Demo Microsoft SC-200 Exam Questions

Demo practice questions for guest users.

Section: Practice Mode 5 Questions

Demo Practice

Back To Exam

Question 1

HOTSPOT You need to create an advanced hunting query to investigate the executive team issue. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A

CloudAppEvents
| where TimeStamp > ago(2d)
| summarize activityCount = count() by FolderPath, FileName, ActionType, AccountDisplayName
| where activityCount > 5

Correct Answer: A

Explanation:

Selected Drop-Down Values
Drop-Down Section Correct Selection Reason
First Drop-down (Table) `CloudAppEvents` This table tracks cloud application activities and includes specific columns like `FolderPath`, `FileName`, and `AccountDisplayName` required by the query.
Second Drop-down (Aggregation) `count()` The query assigns the result to a variable named `activityCount` and subsequently filters for occurrences greater than 5 (`where activityCount > 5`), which requires counting rows rather than averaging or summing values.

Question 2

Question: 4 You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?

A

just-in-time (JIT) access

B

Azure Defender

C

Azure Firewall

D

Azure Application Gateway

Correct Answer: B

Explanation:

For Azure Virtual Machines, Azure Defender provides:
Advanced threat protection
Vulnerability assessment
Security monitoring and recommendations
Detection of suspicious activities and attacks
Integration with Microsoft Defender for Endpoint
If the technical requirement is to improve the security posture of Azure VMs, Azure Defender is the appropriate solution.
Why the others are incorrect
A. Just-in-time (JIT) access ❌
Limits exposure of management ports (RDP/SSH) but does not provide comprehensive VM security and threat protection.
C. Azure Firewall ❌
Protects network traffic but does not provide VM-level threat detection and vulnerability management.
D. Azure Application Gateway ❌
A web traffic load balancer for web applications, not a VM security solution.

Question 3

HOTSPOT for the Azure virtual You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A

Threat Category Correct Action Selection
Internal threat: Modify the role-based access control (RBAC) settings for the key vault.
External threat: Modify the Key Vault firewall settings.

Correct Answer: A

Explanation:

Internal Threat: Granting or restricting specific user permissions internally is best handled using Azure Role-Based Access Control (RBAC). This allows you to enforce the principle of least privilege for administrators and internal applications interacting with the Key Vault.
External Threat: Restricting access coming from outside the organization's trusted boundary requires network isolation. Modifying the Key Vault firewall settings allows you to limit traffic specifically to trusted virtual networks or specific public IP addresses, effectively blocking malicious external actors.

1
2
›

Demo Practice Mode

You are viewing only the questions marked as Demo.