You have a Microsoft 365 subscription
You need to recommend a security solution to monitor the following activities:
* User accounts that were potentially compromised
* Users performing bulk file downloads from Microsoft SharePoint Online What should you include in the recommendation for each activity? To answer, drag the appropriate components to the correct activities. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each Correct selection is worth one Point.

Correct Answer:

Explanation:

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks
https://docs.microsoft.com/en-us/defender-cloud-apps/policies-threat-protection#detect-mass-download-data-exf
https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-users

Comment: *

Name: *

Email: *

Verification: *

You have a Microsoft 365 E5 subscription and an Azure subscripts You need to evaluate the existing environment to increase the overall security posture for the following components:
* Windows 11 devices managed by Microsoft Intune
* Azure Storage accounts
* Azure virtual machines
What should you use to evaluate the components? To answer, select the appropriate options in the answer area.

Correct Answer:

Explanation
Selection 1: Microsoft 365 Defender (Microsoft Defender for Endpoint is part of it).
Selection 2: Microsoft Defender for Cloud.
Selection 3: Microsoft Defender for Cloud.
https://docs.microsoft.com/en-us/learn/modules/design-strategy-for-secure-paas-iaas-saas-services/8-specify-secu

Comment: *

Name: *

Email: *

Verification: *

Your company is developing a new Azure App Service web app. You are providing design assistance to verify the security of the web app.
You need to recommend a solution to test the web app for vulnerabilities such as insecure server configurations, cross-site scripting (XSS), and SQL injection. What should you include in the recommendation?

• A.interactive application security testing (IAST)
• B.static application security testing (SAST)
• C.runtime application se/f-protection (RASP)
• D.dynamic application security testing (DAST)

Comment: *

Name: *

Email: *

Verification: *

Your company has an Azure App Service plan that is used to deploy containerized web apps. You are designing a secure DevOps strategy for deploying the web apps to the App Service plan. You need to recommend a strategy to integrate code scanning tools into a secure software development lifecycle. The code must be scanned during the following two phases:
Uploading the code to repositories Building containers
Where should you integrate code scanning for each phase? To answer, select the appropriate options in the answer area.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription. The subscription contains 100 virtual machines that run Windows Server. The virtual machines are managed by using Azure Policy and Microsoft Defender for Servers.
You need to enhance security on the virtual machines. The solution must meet the following requirements:
* Ensure that only apps on an allowlist can be run.
* Require administrators to confirm each app added to the allowlist.
* Automatically add unauthorized apps to a blocklist when an attempt is made to launch the app.
* Require administrators to approve an app before the app can be moved from the blocklist to the allowlist.
What should you include in the solution?

• A.adaptive application controls in Defender for Servers
• B.a compute policy in Azure Policy
• C.app governance in Microsoft Defender for Cloud Apps
• D.admin consent settings for enterprise applications in Azure AD

Comment: *

Name: *

Email: *

Verification: *