SC-100 Exam Details

  • Exam Code
    :SC-100
  • Exam Name
    :Microsoft Cybersecurity Architect
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :350 Q&As
  • Last Updated
    :Jul 12, 2026

Microsoft SC-100 Online Questions & Answers

  • Question 11:

    HOTSPOT

    You have an Azure subscription that contains three Azure App Service web apps.

    You need to secure the apps by using Azure Web Application Firewall (WAF) on Azure Front Door. The solution must meet the following requirements:

    1. Block attempts to access the apps from malicious bots.

    2. Rate limit incoming connections to the apps.

    The solution must minimize administrative effort.

    What should you configure for each requirement? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 12:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You are designing the encryption standards for data at rest for an Azure resource.

    You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly.

    Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses Microsoft-managed keys.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 13:

    You have an Azure subscription

    You plan to deploy multiple containerized microservice-based apps to Azure Kubemetes Service (AKS)

    You need to recommend a solution that meets the following requirements:

    1. Manages secrets

    2. Provides encryption

    3. Secures service-to-service communication by using mTLS encryption

    4. Minimizes administrative effort

    What should you include in the recommendation?

    A. Flux
    B. Envoy
    C. Dapr
    D. Istio

  • Question 14:

    HOTSPOT

    You have on-premises servers and virtual machines that run Windows Server, Red Hat Enterprise Linux (RHEL) 7, or RHEL 8.

    You have an Azure subscription that contains virtual machines running Windows Server Datacenter: Azure Edition.

    You need to recommend a solution to manage operating system updates for the on-premises servers and the virtual machines. The solution must meet the following requirements:

    1. Enable hotpatching for the Azure virtual machines.

    2. Enable on-demand inventory and deployment of updates.

    3. Enable the deployment of Extended Security Update (ESU) patches to the on-premises servers.

    What should you include in the recommendation?

    To answer, select the options in the answer area.Each correct answer is worth one point.

  • Question 15:

    Your company plans to evaluate the security of its Azure environment based on the principles of the Microsoft Cloud Adoption Framework for Azure.

    You need to recommend a cloud-based service to evaluate whether the Azure resources comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

    What should you recommend?

    A. Compliance Manager in Microsoft Purview
    B. Microsoft Defender for Cloud
    C. Microsoft Sentinel
    D. Microsoft Defender for Cloud Apps

  • Question 16:

    You have an Azure subscription that has Microsoft Defender for Cloud enabled. You need to enforce ISO 2700V2013 standards for the subscription.

    The solution must ensure that noncompliant resources are remediated automatical What should you use?

    A. the regulatory compliance dashboard in Defender for Cloud
    B. Azure Policy
    C. Azure Blueprints
    D. Azure role-based access control (Azure RBAC)

  • Question 17:

    HOTSPOT

    You have a Microsoft 365 E5 subscription and an Azure subscription.

    You need to evaluate the existing environment to increase the overall security posture for the following components:

    1. Windows 11 devices managed by Microsoft Intune

    2. Azure Storage accounts

    3. Azure virtual machines

    What should you use to evaluate the components? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 18:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You are designing the encryption standards for data at rest for an Azure resource.

    You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly.

    Solution: For blob containers in Azure Storage, you recommend encryption that uses customer-managed keys (CMKs).

    Does this meet the goal?

    A. Yes
    B. No

  • Question 19:

    HOTSPOT

    You have an Azure subscription. The subscription contains an Azure SQL database named DB1 that stores customer data.

    You have a Microsoft 365 subscription that uses Microsoft SharePoint Online, OneDrive, and Teams.

    Users frequently create Microsoft Office documents that contain data from DB1.

    You need to recommend a Microsoft Purview solution that meets the following requirements:

    1. Identifies Office documents that contain customer addresses and phone numbers sourced from DB1

    2. Generates an alert if a user downloads an above average number of files that contain data from DB1

    3. Minimizes the number of false positives.

    What should you include in the solution for each requirement? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 20:

    Your company has a Microsoft 365 ES subscription.

    The Chief Compliance Officer plans to enhance privacy management in the working environment.

    You need to recommend a solution to enhance the privacy management. The solution must meet the following requirements:

    1. Identify unused personal data and empower users to make smart data handling decisions.

    2. Provide users with notifications and guidance when a user sends personal data in Microsoft Teams.

    3. Provide users with recommendations to mitigate privacy risks.

    What should you include in the recommendation?

    A. communication compliance in insider risk management
    B. Microsoft Viva Insights
    C. Privacy Risk Management in Microsoft Priva
    D. Advanced eDiscovery

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-100 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.