Your company has a Microsoft 365 E5 subscription.Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating.The company identifies protected health information (PHI) within stored documents and communications.What should you recommend using to prevent the PHI from being shared outside the company?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure subscription that has Microsoft Defender for Cloud enabled.You

Your company has an on-premises network and an Azure subscription. The company does NOT have a Site-to-Site VPN or an ExpressRoute connection to Azure. You are designing the security standards for Azure App Service web apps. The web apps will access Microsoft SQL Server databases on the network. You need to recommend security standards that will allow the web apps to access the databases. The solution must minimize the number of open internet- accessible endpoints to the on-premises network. What should you

You have an on-premises network and a Microsoft 365 subscription. You are designing a Zero Trust security strategy. Which two security controls should you include as part of the Zero Trust solution? Each correct answer part of the solution. NOTE: Each correct answer is worth one point.

You have an Azure AD tenant that contains 10 Windows 11 devices and two groups named Group1 and Group2. The Windows 11 devices are joined to the Azure AD tenant and are managed by using Microsoft Intune. You are designing a privileged access strategy based on the rapid modernization plan (RaMP). The strategy will include the following configurations: * Each user in Group1 will be assigned a Windows 11 device that will be configured as a privileged access device. * The Security Administrator role will be

You have an on-premises server that runs Windows Server and contains a Microsoft SQL Server database named DB1. You plan to migrate DB1 to Azure. You need to recommend an encrypted Azure database solution that meets the following requirements: * Minimizes the risks of malware that uses elevated privileges to access sensitive data * Prevents database administrators from accessing sensitive data * Enables pattern matching for server-side database operations * Supports Microsoft Azure Attestation * Uses

You are designing a ransomware response plan that follows Microsoft Security Best Practices.You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.What should you include in the recommendation?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your on-premises network contains an e-commerce web app that was developed in An

You have Windows 11 devices and Microsoft 365 E5 licenses.You need to recommend a solution to prevent users from accessing websites that contain adult content such as gambling sites.What should you include in the recommendation?

You have a Microsoft 365 subscription. You need to design a solution to block file downloads from Microsoft SharePoint Online by authenticated users on unmanaged devices. Which two services should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure AD tenant that syncs with an Active Directory Domain Services (AD DS) domain.You have an on-premises datacenter that contains 100 servers. The servers run Windows Server and are backed up by using Microsoft Azure Backup Server (MABS).You are designing a recovery solution for ransomware attacks. The solution follows Microsoft Security Best Practices.You need to ensure that a compromised administrator account cannot be used to delete the backups.What should you do?

You need to design a strategy for securing the SharePoint Online and Exchange Online data. The solution must meet the application security requirements.Which two services should you leverage in the strategy? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription and an Azure subscripts You need to evaluate the existing environment to increase the overall security posture for the following components: ? Windows 11 devices managed by Microsoft Intune ? Azure Storage accounts ? Azure virtual machines What should you use to evaluate the components? To answer, select the appropriate options in the answer area.

Your company has on-premises Microsoft SQL Server databases.The company plans to move the databases to Azure.You need to recommend a secure architecture for the databases that will minimize operational requirements for patching and protect sensitive data by using dynamic data masking. The solution must minimize costs.What should you include in the recommendation?

You have an Azure subscription that contains several storage accounts. The storage accounts are accessed by legacy applications that are authenticated by using access keys. You need to recommend a solution to prevent new applications from obtaining the access keys of the storage accounts. The solution must minimize the impact on the legacy applications. What should you include in the recommendation?

Your company has the virtual machine infrastructure shown in the following table.The company plans to use Microsoft Azure Backup Server (MABS) to back up the virtual machines to Azure.You need to provide recommendations to increase the resiliency of the backup strategy to mitigate attacks such as ransomware.What should you include in the recommendation?

You have an Azure subscription that contains virtual machines, storage accounts, and Azure SQL databases. All resources are backed up multiple times a day by using Azure Backup. You are developing a strategy to protect against ransomware attacks. You need to recommend which controls must be enabled to ensure that Azure Backup can be used to restore the resources in the event of a successtu\ ransonvwaTe attack. Which two controls should you include in the recommendation? Each correct answer presents a comple