Home Guides Blogs Your Exams Certifications

    Exam: SC-900: Microsoft Certified: Security, Compliance, and Identity Fundamentals

    Total Questions: 209
    Page of

    In the shared responsibility model for an Azure deployment, what is Microsoft solely responsible for managing?
    A.the management of mobile devices
    B.the permissions for the user data stored in Azure
    C.the creation and management of user account
    D.the management of the physical hardware
    Answer: D ✅ Explanation Microsoft’s responsibilities: Physical datacenter security Physical servers and networking equipment Power, cooling, and building infrastructure Customer responsibilities: Data classification and accountability User identity and access management (permissions for user data)

    HOTSPOT -

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    Hot Area:
    Question image
    Answer:
    Answer image

    Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365? Each correct answer presents a complete solution.
    NOTE: Each correct selection is worth one point.
    A.Display policy tips to users who are about to violate your organization's policies.
    B.Enable disk encryption on endpoints.
    C.Protect documents in Microsoft OneDrive that contain sensitive information.
    D.Apply security baselines to devices.
    Answer: AC ✅ Explanation ✅ A. Display policy tips to users who are about to violate your organization's policies. ✔ Correct. DLP can warn users in real time by showing policy tips in Outlook, Word, Excel, PowerPoint, SharePoint Online, and OneDrive for Business when their actions might violate a policy. ✅ C. Protect documents in Microsoft OneDrive that contain sensitive information. ✔ Correct. DLP policies can detect sensitive info (like credit card numbers, health records, etc.) stored in OneDrive and automatically take actions such as blocking access or alerting admins.

    HOTSPOT -

    Select the answer that correctly completes the sentence.

    Hot Area:
    Question image
    Answer:
    Answer image

    HOTSPOT -

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    Hot Area:
    Question image
    Answer:
    Answer image

    Which Microsoft 365 compliance feature can you use to encrypt content automatically based on specific conditions?
    A.Content Search
    B.sensitivity labels
    C.retention policies
    D.eDiscovery
    Answer: B ✅ Explanation The Microsoft 365 compliance feature that can automatically encrypt content based on specific conditions (like detecting sensitive information types) is: ✅ B. sensitivity labels Sensitivity labels can be configured to automatically apply encryption (such as Azure Information Protection) when content matches certain conditions (e.g., credit card numbers, classified data).

    HOTSPOT -
    For each of the following statements, select Yes if the statement is true. Otherwise, select No.
    NOTE: Each correct selection is worth one point.
    Hot Area:
    Question image
    Answer:
    Answer image

    HOTSPOT -

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    Hot Area:
    Question image
    Answer:
    Answer image

    HOTSPOT -

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    Hot Area:
    Question image
    Answer:
    Answer image

    Which two cards are available in the Microsoft 365 Defender portal? Each correct answer presents a complete solution.
    NOTE: Each correct selection is worth one point.
    A.Devices at risk
    B.Compliance Score
    C.Service Health
    D.User Management
    E.Users at risk
    Answer: AE ✅ Explanation -The cards you see in the Microsoft 365 Defender portal include things like: -Devices at risk (for endpoints) -Users at risk (for identities) ✅ A. Devices at risk ✔ Correct. This card shows endpoint devices with active alerts or vulnerabilities. ✅ E. Users at risk ✔ Correct. This card displays users with compromised accounts or suspicious activity.
    Back View All Questions