SC-100 V4

Your company plans to move all on-premises virtual machines to Azure. A network engineer proposes the Azure virtual network design shown in the following table. You need to recommend an Azure Bastion deployment to provide secure remote access to all the virtual machines. Based on the virtual network design, how...

Your on-premises network contains an e-commerce web app that was developed in Angular and Node.js. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone. You need to provide recommendations to...

HOTSPOT Your company uses Microsoft Defender for Cloud and Microsoft Sentinel. The company is designing an application that will have the architecture shown in the following exhibit. You are designing a logging and auditing solution for the proposed architecture. The solution must meet the following requirements: • Integrate Azure Web...

Your company has an office in Seattle. The company has two Azure virtual machine scale sets hosted on different virtual networks. The company plans to contract developers in India. You need to recommend a solution provide the developers with the ability to connect to the virtual machines over SSL from...

You need to recommend a solution for securing the landing zones. The solution must meet the landing zone requirements and the business requirements. What should you configure for each landing zone?A . Azure DDoS Protection Standard B. an Azure Private DNS zone C. Microsoft Defender for Cloud D. an ExpressRoute...

Your company is moving a big data solution to Azure. The company plans to use the following storage workloads: • Azure Storage blob containers • Azure Data Lake Storage Gen2 • Azure Storage file shares • Azure Disk Storage Which two storage workloads support authentication by using Azure Active Directory...

To meet the application security requirements, which two authentication methods must the applications support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.A . Security Assertion Markup Language (SAML) B. NTLMv2 C. certificate-based authentication D. KerberosView AnswerAnswer: A,D Explanation: https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-configure-single-sign-on-on-premises-apps https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-configure-single-sign-on-with-kcd https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-configure-custom-domain

HOTSPOT You need to recommend a solution to meet the compliance requirements. What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Box 1 = A Blueprint Box 2 = Update an Azure Policy assignment...

You are designing the security standards for a new Azure environment. You need to design a privileged identity strategy based on the Zero Trust model. Which framework should you follow to create the design?A . Enhanced Security Admin Environment (ESAE) B. Microsoft Security Development Lifecycle (SDL) C. Rapid Modernization Plan...

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...