Absolute Free SC-100 Exam Practice for Comprehensive Preparation 

You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256

keys. The solution must support rotating the encryption keys monthly.

Solution: For Azure SQL databases, you recommend Transparent Data Encryption (TDE) that uses customer-managed keys (CMKs).

Does this meet the goal? 

databases. All resources are backed up multiple times a day by using Azure Backup. You are

developing a strategy to protect against ransomware attacks.

You need to recommend which controls must be enabled to ensure that Azure Backup can be used to

restore the resources in the event of a successful ransomware attack.

Which two controls should you include in the recommendation? Each correct answer presents a

complete solution. NOTE: Each correct selection is worth one point. 

You need to recommend a solution to encrypt the content of the accounts by using service-side

encryption and customer-managed keys. The solution must ensure that individual encryption keys

are applied at the most granular level.

At which level should you recommend the encryption be applied? 

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report as shown in the following exhibit.

You need to verify whether Microsoft Defender for servers is installed on all the virtual machines that run Windows. Which compliance control should you evaluate? 

You need to recommend a solution for securing the landing zones. The solution must meet the landing zone requirements and the business requirements. What should you configure for each landing zone?