U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft SC-200 Exam - Topic 5 Question 45 Discussion

Your company has an on-premises network that uses Microsoft Defender for Identity.The Microsoft Secure Score for the company includes a security assessment associated with unsecure Kerberos delegation.You need remediate the security risk.What should you do?
D) Enforce LDAP signing on the computers listed as exposed entities.
A) Install the Local Administrator Password Solution (LAPS) extension on the computers listed as exposed entities.
B) Modify the properties of the computer objects listed as exposed entities.
C) Disable legacy protocols on the computers listed as exposed entities.

Microsoft SC-200 Exam - Topic 5 Question 45 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 45
Topic #: 5
[All SC-200 Questions]

Your company has an on-premises network that uses Microsoft Defender for Identity.

The Microsoft Secure Score for the company includes a security assessment associated with unsecure Kerberos delegation.

You need remediate the security risk.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

0/2000 characters
Makeda
8 months ago
I doubt enforcing LDAP signing will fix the Kerberos issue.
upvoted 0 times
...
Ma
8 months ago
Modifying properties could help too, but not sure it's enough.
upvoted 0 times
...
Elbert
8 months ago
Wait, isn't LAPS more about local admin passwords?
upvoted 0 times
...
Lino
8 months ago
Totally agree, option C seems like the best choice here!
upvoted 0 times
...
Mee
8 months ago
I think disabling legacy protocols is a solid move.
upvoted 0 times
...
Tonette
9 months ago
Enforcing LDAP signing sounds familiar; I feel like it might strengthen authentication, but I can't recall if it specifically fixes the delegation issue.
upvoted 0 times
...
Britt
9 months ago
I practiced a question about disabling legacy protocols before, and it seems like that could help with security, but I’m not certain if it’s the right choice here.
upvoted 0 times
...
Selma
9 months ago
I think modifying the properties of the computer objects could be related to securing delegation, but I need to double-check what that entails.
upvoted 0 times
...
Tiffiny
9 months ago
I remember something about Kerberos delegation being a security risk, but I'm not sure which option directly addresses that.
upvoted 0 times
...
Delsie
9 months ago
I think the answer is C. MAC Authentication Bypass seems like the right mechanism to use when the endpoint doesn't support 802.1X.
upvoted 0 times
...
Jamal
9 months ago
This seems like a straightforward question. The key requirements are centralized file-sharing and print services, plus 15TB of storage. I think the NAS solution would be the best fit here.
upvoted 0 times
...
Blondell
9 months ago
I remember practicing a question similar to this—it seems like an adverse material price variance should definitely be recorded for period 1 since the actual price was higher than the standard.
upvoted 0 times
...

Save Cancel