SC 100 Exam Questions with Correct Answers Latest Update

SC 100 Exam Questions with Correct Answers Latest Update 2025-2026

Your company has a Microsoft 365 ES subscription.

The Chief Compliance Officer plans to enhance privacy management in the working
environment.

You need to recommend a solution to enhance the privacy management. The solution must
meet the following requirements:

✑ Identify unused personal data and empower users to make smart data handling decisions.

✑ Provide users with notifications and guidance when a user sends personal data in Microsoft
Teams.

✑ Provide users with recommendations to mitigate privacy risks.

What should you include in the recommendation?



A. communication compliance in insider risk management

B. Microsoft Viva Insights

C. Privacy Risk Management in Microsoft Priva

D. Advanced eDiscovery - Answers C

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

Suspicious authentication activity alerts have been appearing in the Workload protections
dashboard.

You need to recommend a solution to evaluate and remediate the alerts by using workflow
automation. The solution must minimize development

effort.

What should you include in the recommendation?

A. Azure Monitor webhooks

B. Azure Event Hubs

C. Azure Functions apps

D. Azure Logics Apps - Answers D

,Your company is moving a big data solution to Azure.

The company plans to use the following storage workloads:

✑ Azure Storage blob containers

✑ Azure Data Lake Storage Gen2

Azure Storage file shares -

✑ Azure Disk Storage

Which two storage workloads support authentication by using Azure Active Directory (Azure AD)?
Each correct answer presents a complete

solution.

NOTE: Each correct selection is worth one point.



A. Azure Storage file shares

B. Azure Disk Storage

C. Azure Storage blob containers

D. Azure Data Lake Storage Gen2 - Answers CD

Your company is migrating data to Azure. The data contains Personally Identifiable Information
(PII).

The company plans to use Microsoft Information Protection for the PII data store in Azure.

You need to recommend a solution to discover PII data at risk in the Azure resources.

What should you include in the recommendation? To answer, select the appropriate options in
the answer area.

NOTE: Each correct selection is worth one point. - Answers Microsoft Information Protection
Azure Purview, PII data Microsoft Defender for Cloud

You have a Microsoft 365 E5 subscription and an Azure subscription.

You are designing a Microsoft deployment.

You need to recommend a solution for the security operations team. The solution must include
custom views and a dashboard for analyzing

,security events.

What should you recommend using in Microsoft Sentinel?

A. notebooks

B. playbooks

C. workbooks

D. threat intelligence - Answers C

Your company has a Microsoft 365 subscription and uses Microsoft Defender for Identity.

You are informed about incidents that relate to compromised identities.

You need to recommend a solution to expose several accounts for attackers to exploit. When
the attackers attempt to exploit the accounts, an

alert must be triggered.

Which Defender for Identity feature should you include in the recommendation?

A. sensitivity labels

B. custom user tags

C. standalone sensors

D. honeytoken entity tags - Answers D

Your company is moving all on-premises workloads to Azure and Microsoft 365.

You need to design a security orchestration, automation, and response (SOAR) strategy in
Microsoft Sentinel that meets the following

requirements:

✑ Minimizes manual intervention by security operation analysts

✑ Supports triaging alerts within Microsoft Teams channels

What should you include in the strategy?

A. KQL

B. playbooks

C. data connectors

, D. workbooks - Answers B

You have an Azure subscription that contains virtual machines, storage accounts, and Azure
SQL databases.

All resources are backed up multiple times a day by using Azure Backup.

You are developing a strategy to protect against ransomware attacks.

You need to recommend which controls must be enabled to ensure that Azure Backup can be
used to restore the resources in the event of a

successful ransomware attack.

Which two controls should you include in the recommendation? Each correct answer presents a
complete solution.

NOTE: Each correct selection is worth one point.

A. Enable soft delete for backups.

B. Require PINs for critical operations.

C. Encrypt backups by using customer-managed keys (CMKs).

D. Perform offline backups to Azure Data Box.

E. Use Azure Monitor notifications when backup configurations change - Answers BE

You are creating the security recommendations for an Azure App Service web app named App1.
App1 has the following specifications:

✑ Users will request access to App1 through the My Apps portal. A human resources manager
will approve the requests.

✑ Users will authenticate by using Azure Active Directory (Azure AD) user accounts.

You need to recommend an access security architecture for App1.

What should you include in the recommendation? To answer, select the appropriate options in
the answer area.

NOTE: Each correct selection is worth one point - Answers a managed identity in azure ad

an access review in identity governance.

Your company uses Microsoft Defender for Cloud and Microsoft Sentinel.

The company is designing an application that will have the architecture shown in the following