Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

Your company has the virtual machine infrastructure shown in the following table.

The company plans to use Microsoft Azure Backup Server (MABS) to back up the virtual machines to Azure.

You need to provide recommendations to increase the resiliency of the backup strategy to mitigate attacks such as ransomware.

What should you include in the recommendation?

A.

Use geo-redundant storage (GRS).

B.

Use customer-managed keys (CMKs) for encryption.

C.

Require PINs to disable backups.

D.

Implement Azure Site Recovery replication.

Your company has a Microsoft 365 E5 subscription.

The company wants to identify and classify data in Microsoft Teams, SharePoint Online, and Exchange Online.

You need to recommend a solution to identify documents that contain sensitive information.

What should you include in the recommendation?

A.

data classification content explorer

B.

data loss prevention (DLP)

C.

eDiscovery

D.

Information Governance

Your company plans to provision blob storage by using an Azure Storage account The blob storage will be accessible from 20 application sewers on the internet. You need to recommend a solution to ensure that only the application servers can access the storage account. What should you recommend using to secure the blob storage?

A.

service tags in network security groups (NSGs)

B.

managed rule sets in Azure Web Application Firewall (WAF) policies

C.

inbound rules in network security groups (NSGs)

D.

firewall rules for the storage account

E.

inbound rules in Azure Firewall

Your company has a Microsoft 365 E5 subscription.

The Chief Compliance Officer plans to enhance privacy management in the working environment. You need to recommend a solution to enhance the privacy management. The solution must meet the following requirements:

• Identify unused personal data and empower users to make smart data handling decisions.

• Provide users with notifications and guidance when a user sends personal data in Microsoft Teams.

• Provide users with recommendations to mitigate privacy risks.

What should you include in the recommendation?

A.

Microsoft Viva Insights

B.

Advanced eDiscovery

C.

Privacy Risk Management in Microsoft Priva

D.

communication compliance in insider risk management

You are planning the security levels for a security access strategy.

You need to identify which job roles to configure at which security levels. The solution must meet security best practices of the Microsoft Cybersecurity Reference Architectures (MCRA).

Which security level should you configure for each job role? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription and an Azure subscription. You are designing a Microsoft Sentinel deployment.

You need to recommend a solution for the security operations team. The solution must include custom views and a dashboard for analyzing security events. What should you recommend using in Microsoft Sentinel?

A.

playbooks

B.

workbooks

C.

notebooks

D.

threat intelligence

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance.

You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance.

Solution: You recommend configuring gateway-required virtual network integration.

Does this meet the goal?

A.

Yes

B.

No

You have a Microsoft 365 tenant. Your company uses a third-party software as a service (SaaS) app named App1. App1 supports authenticating users by using Azure AO credentials. You need to recommend a solution to enable users to authenticate to App1 by using their Azure AD credentials. What should you include in the recommendation?

A.

an Azure AD enterprise application

B.

a retying party trust in Active Directory Federation Services (AD FS)

C.

Azure AD Application Proxy

D.

Azure AD B2C

Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework for Azure to integrate DevSecOps processes into continuous integration and continuous deployment (Cl/CD) DevOps pipelines

You need to recommend which security-related tasks to integrate into each stage of the DevOps pipelines.

What should recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You are designing security for an Azure landing zone. Your company identifies the following compliance and privacy requirements:

• Encrypt cardholder data by using encryption keys managed by the company.

• Encrypt insurance claim files by using encryption keys hosted on-premises.

Which two configurations meet the compliance and privacy requirements? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A.

Store the insurance claim data in Azure Blob storage encrypted by using customer-provided keys.

B.

Store the cardholder data in an Azure SQL database that is encrypted by using keys stored in Azure Key Vault Managed HSM

C.

Store the insurance claim data in Azure Files encrypted by using Azure Key Vault Managed HSM.

D.

Store the cardholder data in an Azure SQL database that is encrypted by using Microsoft-managed Keys.