SC-900 Practice Test Free

Correct Answer: Microsoft Service Trust Portal Explanation: The Microsoft Service Trust Portal provides access to various audit reports, compliance guides, and privacy information related to Microsoft cloud services.

Correct Answer: To detect and remediate identity-based risks and vulnerabilities. Explanation: Azure AD Identity Protection helps detect potential vulnerabilities affecting identities, configures policies to respond to detected suspicious actions, and investigates suspicious incidents.

Correct Answer: Sensitivity Labels Explanation: Sensitivity labels allow organizations to classify and protect their data across Microsoft 365 apps, services, and devices, applying encryption, visual markings, and other protective actions.

Correct Answer: Privileged Identity Management (PIM) Explanation: PIM provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources.

Correct Answer: Microsoft Defender for Office 365 Explanation: Microsoft Defender for Office 365 provides advanced protection against phishing, spam, malware, and other email-based threats, including protection for Teams, SharePoint, and OneDrive.

Correct Answer: Layering multiple security controls to protect assets. Explanation: Defense in Depth is a strategy that employs a series of overlapping security mechanisms, so if one fails, another is in place to provide protection.

Correct Answer: Microsoft Defender for Endpoint Explanation: Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to prevent, detect, investigate, and respond to advanced threats.

Correct Answer: Azure Resource Locks Explanation: Azure Resource Locks prevent accidental deletion or modification of Azure resources, even by users with administrative permissions.

Correct Answer: Authentication Explanation: Authentication is the process of verifying the identity of a user, device, or service.

Correct Answer: To protect web applications from common web-based attacks (e.g., SQL injection, XSS). Explanation: A WAF specifically protects web applications from common web vulnerabilities and attacks by filtering and monitoring HTTP traffic.