Download Microsoft Cybersecurity Architect.SC-100.ExamTopics.2025-08-11.108q.tqb

Vendor: Microsoft
Exam Code: SC-100
Exam Name: Microsoft Cybersecurity Architect
Date: Aug 11, 2025
File Size: 6 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
Your company has on-premises Microsoft SQL Server databases.
The company plans to move the databases to Azure.
You need to recommend a secure architecture for the databases that will minimize operational requirements for patching and protect sensitive data by using dynamic data masking. The solution must minimize costs.
What should you include in the recommendation?
  1. SQL Server on Azure Virtual Machines
  2. Azure Synapse Analytics dedicated SQL pools
  3. Azure SQL Database
Correct answer: C
Explanation:
A: 3C: 25 - Mosted
A: 3C: 25 - Mosted
Question 2
You have an on-premises network and a Microsoft 365 subscription.
You are designing a Zero Trust security strategy.
Which two security controls should you include as part of the Zero Trust solution? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.
  1. Always allow connections from the on-premises network.
  2. Disable passwordless sign-in for sensitive accounts.
  3. Block sign-in attempts from unknown locations.
  4. Block sign-in attempts from noncompliant devices.
Correct answer: CD
Explanation:
BC: 2CD: 18 - Mosted
BC: 2CD: 18 - Mosted
Question 3
You have a Microsoft 365 subscription.
You need to design a solution to block file downloads from Microsoft SharePoint Online by authenticated users on unmanaged devices.
Which two services should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
  1. Azure AD Conditional Access
  2. Azure Data Catalog
  3. Microsoft Purview Information Protection
  4. Azure AD Application Proxy
  5. Microsoft Defender for Cloud Apps
Correct answer: AE
Explanation:
AE: 16 - MostedCE: 2
AE: 16 - MostedCE: 2
Question 4
You use Azure Policy with Azure Repos to implement continuous integration and continuous deployment (CI/CD) workflows.
You need to recommend best practices to secure the stages of the CI/CD workflows based on the Microsoft Cloud Adoption Framework for Azure.
What should you include in the recommendation for each stage? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct answer: To work with this question, an Exam Simulator is required.
Question 5
You have an operational model based on the Microsoft Cloud Adoption Framework for Azure.
You need to recommend a solution that focuses on cloud-centric control areas to protect resources such as endpoints, databases, files, and storage accounts.
What should you include in the recommendation?
  1. business resilience
  2. modem access control
  3. network isolation
  4. security baselines in the Microsoft Cloud Security Benchmark
Correct answer: D
Explanation:
D: 20 - Mosted
D: 20 - Mosted
Question 6
Your company wants to optimize using Microsoft Defender for Endpoint to protect its resources against ransomware based on Microsoft Security Best Practices.
You need to prepare a post-breach response plan for compromised computers based on the Microsoft Detection and Response Team (DART) approach in Microsoft Security Best Practices.
What should you include in the response plan?
  1. controlled folder access
  2. application isolation
  3. memory scanning
  4. machine isolation
  5. user isolation
Correct answer: D
Explanation:
B: 1D: 14 - Mosted
B: 1D: 14 - Mosted
Question 7
You have a Microsoft 365 subscription.
You are designing a user access solution that follows the Zero Trust principles of the Microsoft Cybersecurity Reference Architectures (MCRA).
You need to recommend a solution that automatically restricts access to Microsoft Exchange Online, SharePoint Online, and Teams in near-real-time (NRT) in response to the following Azure AD events:
  • A user account is disabled or deleted.
  • The password of a user is changed or reset.
  • All the refresh tokens for a user are revoked.
  • Multi-factor authentication (MFA) is enabled for a user.
Which two features should you include in the recommendation? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
  1. continuous access evaluation
  2. Azure AD Application Proxy
  3. a sign-in risk policy
  4. Azure AD Privileged Identity Management (PIM)
  5. Conditional Access
Correct answer: AE
Explanation:
AD: 2AE: 19 - Mosted
AD: 2AE: 19 - Mosted
Question 8
You design cloud-based software as a service (SaaS) solutions.
You need to recommend a recovery solution for ransomware attacks. The solution must follow Microsoft Security Best Practices.
What should you recommend doing first?
  1. Develop a privileged identity strategy.
  2. Implement data protection.
  3. Develop a privileged access strategy.
  4. Prepare a recovery plan.
Correct answer: D
Explanation:
A: 2C: 1D: 22 - Mosted
A: 2C: 1D: 22 - Mosted
Question 9
You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (CI/CD) workflows for the deployment of applications to Azure.
You need to recommend what to include in dynamic application security testing (DAST) based on the principles of the Microsoft Cloud Adoption Framework for Azure.
What should you recommend?
  1. unit testing
  2. penetration testing
  3. dependency checks
  4. threat modeling
Correct answer: B
Explanation:
B: 10 - Mosted
B: 10 - Mosted
Question 10
You are designing a new Azure environment based on the security best practices of the Microsoft Cloud Adoption Framework for Azure. The environment will contain one subscription for shared infrastructure components and three separate subscriptions for applications.
You need to recommend a deployment solution that includes network security groups (NSGs), Azure Firewall, Azure Key Vault, and Azure Bastion. The solution must minimize deployment effort and follow security best practices of the Microsoft Cloud Adoption Framework for Azure.
What should you include in the recommendation?
  1. the Azure landing zone accelerator
  2. the Azure Well-Architected Framework
  3. Azure Security Benchmark v3
  4. Azure Advisor
Correct answer: A
Explanation:
A: 16 - MostedB: 1
A: 16 - MostedB: 1
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!