一年間無料で問題集をアップデートするサービスを提供します。

弊社の商品をご購入になったことがあるお客様に一年間の無料更新サービスを提供いたします。弊社は毎日問題集が更新されたかどうかを確認しますから、もし更新されたら、弊社は直ちに最新版のSC-500問題集をお客様のメールアドレスに送信いたします。ですから、試験に関連する情報が変わったら、あなたがすぐに知ることができます。弊社はお客様がいつでも最新版のMicrosoft SC-500学習教材を持っていることを保証します。

弊社のSC-500問題集のメリット

Fast2testの人気Microsoft認定試験問題集は的中率が高くて、１００％試験に合格できるように作成されたものです。Fast2testの問題集は弊社Microsoft専門家が長年の経験を活かして最新のシラバスに従って研究し出した学習教材です。

Fast2testは効率が良い受験法を教えてさしあげます。弊社のSC-500問題集は精確に実際試験の範囲を絞ります。弊社のSC-500問題集を利用すると、試験の準備をするときに時間をたくさん節約することができます。弊社の問題集によって、あなたは試験に関連する専門知識をよく習得し、自分の能力を高めることができます。それだけでなく、弊社のSC-500問題集はあなたがSC-500認定試験に一発合格できることを保証いたします。

行き届いたサービス、お客様の立場からの思いやり、高品質の学習教材を提供するのは弊社の目標です。 お客様がご購入の前に、無料で弊社のSC-500試験「Implementing End-to-End Security Controls for Cloud and AI Workloads」のサンプルをダウンロードして試用することができます。PDF版とソフト版の両方がありますから、あなたに最大の便利を捧げます。それに、SC-500試験問題は最新の試験情報に基づいて定期的にアップデートされています。

デモをダウンロードする

弊社は無料でMicrosoft Certified: Information Security Administrator Associate試験のDEMOを提供します。

Fast2testの試験問題集はPDF版とソフト版があります。PDF版のSC-500問題集は印刷されることができ、ソフト版のSC-500問題集はどのパソコンでも使われることもできます。両方の問題集のデモを無料で提供し、ご購入の前に問題集をよく理解することができます。

弊社のMicrosoft Certified: Information Security Administrator Associate問題集を利用すれば必ず試験に合格できます。

Fast2testのMicrosoft SC-500問題集はMicrosoft認定試験に関連する豊富な経験を持っている弊社の専門家によって研究された最新バージョンの試験参考書です。Microsoft SC-500問題集は最新のMicrosoft SC-500試験内容を含んでいてヒット率がとても高いです。Fast2testのMicrosoft SC-500問題集を真剣に勉強する限り、簡単に試験に合格することができます。弊社の問題集は１００％の合格率を持っています。これは数え切れない受験者の皆さんに証明されたことです。１００％一発合格！失敗一回なら、全額返金を約束します！

Microsoft Implementing End-to-End Security Controls for Cloud and AI Workloads 認定 SC-500 試験問題:

1. Case Study 2 - Fabrikam, Inc.
Overview
Fabrikam, Inc. is a consulting company. The company has a main office in New York City and branch offices in Amsterdam and Singapore.
Existing Environment. Network environment
The on-premises network contains a datacenter in each office.
Existing Environment. Cloud environment
Fabrikam has two Azure subscriptions named Sub1 and Sub2 and a Microsoft 365 subscription that includes Microsoft 365 E5 licenses.
All the subscriptions are linked to a Microsoft Entra tenant named fabrikam.com that contains the identities shown in the following table.

The tenant contains the groups shown in the following table.

All devices are enrolled in Microsoft Intune.
Existing Environment. Sub1 Resources
Sub1 contains a resource group named RG1 that contains the resources shown in the following table.

SQLServer1 uses Microsoft SQL Server authentication.
Sub1 has an Azure Web Application Firewall (WAF) named WAF1 that has the following types of rule sets:
- Bot Manager 1.1
- Azure-managed Default Rule Set (DRS)
Sub1 has the following compliance standards assigned in Microsoft Defender for Cloud:
- NIST SP 800-53 Rev. 4
- Microsoft cloud security benchmark (MCSB)
- System and Organization Controls (SOC) 2 Type 2
Existing Environment. Sub2 Resources
Sub2 contains a resource group named RG2.
Planned Changes and Requirements. Planned Changes
Fabrikam plans to implement the following changes:
- Deploy the following key vaults to RG1:
* AKV2 in the West Europe Azure region
* AKV3 in the Central US Azure region
* AKV4 in the East US Azure region
- Deploy the following key vaults to RG2:
* AKV5 in the East US region
- Configure VM1 to read data from storage1.
- Create function apps that have the following hosting plans:
* Fa1: Flex Consumption hosting plan
* Fa2: Consumption hosting plan
* Fa3: Dedicated hosting plan
- For WAF1, implement rate limiting rules based on the request
location.
- Enable the NIST SP 800-53 Rev. 5 compliance standard in Defender for
Cloud.
- Create a new storage account named storage2 that supports Azure Table storage.
- Enforce multifactor authentication (MFA) when database administrators access SQLdb1.
- Implement ExpressRoute circuits to the on-premises network as shown
in the following table.

- For RG1, create a new Privileged Identity Management (PIM) eligible role assignment that assigns the Contributor role to supported groups.
Planned Changes and Requirements. Technical Requirements
Fabrikam has the following technical requirements:
- If VM1 is deleted, the permissions for VM1 must be removed
automatically.
- The AKS1 managed identity must only be able to pull images from
Registry1.
- The ID1 managed identity must be able to push images to and pull
images from Registry1.
- All the data in the storage accounts must be encrypted by using
Fabrikam-managed keys.
- All outbound traffic from the function apps to the on-premises
network must use ExpressRoute circuits.
- ExpressRoute connectivity between the on-premises network and the
Azure environment must be encrypted by using Layer 2 or Layer 3
encryption.
You need to implement the planned change for storage2. The solution must meet the technical requirements for storage encryption. What should you do?

A) Configure storage2 to use an account encryption key.
B) Assign an Azure role-based access control (Azure RBAC) role to storage2.
C) Enable purge protection for storage2.
D) Create an encryption scope in storage2.

2. You use Azure Virtual Network Manager to manage multiple virtual networks in a network group named Group1.
You discover that the virtual machines in Group1 are accessible from the internet by using TCP port 3389.
You need to block inbound TCP 3389 from the internet across all the virtual networks in Group1.
The solution must minimize administrative effort.
What should you use?

A) a user-defined route (UDR)
B) a network security group (NSG)
C) a security admin configuration
D) a connectivity configuration

3. Hotspot Question
You have a Microsoft Sentinel workspace named Workspace1.
You hire a security consultant. You provide the consultant with a guest account named User1 in your Microsoft Entra tenant.
You need to enable User1 to assign incidents in Workspace1.
Which roles should you assign to User1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

4. Drag and Drop Question
You have a Microsoft 365 subscription. All users have Microsoft Exchange Online mailboxes.
You use Microsoft Entra Agent ID to register and manage AI agents.
The developers at your company create the following two agents:
- Agent1: An interactive agent that helps users summarize their own
Exchange Online email
- Agent2: An autonomous agent that sends nightly updates to a Microsoft Teams channel You need to grant each agent access to Microsoft Graph. The solution must minimize the access scope, while meeting each agent's operating model.
Which type of permission should you assign to each agent? To answer, drag the appropriate permission types to the correct agents. Each permission type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

5. You have a Microsoft Sentinel workspace named Workspace1.
You have 100 on-premises servers that run Linux and have the Azure Monitor Agent installed.
You need to collect Syslog events from the Linux servers. The solution must meet the following requirements:
- Ensure that filtering occurs before data is written to Workspace1.
- Reduce ingestion costs by excluding low-value Syslog messages.
What should you include in the solution?

A) an Advanced Security Information Model (ASIM) parser
B) a data collection rule (DCR)
C) an analytics rule
D) a table-level filter and split transformation

質問と回答：