ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 5 question 10 discussion

Actual exam question from Microsoft's SC-100
Question #: 10
Topic #: 5
[All SC-100 Questions]

You have a Microsoft 365 subscription.

You are designing a user access solution that follows the Zero Trust principles of the Microsoft Cybersecurity Reference Architectures (MCRA).

You need to recommend a solution that automatically restricts access to Microsoft Exchange Online, SharePoint Online, and Teams in near-real-time (NRT) in response to the following Azure AD events:

• A user account is disabled or deleted.
• The password of a user is changed or reset.
• All the refresh tokens for a user are revoked.
• Multi-factor authentication (MFA) is enabled for a user.

Which two features should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  • A. continuous access evaluation
  • B. Azure AD Application Proxy
  • C. a sign-in risk policy
  • D. Azure AD Privileged Identity Management (PIM)
  • E. Conditional Access
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by OK2020 at April 8, 2023, 12:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zellck
Highly Voted 1 year ago
Selected Answer: AE
AE is the answer. https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation Timely response to policy violations or security issues really requires a "conversation" between the token issuer (Azure AD), and the relying party (enlightened app). This two-way conversation gives us two important capabilities. The relying party can see when properties change, like network location, and tell the token issuer. It also gives the token issuer a way to tell the relying party to stop respecting tokens for a given user because of account compromise, disablement, or other concerns. The mechanism for this conversation is continuous access evaluation (CAE). The goal for critical event evaluation is for response to be near real time, but latency of up to 15 minutes may be observed because of event propagation time; however, IP locations policy enforcement is instant.
upvoted 10 times
zellck
1 year ago
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation#scenarios There are two scenarios that make up continuous access evaluation, critical event evaluation and Conditional Access policy evaluation. https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation#critical-event-evaluation Continuous access evaluation is implemented by enabling services, like Exchange Online, SharePoint Online, and Teams, to subscribe to critical Azure AD events. Those events can then be evaluated and enforced near real time. Critical event evaluation doesn't rely on Conditional Access policies so it's available in any tenant. The following events are currently evaluated: - User Account is deleted or disabled - Password for a user is changed or reset - Multifactor Authentication is enabled for the user - Administrator explicitly revokes all refresh tokens for a user - High user risk detected by Azure AD Identity Protection
upvoted 4 times
...
...
MaciekMT
Highly Voted 1 year, 1 month ago
Selected Answer: AE
according to ChatGPT: To automatically restrict access to Microsoft Exchange Online, SharePoint Online, and Teams in near-real-time (NRT) in response to the specified Azure AD events, you should recommend the following two features: A. Continuous Access Evaluation: It provides real-time access decisions based on the user's current risk and compliance status. It ensures that only authorized and compliant devices can access the resources. E. Conditional Access: It allows you to define access policies based on conditions such as user, device, location, and risk level. With Conditional Access, you can enforce multi-factor authentication, block access, or limit access to specific applications or resources based on the user's risk level and compliance status.
upvoted 6 times
...
sherifhamed
Most Recent 8 months, 2 weeks ago
Selected Answer: AE
A. Continuous Access Evaluation (CAE) E. Conditional Access
upvoted 3 times
...
mohsan001
1 year, 1 month ago
CHTGPT4 A and E should be included in the recommendation. Option C (a sign-in risk policy) and Option D (Azure AD Privileged Identity Management (PIM)) are also important security features, but they are not directly related to the NRT access restriction of Exchange Online, SharePoint Online, and Teams in response to Azure AD events. Azure AD Application Proxy (Option B) is not necessary for the functionality described in the scenario.
upvoted 1 times
...
omarmkhan22
1 year, 1 month ago
Selected Answer: AD
I don't see what conditional access has to do with this.
upvoted 2 times
zellck
1 year ago
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation#conditional-access-policy-evaluation Exchange Online, SharePoint Online, Teams, and MS Graph can synchronize key Conditional Access policies for evaluation within the service itself. This process enables the scenario where users lose access to organizational files, email, calendar, or tasks from Microsoft 365 client apps or SharePoint Online immediately after network location changes.
upvoted 1 times
...
...
OK2020
1 year, 1 month ago
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel