ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 24 discussion

Actual exam question from Microsoft's SC-100
Question #: 24
Topic #: 4
[All SC-100 Questions]

Your company is developing an invoicing application that will use Azure AD B2C. The application will be deployed as an App Service web app.

You need to recommend a solution to the application development team to secure the application from identity-related attacks.

Which two configurations should you recommend? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  • A. Azure AD Conditional Access integration with user flows and custom policies
  • B. smart account lockout in Azure AD B2C
  • C. access packages in Identity Governance
  • D. custom resource owner password credentials (ROPC) flows in Azure AD B2C
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by awssecuritynewbie at Feb. 19, 2023, 12:49 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zellck
5 months, 2 weeks ago
Same as Question 10. https://www.examtopics.com/discussions/microsoft/view/79376-exam-sc-100-topic-4-question-10-discussion
upvoted 3 times
...
zellck
5 months, 2 weeks ago
Selected Answer: AB
AB is the answer. https://learn.microsoft.com/en-us/azure/active-directory-b2c/conditional-access-user-flow?pivots=b2c-user-flow Conditional Access can be added to your Azure Active Directory B2C (Azure AD B2C) user flows or custom policies to manage risky sign-ins to your applications. Azure Active Directory (Azure AD) Conditional Access is the tool used by Azure AD B2C to bring signals together, make decisions, and enforce organizational policies.
upvoted 2 times
zellck
5 months, 2 weeks ago
https://learn.microsoft.com/en-us/azure/active-directory-b2c/threat-management#how-smart-lockout-works Azure AD B2C uses a sophisticated strategy to lock accounts. The accounts are locked based on the IP of the request and the passwords entered. The duration of the lockout also increases based on the likelihood that it's an attack. After a password is tried 10 times unsuccessfully (the default attempt threshold), a one-minute lockout occurs. The next time a login is unsuccessful after the account is unlocked (that is, after the account has been automatically unlocked by the service once the lockout period expires), another one-minute lockout occurs and continues for each unsuccessful login. Entering the same, or similar password repeatedly doesn't count as multiple unsuccessful logins.
upvoted 2 times
...
...
Gurulee
7 months, 3 weeks ago
Selected Answer: AB
Smart lockout is supported by user flows, custom policies, and ROPC flows. It’s activated by default so you don’t need to configure it in your user flows or custom policies.
upvoted 2 times
...
awssecuritynewbie
8 months, 2 weeks ago
Selected Answer: AB
Correct answer
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago