SC-900 Exam Questions and Answers

Correct Answer: eDiscovery Explanation: eDiscovery solutions in Microsoft Purview allow organizations to search for and collect data for legal or internal investigations from various Microsoft 365 services.

Correct Answer: Nation-state actors Explanation: Nation-state actors are highly sophisticated, well-funded, and patient adversaries often driven by geopolitical objectives.

Correct Answer: Insider Risk Management Explanation: Microsoft Purview Insider Risk Management helps organizations detect, investigate, and act on malicious and inadvertent activities to identify and manage insider risks.

Correct Answer: To store and manage cryptographic keys, secrets, and certificates securely Explanation: Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys.

Correct Answer: Microsoft 365 Defender Explanation: Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications.

Correct Answer: Information and data, and endpoint protection Explanation: The customer always retains responsibility for the security of their information/data and the endpoints used to access cloud services, across all cloud service models.

Correct Answer: Azure DDoS Protection Explanation: Azure DDoS Protection provides enhanced DDoS mitigation capabilities for Azure resources beyond the basic protection always enabled by Azure.

Correct Answer: Role-Based Access Control Explanation: Role-Based Access Control (RBAC) in Azure AD simplifies access management by assigning permissions to roles, and then assigning users or groups to those roles.

Correct Answer: Single Sign-On Explanation: Single Sign-On (SSO) allows a user to authenticate once and gain access to multiple independent software systems without having to re-authenticate for each system.

Correct Answer: Hacktivists Explanation: Hacktivists are individuals or groups who use hacking techniques to promote a political or social agenda, often through website defacement, DoS attacks, or information leaks.