Security is one the most sought-after skills in today’s world. There are approximately 3.5 million+ jobs available in the security field, but organizations are having trouble finding the right resources to meet their needs. Microsoft is a leading provider of security solutions. It offers solutions to protect identities and prevent threats. Microsoft also offers 4 certifications that show our expertise in these solutions.
These certifications are:
SC-900: Microsoft Security, Compliance, Identity Fundamentals
SC-200: Microsoft Security Operations Analyst
SC-300: Microsoft Identity and Access Administrator
SC-400: Microsoft Information Protection Manager
This article will discuss 25 sample questions from the SC-900 certification exam.
This Study Guide is for SC-900 Microsoft Security and Compliance Fundamentals Certification Exams.
Questions:
Two steps are required to create a digital signature using a message. What are they?
Choose one or more:
hash value
Signer’s private Key
The hash value is signed using a signer’s private keys.
digital signature
Three principles underpin the Zero Trust model’s security implementation. These are the three principles.
Choose one:
Verify explicitly, least privilege access, then assume breach.
least privilege access, verify implicitly, and assume breach
Verify implicitly, verify explicit, and assume breach.
Verify implicitly, verify explicit, and have the least privilege access.
Defense-in-depth strategies use a series of mechanisms to slow down an attack’s progress. What security strategy is Defense-in-depth using instead of relying on one perimeter?
Choose one:
application layer approach
Network security
Layered approach
data layer security
Your company wants to make sure that employees’ sensitive data is encrypted. What security mechanism should your organization use?
Choose one:
Hashing
Sign up digitally
Encryption at rest
Transport encryption
The user would like to see tools and information about Microsoft security, privacy and compliance practices.
What should I use?
Compliance Manager
Portal for service trust
Compliance trust portal.
Service manager
An employee from your company informs you that he received a mail requesting that you change your password to protect your organization’s security. The mail is redirecting you to a random website to change your username password. What kind of attack is it?
Choose one:
Password-based attacks
Spearphishing
Phishing
Spam
Modern authentication is a method that allows users to log in once and can then be used to access multiple resources or applications. What capability will an identity provider have to help you achieve your goal?
Choose one:
Passwords always expire after 72 days.
Directory services
A central identity provider is possible.
Single sign-on (SSO).
What are the different types of risks?
Choose one:
Two, identity risk and bodily risk
Three, sign-in risk and user risk.
Two, sign-in and user risk
Four, sign-in, user, identity, and ethical risks
Your organization has an Azure AD subscription that is free. Are you concerned about the object limit on the free license? Is there a limit on the free license?
Choose one:
Yes
No
What is included with the Azure AD free edition subscription?
Choose one or more:
Intune and Private Identity Management
Office 365, Dynamics 365, and Azure
Management of Privileged Identity
Intune and Power Platform
A company has created an application that allows users to sign in with Facebook, Google, and Twitter.