100% Free Microsoft SC-100 Practice Test Questions and Answers 2026

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?  

You have an Azure subscription that contains multiple Azure Data Lake Storage accounts.

You need to recommend a solution to encrypt the content of the accounts by using service-side

encryption and customer-managed keys. The solution must ensure that individual encryption keys

are applied at the most granular level.

At which level should you recommend the encryption be applied? 

To meet the application security requirements, which two authentication methods must the applications support? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Your company has devices that run either Windows 10, Windows 11, or Windows Server.

You are in the process of improving the security posture of the devices.

You plan to use security baselines from the Microsoft Security Compliance Toolkit.

What should you recommend using to compare the baselines to the current device configurations? 

Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework

for Azure.

You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud

Adoption Framework for Azure.

What should you use to start the threat modeling process?