Question 1

Which Azure service can you use as a security information and event management (SIEM) solution?

Options :

A : Azure Analysis Services

B : Azure Cognitive Services

C : Azure Sentinel

D : Azure information Protection

Answer: C

Question 2

Which of the following scenarios would Azure Policy be a recommended method for enforcement?

Options :

A : Allow only one specific roles of users to have access to a resource group

B : Require a virtual machine to always update to the latest security patches

C : Prevent certain Azure Virtual Machine instance types from being used in a resource group

D : Add an additional prompt when creating a resource without a specific tag to ask the user if they are really sure they want to continue?

Answer: C

Question 3

Which two types of customers are eligible to use Azure Government to develop a cloud solution? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options :

A : a Canadian government contractor

B : a European government contractor

C : a United States government entity

D : a United States government contractor

E : a European government entity

Answer: C,D

Question 4

You have an Azure subscription and 100 Windows 10 devices. You need to ensure that only users whose devices have the latest security patches installed can access Azure AD-integrated applications. What should you implement?

Options :

A : Azure Bastion

B : a conditional access policy

C : Azure Policy

D : Azure Firewall

Answer: B

Question 5

Which of the following elements is considered part of the < b >perimeter< /b > layer of security?

Options :

A : Keep operating systems up to date with patches

B : Use a firewall

C : Separate servers into distinct subnets by role

D : Locks on the data center doors

Answer: B