ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 3 question 57 discussion

Actual exam question from Microsoft's SC-100
Question #: 57
Topic #: 3
[All SC-100 Questions]

You have a Microsoft Entra tenant named contoso.com and use Microsoft Intune. Each user in contoso.com has a Microsoft Entra ID P1 license and a Windows 11 device that has the Global Secure Access client deployed.

You plan to deploy the following configuration of Microsoft Entra Internet Access:

• Enable a baseline profile.
• Create a security profile named Profile1 that has a priority of 300 and contains a single web content filtering policy named
WCFPolicy1. Configure WCFPolicy1 as follows:
o Set Action to allow.
o Include a single rule that has a fully qualified domain name (FQDN) destination of *.adatum.com.
• Link Profile1 to a Conditional Access policy named CAPolicy1, apply CAPolicy1 to all users, and grant access unless a user's device is noncompliant.

You need to evaluate the impact of the planned deployment on traffic to the following resources:

• https://www.adatum.com:8433
• https://www.fabrikam.com

Which two traffic scenarios will occur? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

  • A. Traffic to https://www.fabrikam.com will be allowed from all the devices.
  • B. Traffic to https://www.adatum.com:8433 will be blocked from all the devices.
  • C. Traffic to https://www.adatum.com:8433 will be allowed from all the devices.
  • D. Traffic to https://www.fabrikam.com will be allowed from compliant devices only.
  • E. Traffic to https://www.adatum.com:8433 will be allowed from compliant devices only.
  • F. Traffic to https://www.fabrikam.com will be blocked from noncompliant devices only.
Show Suggested Answer Hide Answer
Suggested Answer: DE 🗳️
by AlbertE1nstein at Jan. 30, 2025, 1:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Luweho
1 month ago
Selected Answer: AE
"Link Profile1 to a Conditional Access policy named CAPolicy1" probably means "configure as a target resource in the CA policy". If so, the policy would not apply to resources that are not a part of the policy. Thus everyone could access fabrikam.com -> A (not D, F). About adatum.com, it seems that wildcards include all ports by default, so *.adatum.com would cover https://www.adatum.com:8433. If the users would be licensed correctly (with Entra ID P2), it would clearly be E - the URL matches the GSA policy, thus the CA policy is applied. Now, the users have only P1 license are not eligible for GSA. But per my understanding, this is irrelevant from a technical perspective. The users are not even licensed for Conditional Access (that requires P2, too). But CA policies still apply. If you assign a CA policy to a user not licensed for CA, then you are violating your license contract, but the CA policy is still applied. Thus it should be E (not B, C) here.
upvoted 1 times
...
Er_01
6 months, 2 weeks ago
Selected Answer: BD
B because P1 license does not have GSA functionality. D because fabrikam is not listed in policy so only compliant is allowed as non-c are blocked. Need Entra ID Suite license not P1.
upvoted 3 times
Er_01
6 months, 1 week ago
Further research has the P1 is needed for Microsoft services. So is web content filtering a MS service like sharepoint or exchange or not.
upvoted 1 times
...
...
Mick2024
6 months, 2 weeks ago
Selected Answer: DE
These were the options I was leaning towards. Can some explain why B?
upvoted 4 times
brobers1180
6 months, 2 weeks ago
Because 8433 is a non-standard port, blocked by default, and there's no rule to allow it.
upvoted 4 times
Er_01
6 months, 1 week ago
That is a good call. That is a pretty clear reason to block vs the ambiguous licensing angle.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel