Microsoft Exam SC-100 Topic 9 Question 32 Discussion

Actual exam question for Microsoft's SC-100 exam

Question #: 32
Topic #: 9

You have an on-premises network and a Microsoft 365 subscription.

You are designing a Zero Trust security strategy.

Which two security controls should you include as part of the Zero Trust solution? Each correct answer part of the solution.

NOTE: Each correct answer is worth one point.

ABlock sign-attempts from unknown location.

BAlways allow connections from the on-premises network.

CDisable passwordless sign-in for sensitive account.

DBlock sign-in attempts from noncompliant devices.

Show Suggested Answer

Suggested Answer: A, D

by Cecil at Dec 09, 2023, 01:42 PM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Brock

4 days ago

Exactly, blocking sign-in attempts from noncompliant devices is key. We also need to secure sensitive accounts by disabling passwordless auth - can't be too careful these days!

upvoted 0 times

...

Goldie

5 days ago

Definitely, options B and C are the wrong approach. We want to verify each access attempt, not assume anything about the user's location or device. D seems like the right way to go.

upvoted 0 times

...

Polly

6 days ago

Haha, yeah no more 'password is Password123!' for the CEO's account. Gotta step up the security game.

upvoted 0 times

...

This question is really testing our understanding of the core principles of Zero Trust. We need to think about verifying identity, device health, and access policies - not just relying on location or network.

upvoted 0 times

...

Microsoft Exam SC-100 Topic 9 Question 32 Discussion

Contribute your Thoughts:

Brock

Goldie

Polly

Garry