><li>A &#8211; You can read more on PIM here: <a href="https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-configure">What is Privileged Identity Management? | Microsoft Learn</a></li><li>C &#8211; STRIDE, you can find more on STRIDE here: <a href="https://en.wikipedia.org/wiki/STRIDE_(security)">STRIDE (security) &#8211; Wikipedia</a></li><li>A &#8211; Microsoft Purview provides DLP functionality read more here: <a href="https://learn.microsoft.com/en-us/purview/dlp-learn-about-dlp">Learn about data loss prevention</a></li></ol>								</div>
				</div>
					</div>
				</div>
				</div>
		
Microsoft SC-100 Practise Test – Cybersecurity Architect #2
