SC 900 Exam Questions and Answers –
Start preparing SC 900 Exam Questions and Answers –
Q: 1 What does the SC-900 certification focus on?
A] Security, Compliance, Identity
B] Networking
C] Data Analytics
D] AI and Machine Learning
Q: 2 What is the key principle of Zero Trust?
A] Always assume trust
B] Assume breach
C] Grant global access
D] Deny all access
Q: 3 Which Microsoft service is used for identity protection?
A] Azure Sentinel
B] Azure AD Identity Protection
C] Microsoft Defender
D] Microsoft Purview
Q: 4 What is the purpose of Conditional Access in Azure AD?
A] Protect data storage
B] Control access to resources
C] Monitor network activity
D] Provide multi-factor authentication
Q: 5 Which compliance tool helps monitor and improve compliance posture in Microsoft 365?
A] Compliance Manager
B] Microsoft Defender
C] Azure Monitor
D] Security Score
Q: 6 Which is NOT a component of Microsoft Defender for Cloud?
A] Secure Score
B] Policy Management
C] App Service
D] Advanced Threat Protection
Q: 7 Which type of identity is supported by Azure AD?
A] Cloud only
B] On-premises only
C] Cloud and hybrid
D] Guest only
Q: 8 What is a major feature of Microsoft Sentinel?
A] Web application firewall
B] Security information and event management (SIEM)
C] DNS Protection
D] Compliance Score
Q: 9 What is the function of Multi-Factor Authentication (MFA)?
A] Encrypting emails
B] Adding a second verification method
C] Managing data storage
D] Monitoring application logs
Q: 10 What does Azure AD Conditional Access primarily enforce?
A] Security baselines
B] Access policies
C] Compliance reports
D] Identity protection policies
Q: 11 What tool in Microsoft 365 provides Data Loss Prevention (DLP) policies?
A] Microsoft Intune
B] Compliance Manager
C] Security Manager
D] Azure Sentinel
Q: 12 In Zero Trust, access to resources is granted based on:
A] Username and password only
B] Network IP address
C] Least privilege principles
D] Device trust
Q: 13 Microsoft Defender for Identity is designed to:
A] Protect databases
B] Detect identity-based threats
C] Monitor compliance activities
D] Perform cloud penetration testing
Q: 14 What is Microsoft Information Protection used for?
A] Encrypting applications
B] Protecting and managing sensitive data
C] Network access monitoring
D] Generating compliance reports
Q: 15 Which service is used for Single Sign-On (SSO) in Microsoft environments?
A] Microsoft Intune
B] Azure AD
C] Microsoft Teams
D] Microsoft Defender
Q: 16 The Security Information and Event Management (SIEM) tool from Microsoft is called:
A] Azure AD
B] Azure Sentinel
C] Microsoft Defender
D] Microsoft Intune
Q: 17 What does Microsoft Secure Score represent?
A] An organization’s security posture
B] Compliance score
C] Threat level
D] Number of user logins
Q: 18 Which compliance framework does Microsoft Purview support?
A] HIPAA
B] GDPR
C] ISO 27001
D] All of the above
Q: 19 The purpose of Privileged Identity Management (PIM) is to:
A] Monitor all user activity
B] Manage privileged access
C] Provide email encryption
D] Generate audit reports
Q: 20 Microsoft Defender for Office 365 protects against:
A] Physical threats
B] Email-based attacks
C] Data exfiltration
D] Compliance risks
Continue preparing SC 900 Exam Questions and Answers –
Q: 21 The process of encrypting sensitive information is called:
A] Obfuscation
B] Encryption
C] Data masking
D] Data transfer
Q: 22 Which service provides threat intelligence in Microsoft’s security ecosystem?
A] Azure Monitor
B] Microsoft Sentinel
C] Compliance Manager
D] Microsoft Defender
Q: 23 What is the primary goal of identity governance?
A] Simplify user logins
B] Ensure appropriate access
C] Encrypt user passwords
D] Monitor device activity
Q: 24 Which tool helps enforce compliance with legal and regulatory standards?
A] Microsoft Intune
B] Microsoft Purview
C] Azure Sentinel
D] Secure Score
Q: 25 Conditional Access policies are triggered by:
A] User roles
B] Login attempts
C] Signals such as user location or device
D] Threat levels
Q: 26 What is the primary function of Microsoft Intune?
A] Manage cloud identities
B] Manage devices and apps
C] Perform compliance audits
D] Encrypt user data
Q: 27 In Azure, role-based access control (RBAC) helps to:
A] Grant blanket access
B] Assign least-privilege roles
C] Prevent account lockouts
D] Monitor cloud spending
Q: 28 Which feature in Azure AD allows users to reset their passwords?
A] Conditional Access
B] Multi-Factor Authentication
C] Self-Service Password Reset (SSPR)
D] Privileged Identity Management
Q: 29 What does “compliance posture” refer to?
A] Number of users
B] Security level of cloud apps
C] Adherence to regulations and policies
D] Hardware configuration
Q: 30 Azure AD B2C is designed for:
A] Managing internal employees
B] External customer identities
C] IT administrator accounts
D] Data loss prevention
Q: 31 Which Microsoft tool integrates with third-party security solutions?
A] Microsoft Sentinel
B] Azure AD
C] Microsoft Defender for Endpoint
D] Microsoft Purview
Q: 32 In Zero Trust, what is “explicit verification”?
A] Trusting internal users
B] Verifying every access request
C] Monitoring device activity
D] Encrypting sensitive files
Q: 33 Microsoft Defender for Endpoint focuses on:
A] User identity
B] Device security
C] Cloud compliance
D] Data analytics
Q: 34 A key component of Microsoft compliance solutions is:
A] Data encryption
B] Compliance Score
C] Secure Score
D] Network activity tracking
Q: 35 What does Azure AD Conditional Access use as inputs for access decisions?
A] Threat intelligence only
B] Signals like device compliance
C] Compliance audit reports
D] Admin overrides
Q: 36 The purpose of Microsoft Purview eDiscovery is to:
A] Perform forensic analysis
B] Monitor user behavior
C] Search and export data for legal purposes
D] Restrict file access
Q: 37 What is the main benefit of Azure AD Identity Protection?
A] Detect and respond to identity risks
B] Manage app installations
C] Generate financial reports
D] Encrypt stored data
Q: 38 Which Microsoft Defender service protects against phishing attacks?
A] Microsoft Defender for Cloud Apps
B] Microsoft Defender for Office 365
C] Azure Sentinel
D] Microsoft Defender for Identity
Q: 39 What is the purpose of Azure Key Vault?
A] Securely store secrets
B] Monitor cloud apps
C] Manage user identities
D] Generate compliance reports
Q: 40 The “Secure Score” in Microsoft Defender helps to:
A] Encrypt sensitive data
B] Assess and improve security posture
C] Identify compliance gaps
D] Block unauthorized devices
Continue preparing SC 900 Exam Questions and Answers –
Q: 41 What is the primary focus of Privileged Identity Management (PIM)?
A] Managing all user accounts
B] Managing high-risk identities
C] Managing privileged access
D] Blocking external users
Q: 42 What is an example of a conditional access condition?
A] Office hours
B] Device compliance
C] Encrypted emails
D] Shared devices
Q: 43 Which service helps protect sensitive information in emails?
A] Microsoft Defender for Cloud Apps
B] Azure Sentinel
C] Microsoft Purview Information Protection
D] Azure Key Vault
Q: 44 What is a primary feature of Azure Security Center?
A] Compliance scoring
B] Threat protection
C] Password resets
D] Network setup
Q: 45 Which Microsoft tool is designed to ensure secure collaboration with external partners?
A] Azure AD B2B
B] Azure Sentinel
C] Privileged Identity Management
D] Compliance Manager
Q: 46 Microsoft Defender for Cloud protects resources in:
A] On-premises only
B] Azure and hybrid environments
C] Microsoft 365 only
D] Azure AD only
Q: 47 What is a key feature of Microsoft Defender for Identity?
A] Behavioral analytics
B] File encryption
C] Role assignment
D] App monitoring
Q: 48 Azure AD Conditional Access evaluates signals like:
A] User password strength
B] Device compliance and location
C] Azure subscription tier
D] Threat levels
Q: 49 What is the purpose of Azure Sentinel’s playbooks?
A] Storing user passwords
B] Automating threat responses
C] Restricting user roles
D] Encrypting sensitive files
Q: 50 What does the Azure Security Benchmark provide?
A] Security best practices
B] Data migration tools
C] Compliance certificates
D] Azure storage insights
Q: 51 Which Microsoft tool provides end-to-end data classification?
A] Microsoft Intune
B] Microsoft Purview
C] Azure Sentinel
D] Compliance Manager
Q: 52 What is the purpose of Azure AD B2B?
A] Managing external identities
B] Encrypting sensitive emails
C] Blocking external threats
D] Monitoring device health
Q: 53 In Zero Trust, the principle of “least privilege” means:
A] Granting minimal necessary access
B] Trusting internal devices only
C] Encrypting all user files
D] Allowing only admin access
Q: 54 What does Microsoft Defender for Office 365 primarily protect?
A] Azure virtual machines
B] Email and collaboration tools
C] External devices
D] Identity governance
Q: 55 The Azure AD “break-glass” account is used for:
A] Auditing Azure resources
B] Emergency administrative access
C] Encrypting sensitive data
D] Resetting user passwords
Q: 56 Which tool in Microsoft compliance solutions helps with risk assessments?
A] Secure Score
B] Compliance Manager
C] Azure Sentinel
D] Azure Monitor
Q: 57 What is the purpose of Microsoft Sentinel connectors?
A] Log storage
B] Data visualization
C] Integrating third-party data
D] Device protection
Q: 58 Microsoft Purview Data Loss Prevention (DLP) policies help to:
A] Secure user identities
B] Prevent sharing sensitive data
C] Monitor network traffic
D] Encrypt email communications
Q: 59 What is a key feature of Azure Active Directory (Azure AD)?
A] Secure password storage
B] Identity and access management
C] Threat intelligence
D] Data compliance
Q: 60 The role of Privileged Identity Management (PIM) includes:
A] Encrypting sensitive data
B] Assigning time-limited access
C] Auditing external user activity
D] Blocking suspicious IPs
Q: 61 What is a “tenant” in Microsoft 365?
A] A physical server
B] A dedicated instance of cloud services
C] A network configuration
D] A storage cluster
Q: 62 Microsoft Purview helps manage compliance with:
A] Cybersecurity threats
B] Regulatory requirements
C] User logins
D] Device policies
Q: 63 What does Microsoft Defender for Cloud focus on?
A] Physical security
B] Cloud workload protection
C] Data encryption
D] Network configuration
Q: 64 In Zero Trust, continuous verification means:
A] Constantly monitoring threats
B] Periodically logging user activity
C] Analyzing audit logs
D] Enforcing policies after each access request
Q: 65 Which Microsoft tool helps monitor cloud app usage?
A] Azure Sentinel
B] Microsoft Defender for Cloud Apps
C] Microsoft Intune
D] Privileged Identity Management
Q: 66 What is a feature of Conditional Access in Azure AD?
A] Restricting app installations
B] Enforcing MFA based on location
C] Encrypting sensitive emails
D] Monitoring Azure costs
Q: 67 What does the “kill chain” concept refer to in security?
A] Attack stages in a threat lifecycle
B] Secure deletion of malware
C] Automated responses to threats
D] Network protection strategy
Q: 68 Microsoft Purview Compliance Manager provides:
A] Password protection policies
B] Audit-ready compliance reports
C] Multi-factor authentication
D] Device encryption tools
Q: 69 What is the purpose of role-based access control (RBAC)?
A] Managing external identities
B] Assigning least-privilege roles
C] Encrypting user accounts
D] Monitoring threat levels
Q: 70 The primary goal of Microsoft Secure Score is to:
A] Identify compliance risks
B] Enhance security posture
C] Generate audit logs
D] Block external threats
Q: 71 What does Microsoft Defender for Identity primarily detect?
A] Unauthorized data transfers
B] Identity-based threats
C] Malware attacks
D] Compliance violations
Q: 72 In compliance, GDPR primarily focuses on:
A] Network security
B] Data protection
C] Device encryption
D] Cloud performance
Q: 73 What is the key focus of Microsoft Defender for Endpoint?
A] Securing emails
B] Device protection
C] User identity governance
D] Network activity monitoring
Q: 74 Which compliance standard does Microsoft 365 follow?
A] ISO 27001
B] GDPR
C] HIPAA
D] All of the above
Q: 75 The term “signal” in Conditional Access refers to:
A] Threat level
B] Attributes like device, location, or app
C] Network activity
D] User password strength
Q: 76 Microsoft Intune is used for:
A] Device management
B] Email encryption
C] Identity verification
D] Threat analysis
Q: 77 What is the purpose of a Conditional Access policy?
A] Blocking external accounts
B] Enforcing granular access control
C] Encrypting sensitive data
D] Monitoring user login patterns
Q: 78 The Security Operations Center (SOC) uses Microsoft Sentinel for:
A] Monitoring Azure costs
B] Detecting and responding to threats
C] Managing compliance audits
D] Storing data logs
Q: 79 What is a key feature of Azure Key Vault?
A] Storing and managing secrets
B] Encrypting email attachments
C] Monitoring user logins
D] Auditing regulatory compliance
Q: 80 Which role in Azure AD allows full control over resources?
A] Global Reader
B] Global Administrator
C] Security Administrator
D] User Administrator
Q: 81 What does Azure Security Center monitor?
A] User passwords
B] Security posture of Azure resources
C] Compliance scores
D] Device health
Q: 82 Which Microsoft service provides automated compliance assessments?
A] Azure Monitor
B] Compliance Manager
C] Microsoft Sentinel
D] Microsoft Intune
Q: 83 What is the focus of data encryption in Microsoft security solutions?
A] Securing identity access
B] Protecting sensitive information
C] Monitoring device usage
D] Managing regulatory audits
Q: 84 What does the Microsoft Compliance Manager dashboard display?
A] Device performance
B] Compliance posture
C] Network traffic
D] User login activity
Q: 85 Which service detects and mitigates risks in cloud apps?
A] Microsoft Defender for Endpoint
B] Microsoft Defender for Cloud Apps
C] Azure Monitor
D] Privileged Identity Management
Q: 86 Which compliance category does HIPAA fall under?
A] Financial
B] Healthcare
C] Government regulations
D] Cloud architecture
Q: 87 What does Privileged Identity Management (PIM) allow?
A] Resetting passwords
B] Time-based privileged access
C] Encrypting sensitive emails
D] Monitoring security threats
Q: 88 What is a major component of Microsoft Purview?
A] Endpoint monitoring
B] Data classification
C] Identity governance
D] Network traffic analysis
Q: 89 Azure Sentinel helps in:
A] Protecting user passwords
B] Automating threat responses
C] Encrypting sensitive files
D] Blocking unauthorized devices
Q: 90 What is the goal of Zero Trust in Microsoft environments?
A] Allowing administrator access
B] Restricting access to internal networks
C] Granting access based on trust levels
D] Never trust, always verify