Microsoft SC-900 Exam Questions 2024
Microsoft SC-900 Exam Questions 2024
Visit Official SkillCertPro Website :-
For a full set of 400 questions. Go to
https://skillcertpro.com/product/microsoft-sc-900-exam-questions/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Question 1:
Which of the following phases will be the first step in your Azure adoption lifecycle?
A. Plan
B. Strategy
C. Ready
D. Govern
Answer: B
Explanation:
Cloud adoption lifecycle is composed of the following phases:
· Strategy
· Plan
· Ready
· Migrate
· Innovate
· Govern
· Manage
The Strategy will be the first phase in the Azure adoption lifecycle. In the strategy phase, you:
· Define your motivations
· Document business outcomes
· Develop a business case
· Choose your first project
Strategy is the correct answer.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-resource-governance-capabilities-azure/5-describe-cloud-adoption-framework
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/strategy/
Question 2:
Which of the following technologies verifies if the contents of a message are tampered with?
A. Hashing
B. Signing
C. Encryption
D. Encoding
Answer: B
Explanation:
Signing (with the help of digital signatures) verifies if the contents of a message are tampered. Signing is the correct choice.
Encryption is the process of changing/altering a message, so a hacker only sees garbage.
Hashing converts/alters a text to a hash value (looks encrypted). Hashing is used to store passwords so that only the user knows his password.
Encoding converts data from one format to another. A typical example is audio/video encoders which reduce the size of audio/video files.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-security-concepts-methodologies/6-describe-ways-encryption-hashing-signing-secure-data
Question 3:
Which of the following is NOT one of the steps in creating a custom trainable classifier?
A. Create prediction model
B. Test the model
C. Manual review
D. Choose a model
Answer: D
Explanation:
The four steps in creating a custom trainable classifier are:
· Add seed content (samples in a single category. For example, patent documents),
· Create a trainable classifier (prediction model) [with seed content],
· Test the model (with both good [patent docs] and bad [Resumes, vendor contracts] examples), and,
· Manual review (Verify if each prediction is correct. This feedback improves the model’s accuracy).
Generally, for a machine learning task, selecting a learning algorithm is one of the steps in the process. However, for this classification task, you don’t need to choose/know the algorithm that’s behind the scenes.
Since it is not one of the steps in creating a custom trainable classifier, the option Choose a model is the correct answer.
Reference Link:
https://docs.microsoft.com/en-us/learn/modules/describe-information-protection-governance-capabilities-microsoft-365/3-describe-data-classification-capabilities-compliance-center#trainable-classifiers
Question 4:
You create a custom trainable classifier to classify pricing information in your organization. To test the model, you use seed content. Is it the correct approach?
A. Yes
B. No
Answer: B
Explanation:
Seeding is the feeding of positive samples (in a single category, here, pricing contracts) that a human carefully selects.
Seed content helps to accurately train a classifier to predict an item in a particular category (pricing).
Once you build a prediction model (classifier) with seed content, you test the model’s accuracy with a mix of both positive (pricing info) and negative (M&A deals, IP documents, patents, etc.) samples. This test content is different than the seed content.
So, you use seed content to build a prediction model, not test the model. The correct answer choice is No.
Reference Link: https://docs.microsoft.com/en-us/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide#seed-content
https://docs.microsoft.com/en-us/learn/modules/describe-information-protection-governance-capabilities-microsoft-365/3-describe-data-classification-capabilities-compliance-center#trainable-classifiers
Question 5:
This question requires that you evaluate the italic text to determine if it is correct.
Azure Bastion is an IaaS service offered by Microsoft Azure.
Please review the italic text. If it makes the statement correct, select ‘No change is needed.’ If the statement is incorrect, select the answer choice that makes the statement correct.
A. No change is needed
B. PaaS
C. SaaS
D. Serverless
Answer: B
Explanation:
A service is IaaS/SaaS/PaaS based on how much responsibility you have over the service. For example, look at this comparison.
Azure Bastion is NOT IaaS because you do not manage network controls like DNS configuration or the underlying OS. The given statement in the question is incorrect.
Azure Bastion is a fully managed PaaS service. Here is the explanation:
· Before Azure Bastion’s release, customers typically RDP into a jump server (deployed in an Azure VNet), and from there RDP into their target Azure VMs (to avoid exposing the target VM’s public IP address).
· You are expected to manage, monitor, patch, harden and secure the jump box.
· Microsoft offers the above activities as a PaaS service called Azure Bastion. Microsoft hardens the Bastion service, keeps it up-to-date to protect your VMs from zero-day exploits.
Option PaaS is the correct answer.
Quick Preview:
Reference Link: https://www.youtube.com/watch?v=WElUQm02BTU
https://docs.microsoft.com/en-us/learn/modules/describe-basic-security-capabilities-azure/5-describe-what-azure-bastion#key-features-of-azure-bastion
For a full set of 400 questions. Go to
https://skillcertpro.com/product/microsoft-sc-900-exam-questions/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Question 6:
A global investment bank wants to restrict collaboration (for example, sharing files from OneDrive) between their Asset management division and Corporate Advisory group.
Which of the following solutions in Microsoft 365 will help?
A. Insider risk management
B. Privileged access management
C. Customer Lockbox
D. Information barriers
Answer: D
Explanation:
Information barriers restrict communication between groups within an organization. Microsoft 365 solutions like Microsoft Teams, SharePoint Online, and OneDrive for Business support information barriers.
Since both the Asset Management division and the Corporate Advisory groups are separate divisions within the same organization, the option Information barriers is the correct choice.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/4-describe-information-barriers
Privileged access management allows granular access to privileged admin tasks in Microsoft 365 for users within an organization.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/5-describe-privileged-access-management
Customer Lockbox allows granular access to the organization’s content in Microsoft 365 locations to Microsoft (cloud provider).
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/6-describe-customer-lockbox
So:
· Privileged access management (for users within an organization)
· Customer Lockbox (between Microsoft and the organization)
· Information barriers (between an organization’s departments)
Insider risk management helps minimize internal risks in an organization. It doesn’t restrict collaboration between an organization’s departments.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-insider-risk-capabilities-microsoft-365/2-management-solution
Question 7:
In Microsoft 365 Defender, you can proactively find threats across devices, emails, apps, and identities with hunting.
Is the statement correct?
A.Yes
B.No
Answer: B
Explanation:
This is a slightly tricky question.
Hunting and Advanced hunting are two features with similar capabilities in Azure Sentinel and Microsoft 365 Defender respectively.
In Azure Sentinel, Hunting proactively hunts for threats across your organization’s data sources.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/describe-security-capabilities-of-azure-sentinel/3-describe-sentinel-provide-integrated-threat-protection#hunting
In Microsoft 365 Defender, Advanced hunting, not hunting, proactively searches for malware, suspicious files in your devices, emails, and cloud apps.
So, the correct answer is No.
Reference Link: https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-query-emails-devices?view=o365-worldwide
Question 8:
Which of the following defense in depth layer implements the Availability concern of the CIA principle?
A. Physical security
B. Identity and access
C. Perimeter
D. Data
Answer: C
Explanation:
CIA stands for Confidentiality, Integrity, and Availability. They represent security trade-offs in keeping your systems secure.
Defense in depth is a layered approach to security. Each of the defense in depth layers implements one or more of the CIA concerns.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/azure-well-architected-security/2-defense-in-depth#defense-in-depth-a-layered-approach-to-security
The Perimeter layer implements the Availability concern of the CIA principle. By providing DDoS protection, it ensures that the services are available to users. Option Perimeter is the correct answer.
The Physical security layer implements the Confidentiality principle because it grants access only to authorized personnel. Option Physical security is incorrect.
The Identity & Access layer implements the Integrity principle because it gives access only after verifying who the user they claim to be. Option Identity & access is incorrect too.
The Data layer implements the Integrity principle because data encryption at rest/in transit prevents unauthorized changes to the information. Option Data is an incorrect choice.
Question 9:
Which of the following are the features of SSPR (self-service password reset)?
a. Password change
b. Password reset
c. Account unlock
d. Password write-back
A. All four options
B. Only options a, b & c
C. Only options a & b
D. Only options a, b & d
Answer: A
Explanation:
The features of SSPR are:
· Password change (when you know the password and need to update it)
· Password reset (when you forgot the password)
· Unlock the account
· Password write-back to the on-premises directory (so you can access on-premises applications with the updated password)
All four choices are features of SSPR.
The option All four options is the correct choice.
Reference Link: https://docs.microsoft.com/en-us/learn/modules/explore-authentication-capabilities/5-describe-self-service-password-reset
Question 10:
Which Microsoft portal provides information about how Microsoft manages privacy, compliance and security?
A. The Microsoft 365 compliance center
B. Compliance Manager
C. Microsoft Service Trust Portal
D. Microsoft Support
Answer: C
Explanation:
The correct answer is:
C. Microsoft Service Trust Portal
Here’s why:
Microsoft 365 compliance center: This is primarily for managing compliance within your organization using Microsoft 365 tools.
Compliance Manager: This is a deprecated service. While it might have existed in the past, it’s not the current source for information on Microsoft’s privacy, compliance, and security practices.
Microsoft Support: While Microsoft Support offers valuable resources, it’s not the central location for information on these broader topics.
Microsoft Service Trust Portal: This portal is the official source for information on how Microsoft manages privacy, compliance, and security for its cloud services. It provides detailed documentation, whitepapers, certifications, and risk assessments.
Therefore, the Microsoft Service Trust Portal is the most appropriate resource to learn about Microsoft’s approach to privacy, compliance, and security for its cloud services.
Sources:
https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance
For a full set of 400 questions. Go to
https://skillcertpro.com/product/microsoft-sc-900-exam-questions/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.