Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam SC-100 Topic 7 Question 19 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 19
Topic #: 7
[All SC-100 Questions]

You have an Azure AD tenant that syncs with an Active Directory Domain Services (AD DS) domain.

You have an on-premises datacenter that contains 100 servers. The servers run Windows Server and are backed up by using Microsoft Azure Backup Server (MABS).

You are designing a recovery solution for ransomware attacks. The solution follows Microsoft Security Best Practices.

You need to ensure that a compromised administrator account cannot be used to delete the backups

What should you do?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Alaine
30 days ago
Wait, so we're trying to stop a hacker from deleting backups? Sounds like a job for Azure's version of James Bond! Option B it is - gotta keep those backups secure, no matter how sneaky the bad guys get.
upvoted 0 times
...
Dana
1 months ago
Option C, really? Registering MABS with a Recovery Services vault is important, but it doesn't address the security issue of a compromised admin account. I'm sticking with Option B - multi-user authorization is the way to go!
upvoted 0 times
...
Margurite
1 months ago
Haha, option A with the security PIN? Sounds like something out of a spy movie! But I guess it could work for critical operations. Still, I think Option B is the way to go for this scenario.
upvoted 0 times
Alfreda
2 days ago
Yeah, having multiple users authorize critical operations seems like a safer bet.
upvoted 0 times
...
Tiffiny
6 days ago
I agree, it does sound pretty cool. But I think Option B with multi-user authorization is more practical.
upvoted 0 times
...
Raylene
8 days ago
Option A with the security PIN does sound like something out of a spy movie!
upvoted 0 times
...
...
Annice
1 months ago
I'm going with Option D. Assigning the Backup Contributor role through PIM will give the necessary permissions while still maintaining control over who can access the backups. Seems like a good way to follow the security best practices.
upvoted 0 times
Adelle
16 days ago
Definitely, following Microsoft Security Best Practices is crucial in designing a recovery solution for ransomware attacks.
upvoted 0 times
...
Raina
18 days ago
I agree, assigning the Backup Contributor role through PIM is a good way to ensure security while still allowing necessary access.
upvoted 0 times
...
Jamika
20 days ago
Option D sounds like the best choice. It's important to limit access to backups to prevent them from being deleted.
upvoted 0 times
...
...
Cherry
2 months ago
Option B looks like the best choice here. Configuring multi-user authorization with Resource Guard will help prevent a compromised admin account from deleting the backups. Solid security practice!
upvoted 0 times
Jenelle
22 hours ago
Definitely, it's important to follow Microsoft Security Best Practices to ensure the safety of our data.
upvoted 0 times
...
Vilma
15 days ago
I agree, having that extra layer of security is crucial in protecting the backups from ransomware attacks.
upvoted 0 times
...
Van
17 days ago
Option B looks like the best choice here. Configuring multi-user authorization with Resource Guard will help prevent a compromised admin account from deleting the backups. Solid security practice!
upvoted 0 times
...
Crista
1 months ago
I agree, configuring multi-user authorization with Resource Guard is a smart move.
upvoted 0 times
...
Ruthann
1 months ago
Option B is definitely the way to go to protect against ransomware attacks.
upvoted 0 times
...
Francisca
1 months ago
I think option D could also work well to prevent unauthorized deletion of backups.
upvoted 0 times
...
Darci
2 months ago
I agree, option B seems like the most secure choice.
upvoted 0 times
...
...
Merilyn
3 months ago
I'm not sure, but I think option A could also work by generating a security PIN for critical operations in the Recovery Services vault.
upvoted 0 times
...
Mirta
3 months ago
I agree with Tamesha, option D seems like the best choice to prevent a compromised administrator account from deleting the backups.
upvoted 0 times
...
Tamesha
3 months ago
I think we should go with option D, using Azure AD Privileged Identity Management to create a role assignment for the Backup Contributor role.
upvoted 0 times
...

Save Cancel