Increase your chances of passing the Microsoft SC-100 exam questions on your first try. Practice with our free online SC-100 exam mock test designed to help you prepare effectively and confidently.
You have a Microsoft 365 tenant that uses Microsoft SharePoint Online and Microsoft Purview.
Microsoft Purview has a sensitivity label named Label1 that is applied to the files stored on
SharePoint Online sites.
You need to recommend a Microsoft Purview Data Loss Prevention (DLP) policy that meets the
following requirements:
Prevents users from uploading the files to third-party external websites
Allows users to upload the files to Microsoft OneDrive for Business
To which location should you apply the DLP policy?
You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1
and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by using
Microsoft Intune.
You are designing a privileged access strategy based on the rapid modernization plan (RaMP). The
strategy will include the following configurations:
Each user in Group1 will be assigned a Windows 11 device that will be configured as a privileged
access device.
The Security Administrator role will be mapped to the privileged access security level.
The users in Group1 will be assigned the Security Administrator role.
The users in Group2 will manage the privileged access devices.
You need to configure the local Administrators group for each privileged access device. The solution
must follow the principle of least privilege.
What should you include in the solution?
You are planning the security requirements for Azure Cosmos DB Core (SQL) API accounts. You need to recommend a solution to audit all users that access the data in the Azure Cosmos DB accounts. Which two configurations should you include in the recommendation? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might
have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You are designing the encryption standards for data at rest for an Azure resource.
You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256
keys. The solution must support rotating the encryption keys monthly.
Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses
Microsoft-managed keys.
Does this meet the goal?
Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework
for Azure.
You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud
Adoption Framework for Azure.
What should you use to start the threat modeling process?
© Copyrights FreeMockExams 2026. All Rights Reserved
We use cookies to ensure that we give you the best experience on our website (FreeMockExams). If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the FreeMockExams.