SC-100 Exam Details

  • Exam Code
    :SC-100
  • Exam Name
    :Microsoft Cybersecurity Architect
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :350 Q&As
  • Last Updated
    :Jul 12, 2026

Microsoft SC-100 Online Questions & Answers

  • Question 311:

    You have Microsoft Defender for Cloud assigned to Azure management groups.

    You have a Microsoft Sentinel deployment.

    During the triage of alerts, you require additional information about the security events, including suggestions for remediation.

    Which two components can you use to achieve the goal? Each correct answer presents a complete solution.

    NOTE: Each correct selection is worth one point.

    A. Microsoft Sentinel threat intelligence workbooks
    B. Microsoft Sentinel notebooks
    C. threat intelligence reports in Defender for Cloud
    D. workload protections in Defender for Cloud

  • Question 312:

    Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework for Azure.

    You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud Adoption Framework for Azure.

    What should you use to start the threat modeling process?

    A. the STRIDE model
    B. the DREAD model
    C. OWASP threat modeling

  • Question 313:

    HOTSPOT

    You have a Microsoft 365 E5 subscription

    You plan to implement Microsoft Priva Subject Rights Requests for Microsoft 365 data. You need to streamline the creation and processing of subject rights requests. The solution must minimize development effort.

    What should you include in the solution? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 314:

    Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains 500 Windows 11 devices.

    You have a Microsoft 365 subscription and an Azure subscription.

    You have a Microsoft Entra tenant that syncs with the domain and is linked to the subscriptions. The devices are Microsoft Entra hybrid joined.

    You plan to deploy a solution to mitigate attacks against privileged accounts. The solution will include Microsoft Sentinel rules that will detect attempts to use fake cached credentials.

    You need to recommend a solution to create the fake cached credentials on client computers.

    What should you recommend?

    A. User and Entity Behavior Analytics (UEBA) in Microsoft Sentinel
    B. a deception rule in Microsoft Defender for Endpoint
    C. a Honeytoken tag in Microsoft Defender for Identity
    D. a user risk policy in Microsoft Entra ID Protection

  • Question 315:

    HOTSPOT

    You have a Microsoft Entra tenant named contoso.com. You have 30 Azure subscriptions that are linked to contoso.com.

    The tenant contains the management groups shown in the following table.

    You need to design a governance solution to manage access to all the Azure Storage accounts across the subscriptions. The solution must meet the following requirements:

    1. Use custom role-based access control (RBAC) to provide granular access to control plane and data plane operations.

    2. Minimize administrative effort.

    At which scope should you assign the roles, and what is the minimum number of assignments per role? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 316:

    You have an Azure subscription.

    You have a DNS domain named contoso.com that is hosted by a third-party DNS registrar.

    Developers use Azure DevOps to deploy web apps to App Service Environments. When a new app is deployed, a CNAME record for the app is registered in contoso.com.

    You need to recommend a solution to secure the DNS record for each web app. The solution must meet the following requirements:

    1. Ensure that when an app is deleted, the CNAME record for the app is removed also.

    2. Minimize administrative effort.

    What should you include in the recommendation?

    A. Microsoft Defender for Cloud Apps
    B. Microsoft Defender for DevOps
    C. Microsoft Defender for App Service
    D. Microsoft Defender for DNS

  • Question 317:

    Your company has a main office and a branch office.

    1. The main office houses 20 on-premises servers running Windows Server, which host applications published via Microsoft Entra application proxy.

    2. The main office also has 500 on-premises computers running Windows

    11. In contrast, the branch office has 100 on-premises Windows 11 computers.

    3. All computers in the main office are enrolled in Microsoft Intune, while the branch office computers are not.

    4. Your company holds a Microsoft 365 E5 subscription and has a Microsoft Entra tenant.

    5. A third-party Software as a Service (SaaS) application is registered within the Microsoft Entra tenant.

    6. You plan to implement Global Secure Access and are considering the use of compliant network checks and Conditional Access policies.

    You need to determine which two scenarios are supported by compliant network check.

    Which two scenarios are supported by compliant network check?

    A. connections to the third-party SaaS app
    B. connections from the branch office computers
    C. Continuous Access Evaluation for Microsoft Exchange Online
    D. connections to the on-premises apps

  • Question 318:

    HOTSPOT

    You have a Microsoft 365 subscription.

    You configure Microsoft Purview Information Protection to apply sensitivity labels automatically.

    You need to recommend a solution that will prevent users from uploading unlabeled files to Microsoft SharePoint Online if the files contain content defined by Microsoft Purview classifiers as sensitive.

    What should you include in the recommendation? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 319:

    Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.

    After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.

    You have a Microsoft 365 subscription that uses Microsoft Defender XDR. The subscription contains 500 devices that are enrolled in Microsoft Intune. The subscription contains 500 users that connect to external software as a service (SaaS) apps by using the devices. You need to implement a solution that meets the following requirements:

    Allows user access to SaaS apps that Microsoft has identified as low risk.

    Blocks user access to Saas apps that Microsoft has identified as high risk.

    Solution: From Microsoft Defender for Cloud Apps, you configure SaaS security posture management (SSPM) and create an access policy.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 320:

    Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.

    The company signs a contract with the United States government.

    You need to review the current subscription for NIST 800-53 compliance.

    What should you do first?

    A. From Azure Policy, assign a built-in initiative that has a scope of the subscription.
    B. From Microsoft Sentinel, configure the Microsoft Defender for Cloud data connector.
    C. From Defender for Cloud, review the Azure security baseline for audit report.
    D. From Microsoft Defender for Cloud Apps, create an access policy for cloud applications.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-100 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.