SC-900 Microsoft Security Compliance and Identity Fundamentals Dumps

If you are looking for free SC-900 dumps than here we have some sample question answers available. You can prepare from our Microsoft SC-900 exam questions notes and prepare exam with this practice test. Check below our updated SC-900 exam dumps.

DumpsGroup are top class study material providers and our inclusive range of SC-900 Real exam questions would be your key to success in Microsoft Microsoft Certified: Security Compliance and Identity Fundamentals Certification Exam in just first attempt. We have an excellent material covering almost all the topics of Microsoft SC-900 exam. You can get this material in Microsoft SC-900 PDF and SC-900 practice test engine formats designed similar to the Real Exam Questions. Free SC-900 questions answers and free Microsoft SC-900 study material is available here to get an idea about the quality and accuracy of our study material.


discount banner

Sample Question 4

Which feature provides the extended detection and response (XDR) capability of Azure Sentinel? 

A. integration with the Microsoft 365 compliance center 
B. support for threat hunting 
C. integration with Microsoft 365 Defender 
D. support for Azure Monitor Workbooks 


Sample Question 5

Microsoft 365 Endpoint data loss prevention (Endpoint DLP) can be used on which operating systems? 

A. Windows 10 and iOS only 
B. Windows 10 and Android only 
C. Windows 10, Android, and iOS 
D. Windows 10 only 


Sample Question 6

Which three tasks can be performed by using Azure Active Directory (Azure AD) Identity Protection? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. 

A. Configure external access for partner organizations. 
B. Export risk detection to third-party utilities.
 C. Automate the detection and remediation of identity based-risks. 
D. Investigate risks that relate to user authentication. 
E. Create and automatically assign sensitivity labels to data. 


Sample Question 7

What feature in Microsoft Defender for Endpoint provides the first line of defense against cyberthreats by reducing the attack surface? 

A. automated remediation 
B. automated investigation 
C. advanced hunting 
D. network protection 


Sample Question 8

What can you use to provide a user with a two-hour window to complete an administrative task in Azure? 

A. Azure Active Directory (Azure AD) Privileged Identity Management (PIM) 
B. Azure Multi-Factor Authentication (MFA) 
C. Azure Active Directory (Azure AD) Identity Protection 
D. conditional access policies 


Sample Question 9

Which two Azure resources can a network security group (NSG) be associated with? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. 

A. a network interface 
B. an Azure App Service web app 
C. a virtual network 
D. a virtual network subnet 
E. E. a resource group 


Sample Question 10

Which three statements accurately describe the guiding principles of Zero Trust? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

A. Define the perimeter by physical locations. 
B. Use identity as the primary security boundary. 
C. Always verity the permissions of a user explicitly. 
D. Always assume that the user system can be breached. 
E. Use the network as the primary security boundary. 


Sample Question 11

Which service includes the Attack simul-ation training feature? 

A. Microsoft Defender for Cloud Apps 
B. Microsoft Defender for Office 365 
C. Microsoft Defender for Identity 
D. Microsoft Defender for SQL 


Sample Question 12

You need to keep a copy of all files in a Microsoft SharePoint site for one year, even if users delete the files from the site. What should you apply to the site? 

A. a data loss prevention (DLP) policy 
B. a retention policy 
C. an insider risk policy 
D. a sensitivity label policy 


Sample Question 13

In the Microsoft Cloud Adoption Framework for Azure, which two phases are addressed before the Ready phase? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

A. Plan 
B. Manage 
C. Adopt 
D. Govern 
E. Define Strategy 


Sample Question 14

Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. 

A. Display policy tips to users who are about to violate your organization’s policies. 
B. Enable disk encryption on endpoints. 
C. Protect documents in Microsoft OneDrive that contain sensitive information. 
D. Apply security baselines to devices. 


Sample Question 15

Which two cards are available in the Microsoft 365 Defender portal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. 

A. Users at risk 
B. Compliance Score
 C. Devices at risk 
D. Service Health 
E. User Management


Sample Question 16

You plan to implement a security strategy and place multiple layers of defense throughout a network infrastructure. Which security methodology does this represent? 

A. threat modeling 
B. identity as the security perimeter 
C. defense in depth 
D. the shared responsibility model 


Sample Question 17

Which three authentication methods does Windows Hello for Business support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

 A. fingerprint 
B. facial recognition 
C. PIN 
D. email verification 
E. security question 


Sample Question 18

Which Microsoft 365 feature can you use to restrict users from sending email messages that contain lists of customers and their associated credit card numbers? 

A. retention policies
 B. data loss prevention (DLP) policies 
C. conditional access policies 
D. information barriers 


Sample Question 19

What is the purpose of Azure Active Directory (Azure AD) Password Protection?

 A. to control how often users must change their passwords 
B. to identify devices to which users can sign in without using multi-factor authentication (MFA) 
C. to encrypt a password by using globally recognized encryption standards 
D. to prevent users from using specific words in their passwords 


Sample Question 20

To which type of resource can Azure Bastion provide secure access? 

A. Azure Files 
B. Azure SQL Managed Instances 
C. Azure virtual machines 
D. Azure App Service 


Sample Question 21

Which Azure Active Directory (Azure AD) feature can you use to provide just-in-time (JIT) access to manage Azure resources?

 A. conditional access policies 
B. Azure AD Identity Protection 
C. Azure AD Privileged Identity Management (PIM) 
D. authentication method policies 


Sample Question 22

Which score measures an organization's progress in completing actions that help reduce risks associated to data protection and regulatory standards?

A. Microsoft Secure Score 
B. Productivity Score 
C. Secure score in Azure Security Center 
D. Compliance score 


Sample Question 23

What can you protect by using the information protection solution in the Microsoft 365 compliance center? 

A. computers from zero-day exploits 
B. users from phishing attempts 
C. files from malware and viruses 
D. sensitive data from being exposed to unauthorized users


Sample Question 24

You need to create a data loss prevention (DLP) policy. What should you use?

A. the Microsoft 365 admin center 
B. the Microsoft Endpoint Manager admin center 
C. the Microsoft 365 Defender portal 
D. the Microsoft 365 Compliance center 


Sample Question 25

What should you use to ensure that the members of an Azure Active Directory group use multi-factor authentication (MFA) when they sign in? 

A. Azure Active Directory (Azure AD) Identity Protection 
B. a conditional access policy 
C. Azure role-based access control (Azure RBAC)
 D. Azure Active Directory (Azure AD) Privileged Identity Management (PIM) 


Sample Question 26

What is a characteristic of a sensitivity label in Microsoft 365? 

A. persistent
 B. encrypted 
C. restricted to predefined categories 


Sample Question 27

What can you specify in Microsoft 365 sensitivity labels? 

A. how long files must be preserved 
B. when to archive an email message 
C. which watermark to add to files 
D. where to store files 


Sample Question 28

In a Core eDiscovery workflow, what should you do before you can search for content? 

A. Create an eDiscovery hold. 
B. Run Express Analysis. 
C. Configure attorney-client privilege detection. 
D. Export and download results. 


Sample Question 29

Which two types of resources can be protected by using Azure Firewall? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. 

A. Azure virtual machines 
B. Azure Active Directory (Azure AD) users 
C. Microsoft Exchange Online inboxes 
D. Azure virtual networks 
E. Microsoft SharePoint Online sites 


Sample Question 30

What are three uses of Microsoft Cloud App Security? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

 A. to discover and control the use of shadow IT 
B. to provide secure connections to Azure virtual machines 
C. to protect sensitive information hosted anywhere in the cloud 
D. to provide pass-through authentication to on-premises applications 
E. to prevent data leaks to noncompliant apps and limit access to regulated data 


Sample Question 31

What can you use to provision Azure resources across multiple subscriptions in a consistent manner? 

A. Azure Defender 
B. Azure Blueprints
 C. Azure Sentinel
 D. Azure Policy 



Exam Code: SC-900
Exam Name: Microsoft Security Compliance and Identity Fundamentals
Last Update: May 13, 2024
Questions: 186