Skip to main content
Cybersecurity ⭐ Premium

Microsoft Cybersecurity Architect (SC-100) - 340 Questions

By Webmaster Certland ❤️ 0 likes

Practice exam for the Microsoft Cybersecurity Architect Expert (SC-100) certification. Covers security best practices, security operations, identity, compliance, infrastructure security, and application/data security design.

🔒

Premium Content

This exam is exclusive to Premium users. Upgrade to get unlimited access!

Become Premium

👁️ Free Preview (5 of 340 questions)

1. A cybersecurity architect is designing a ransomware resiliency strategy for a large enterprise with hybrid infrastructure. The organization requires that backups remain recoverable even if an attacker gains Global Administrator credentials. Which combination of Azure Backup features should the architect recommend?

A Configure geo-redundant storage with cross-region restore enabled
B Enable immutable vaults, soft delete, and multi-user authorization on the Recovery Services vault
C Apply delete locks on the Recovery Services vault resource
D Deploy Azure Site Recovery with failover to a secondary region

2. A cybersecurity architect is reviewing Microsoft Security Best Practices for an organization that recently suffered a ransomware attack. The attacker moved laterally from a compromised endpoint to domain controllers within minutes. Which architectural principle should the architect prioritize to prevent this lateral movement in the future?

A Deploy endpoint detection and response agents on all servers
B Implement network-based firewall rules between endpoint and server subnets
C Implement the Enterprise Access Model to isolate Tier 0 identity infrastructure from lower-tier assets
D Enforce a minimum 16-character password policy for all administrator accounts

3. An organization is designing a Privileged Access Workstation (PAW) strategy for administrators who manage Azure subscriptions and on-premises Active Directory. Which design constraint is MOST critical when defining the PAW architecture?

A Apply the clean-source principle: all management dependencies must be at least as trusted as the PAW itself
B Store PAWs in a physically secured room accessible only to senior administrators
C Run PAWs as virtual machines on hardened standard enterprise laptops
D Require multi-factor authentication for all logins to the PAW

4. A cybersecurity architect is designing a recovery strategy for a financial institution. The RTO is 4 hours and the RPO is 1 hour for Tier-1 workloads. The solution must remain recoverable after a complete primary region failure. Which Azure architecture best meets these requirements?

A Configure Azure Backup with daily backup schedules and geo-redundant storage
B Enable geo-redundant storage for all storage accounts hosting Tier-1 workload data
C Deploy Azure Site Recovery to replicate VMs to a secondary region with no backup
D Combine Azure Site Recovery for VM replication with Azure Backup (hourly) for point-in-time recovery

5. An architect is designing the identity security strategy for an organization that still uses on-premises applications requiring legacy authentication protocols (NTLM, basic authentication). The organization wants to align with Microsoft Security Best Practices. Which recommendation should the architect make?

A Enable enhanced monitoring for all legacy authentication sign-in events
B Create a migration roadmap to replace legacy authentication with modern protocols, then block legacy auth via Conditional Access
C Require all legacy authentication traffic to traverse a VPN tunnel
D Enforce a 24-character minimum password length for accounts using legacy authentication

Want to test yourself for real?

Create a free account and run our exam simulation engine.

Free No credit card
  • Simulation engine
  • Up to 10 questions per attempt
  • Score & basic stats
Create free account Already have an account? Sign in
Best
Premium 7-day trial
  • All 340 questions
  • Detailed explanations
  • Smart Practice + Focus Mode
⭐ Start 7-day free trial

Information

Questions 340
Time 2h 30min
Difficulty Hard
Minimum Score 70.00%
🤍 Like

Related Exams

⭐ Premium

Microsoft Azure Security Technologies (AZ-500) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Identity and Access Administrator (SC-300) - 340 Questions

340 questions · 0 attempts
⭐ Premium

Microsoft Security, Compliance, and Identity Fundamentals (SC-900) - 340 Questions

340 questions · 0 attempts
⭐ Premium

AWS Certified Security Specialty (SCS-C03) - 340 Questions

340 questions · 0 attempts

Discussion

No comments yet. Be the first to start the discussion!

Sign in to join the discussion.