Free Microsoft SC-100 Exam Questions

Become Microsoft Certified with updated SC-100 exam questions and correct answers

Page: 1 / 50

Total 250 Questions | Updated On: Feb 09, 2026

Add To Cart

Question 1

You have a Microsoft 365 tenant.

Your company uses a third-party software as a service (SaaS) app named App1 that is integrated with an Azure AD tenant.

You need to design a security strategy to meet the following requirements:

• Users must be able to request access to App1 by using a self-service request.

• When users request access to App1, they must be prompted to provide additional information about their request.

• Every three months, managers must verify that the users still require access to App1.

What should you include in the design?

A : Microsoft Entra Identity Governance

B : connected apps in Microsoft Defender for Cloud Apps

C : access policies in Microsoft Defender for Cloud Apps

D : Azure AD Application Proxy

Answer: A

Question 2

Your company is developing a modern application that will run as an Azure App Service web app. You plan to perform threat modeling to identify potential security issues by using the Microsoft Threat Modeling Tool. Which type of diagram should you create?

A : data flow

B : system flow

C : process flow

D : network flow

Answer: A

Question 3

You are designing the security standards for containerized applications onboarded to Azure.

You are evaluating the use of Microsoft Defender for Containers.

In which two environments can you use Defender for Containers to scan for known vulnerabilities? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A : Linux containers deployed to Azure Container Instances

B : Windows containers deployed to Azure Kubernetes Service (AKS)

C : Windows containers deployed to Azure Container Registry

D : Linux containers deployed to Azure Container Registry

E : Linux containers deployed to Azure Kubernetes Service (AKS)

Answer: C,D

Question 4

You need to recommend a solution to resolve the virtual machine issue. What should you include in the recommendation? (Choose Two)

A : Onboard the virtual machines to Microsoft Defender for Endpoint.

B : Onboard the virtual machines to Azure Arc.

C : Create a device compliance policy in Microsoft Endpoint Manager.

D : Enable the Qualys scanner in Defender for Cloud.

Answer: A,D

Question 5

You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by usingMicrosoft Intune.You are designing a privileged access strategy based on the rapid modernization plan (RaMP). Thestrategy will include the following configurations:Each user in Group1 will be assigned a Windows 11 device that will be configured as a privilegedaccess device.The Security Administrator role will be mapped to the privileged access security level.The users in Group1 will be assigned the Security Administrator role.The users in Group2 will manage the privileged access devices.You need to configure the local Administrators group for each privileged access device. The solutionmust follow the principle of least privilege.What should you include in the solution?

A : Only add Group2 to the local Administrators group.

B : Configure Windows Local Administrator Password Solution (Windows LAPS) in legacy Microsoft LAPS emulation mode.

C : Add Group2 to the local Administrators group. Add the user that is assigned the Security Administrator role to the local Administrators group of the user's assigned privileged access device

Answer: B

Page: 1 / 50

Total 250 Questions | Updated On: Feb 09, 2026

Add To Cart