SC-900 Mock Exam

Correct Answer: Azure Resource Locks Explanation: Resource locks prevent users from accidentally or intentionally deleting or modifying critical Azure resources.

Correct Answer: To discover, remediate, and monitor permissions in multi-cloud environments. Explanation: Microsoft Entra Permissions Management provides comprehensive visibility into permissions, identifies over-privileged identities, and enables right-sizing access across AWS, Azure, and GCP.

Correct Answer: Microsoft Defender for Cloud Explanation: Microsoft Defender for Cloud provides CWPP capabilities, extending protection to various workloads across Azure, on-premises, and other clouds.

Correct Answer: The ability to verify that a sender sent a message and cannot deny sending it, and that a recipient received it and cannot deny receiving it. Explanation: Non-repudiation provides irrefutable proof of an action, preventing either party from denying they performed it.

Correct Answer: Activity Explorer Explanation: Activity Explorer in Microsoft Purview provides a visual interface to monitor and investigate user activities on sensitive information.

Correct Answer: Azure Policy Explanation: Azure Policy can be used to audit and enforce standards for resource configuration, ensuring that newly deployed VMs conform to required security settings.

Correct Answer: To categorize data based on its sensitivity and business impact. Explanation: Data classification assigns labels or categories to data (e.g., Public, Confidential, Highly Confidential) to define appropriate handling and protection mechanisms.

Correct Answer: Access Reviews Explanation: Access Reviews in Microsoft Entra ID allow organizations to manage group memberships, access to enterprise applications, and role assignments by regularly reviewing who has access.

Correct Answer: Platform as a Service (PaaS) Explanation: In PaaS, the provider handles the underlying infrastructure, including the OS, and provides a platform for the customer to deploy and manage their applications.

Correct Answer: Azure Bastion Explanation: Azure Bastion provides secure and seamless RDP/SSH connectivity to your virtual machines directly over SSL from the Azure portal, eliminating the need for public IPs on your VMs.