Microsoft Certification Microsoft Security Fundamentals (SC-900)

Question 1

What is the Zero Trust security model based on?

Accepted Answer

Never trust, always verify — assuming breach and verifying every request explicitly

Answer

Zero Trust assumes no user or device is trusted by default, requiring continuous verification of identity and device health before granting access.

Question 2

What does Multi-Factor Authentication (MFA) add to the sign-in process?

Accepted Answer

A second verification method beyond just a password, such as a phone app or SMS code

Answer

MFA requires users to prove their identity with at least two factors — something they know (password) plus something they have (phone) or are (biometric).

Question 3

Which Microsoft service provides identity protection by detecting risky sign-ins and compromised accounts?

Accepted Answer

Microsoft Entra ID Protection

Answer

Microsoft Entra ID Protection uses machine learning to detect suspicious sign-in behaviors and user risk conditions, enabling automated remediation policies.

Question 4

What is Conditional Access in Microsoft Entra ID?

Accepted Answer

Policies that grant or block access based on conditions like user location, device state, and app being accessed

Answer

Conditional Access policies evaluate signals like user identity, device compliance, location, and application to make access decisions in real time.

Question 5

What is the principle of 'Least Privilege' in security?

Accepted Answer

Granting users only the minimum permissions necessary to perform their job functions

Answer

Least Privilege limits user access rights to only what is strictly required for their role, reducing the attack surface if credentials are compromised.

Microsoft Certification Practice Test

Microsoft Certification Practice Test

Microsoft Certification Microsoft Security Fundamentals (SC-900)