SC-900 Exam Practice Quiz

Correct Answer: Insider Risk Management Explanation: Insider Risk Management leverages Microsoft 365 data to detect and investigate potentially malicious or inadvertent insider activities.

Correct Answer: Azure Policy Explanation: Azure Policy allows you to define, assign, and manage policies to enforce rules and effects over your resources, ensuring they comply with corporate standards and service level agreements.

Correct Answer: Web Application Firewall (WAF) Explanation: A WAF is specifically designed to protect web applications by inspecting HTTP/S traffic for known attack patterns.

Correct Answer: Data residency Explanation: Data residency refers to the physical location where data is stored and processed, which is often dictated by regulatory requirements.

Correct Answer: Microsoft 365 Defender Explanation: Microsoft 365 Defender is a unified suite that integrates Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps to provide coordinated defense.

Correct Answer: It attempts to trick individuals into revealing sensitive information, often via deceptive emails or websites. Explanation: Phishing is a social engineering attack where attackers impersonate trusted entities to trick victims into giving up credentials or sensitive data.

Correct Answer: eDiscovery Explanation: eDiscovery solutions in Microsoft Purview enable organizations to find and collect data relevant to legal cases or internal investigations.

Correct Answer: To provide the minimum required security settings for all Azure resources. Explanation: Security baselines are a set of recommended security configurations for common Azure services, helping organizations establish a secure starting point.

Correct Answer: Self-Service Password Reset (SSPR) Explanation: SSPR allows users to reset their own passwords, significantly reducing support costs and improving user experience.

Correct Answer: Data Loss Prevention (DLP) Explanation: DLP identifies, monitors, and protects sensitive information across Microsoft 365 services to prevent data exfiltration or misuse.