Microsoft Exam SC-100 Topic 3 Question 22 Discussion

Actual exam question for Microsoft's SC-100 exam

Question #: 22
Topic #: 3

Your company wants to optimize using Microsoft Defender for Endpoint to protect its resources against ransomware based on Microsoft Security Best Practices.

You need to prepare a post-breach response plan for compromised computers based on the Microsoft Detection and Response Team (DART) approach in Microsoft Security Best Practices.

What should you include in the response plan?

Acontrolled folder access

Bapplication isolation

Cmemory scanning

Dmachine isolation

Euser isolation

Show Suggested Answer

Suggested Answer: C

by Tyra at Apr 02, 2023, 04:53 PM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Linn

2 months ago

Hmm, this one's tough. I'm feeling like A) controlled folder access is the way to go. That way, we can keep the ransomware from getting its grubby little hands on our important files. Although, if it does manage to get in, I hope it at least has the decency to leave the 'Memes of the Month' folder alone.

upvoted 0 times

Antonio

We should also consider D) machine isolation to contain the spread of ransomware to other computers.

upvoted 0 times

...

Merrilee

6 days ago

I agree, A) controlled folder access is crucial to prevent ransomware from accessing important files.

upvoted 0 times

...

Luis

9 days ago

If all else fails, E) user isolation can help limit the impact of ransomware by isolating affected users.

upvoted 0 times

...

Roslyn

13 days ago

C) memory scanning can help detect any malicious activity in the system memory.

upvoted 0 times

...

Gracia

27 days ago

We should also consider D) machine isolation to contain the spread of ransomware to other computers.

upvoted 0 times

...

Evelynn

1 months ago

I agree, A) controlled folder access is crucial to prevent ransomware from accessing our important files.

upvoted 0 times

...

Moon

2 months ago

Ah, the classic ransomware response plan. I'd say C) memory scanning is the way to go. Gotta catch those sneaky little buggers before they can encrypt all our files. Although, I'm kinda hoping they leave the 'cat playing the piano' folder alone, that's our office treasure!

upvoted 0 times

...

Annelle

2 months ago

I think we should also consider machine isolation to contain the threat.

upvoted 0 times

...

Judy

2 months ago

Okay, let's see... I'm gonna go with B) application isolation. That way, we can keep the bad stuff contained and not let it spread like a nasty cold through the entire system. Wouldn't want the printers to get infected, that'd be a disaster!

upvoted 0 times

Claudio

18 days ago

User2: Definitely, containing the threat is key to minimizing the impact on our resources.

upvoted 0 times

...

Ocie

25 days ago

User1: I agree, B) application isolation is crucial to prevent the spread of ransomware.

upvoted 0 times

...

Marguerita

2 months ago

Hmm, this seems like a tricky one. I think the answer is D) machine isolation. Gotta keep those infected computers away from the rest of the network, right? I mean, who wants a ransomware party in the office?

upvoted 0 times