Free Microsoft SC-100 Exam Questions

You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by usingMicrosoft Intune.You are designing a privileged access strategy based on the rapid modernization plan (RaMP). Thestrategy will include the following configurations:Each user in Group1 will be assigned a Windows 11 device that will be configured as a privilegedaccess device.The Security Administrator role will be mapped to the privileged access security level.The users in Group1 will be assigned the Security Administrator role.The users in Group2 will manage the privileged access devices.You need to configure the local Administrators group for each privileged access device. The solutionmust follow the principle of least privilege.What should you include in the solution? 

Your company has devices that run either Windows 10, Windows 11, or Windows Server.You are in the process of improving the security posture of the devices.You plan to use security baselines from the Microsoft Security Compliance Toolkit.What should you recommend using to compare the baselines to the current device configurations? 

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.

The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.

You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.

Which security control should you recommend?

Your company has devices that run either Windows 10, Windows 11, or Windows Server.You are in the process of improving the security posture of the devices.You plan to use security baselines from the Microsoft Security Compliance Toolkit.What should you recommend using to compare the baselines to the current device configurations? 

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?