Microsoft Security, Compliance, and Identity Fundamentals (SC-900)

1. A company is implementing a Zero Trust security strategy. Which principle requires that organizations verify every request as though it originates from an untrusted network, using all available data points such as user identity, location, device health, and the resource being accessed?

2. A security architect is designing a cloud environment using Zero Trust principles. The architect wants to ensure that if one segment of the network is compromised, the damage is contained and cannot easily spread. Which Zero Trust principle directly supports this goal?

3. A company is adopting Microsoft cloud services and needs a cloud-based identity and access management service to manage employee accounts, enable Single Sign-On to SaaS applications, and enforce Multi-Factor Authentication. Which Microsoft service fulfills this role?

4. A company signs up for Microsoft 365. A dedicated, isolated instance of Microsoft Entra ID is automatically created for the company, containing all of its user accounts and configuration settings. What is this dedicated instance called?

5. A company wants to protect its Azure virtual machines from volumetric DDoS attacks without any additional configuration or cost. Which Azure DDoS Protection tier is automatically enabled for all Azure resources?