ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 5 question 6 discussion

Actual exam question from Microsoft's SC-100
Question #: 6
Topic #: 5
[All SC-100 Questions]

You are designing a ransomware response plan that follows Microsoft Security Best Practices.

You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.

What should you include in the recommendation?

  • A. device compliance policies
  • B. Privileged Access Workstations (PAWs)
  • C. Customer Lockbox for Microsoft Azure
  • D. emergency access accounts
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by janesb at April 12, 2023, 10:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aljdeguzman
Highly Voted 2 years ago
I say D
upvoted 10 times
bxlin
11 months ago
I say D too. B is a preventive control before ransomware attacks happen. The question here is asking how to limit the scope of damage if attack has happened. An emergency access account will prevent you from being locked out.
upvoted 2 times
...
...
zellck
Highly Voted 1 year, 11 months ago
Selected Answer: B
B is the answer. https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-devices#device-roles-and-profiles Privileged Access Workstation (PAW) – This is the highest security configuration designed for extremely sensitive roles that would have a significant or material impact on the organization if their account was compromised. The PAW configuration includes security controls and policies that restrict local administrative access and productivity tools to minimize the attack surface to only what is absolutely required for performing sensitive job tasks. This makes the PAW device difficult for attackers to compromise because it blocks the most common vector for phishing attacks: email and web browsing. To provide productivity to these users, separate accounts and workstations must be provided for productivity applications and web browsing. While inconvenient, this is a necessary control to protect users whose account could inflict damage to most or all resources in the organization.
upvoted 8 times
...
Ali96
Most Recent 2 months, 3 weeks ago
Selected Answer: B
B. Privileged Access Workstations (PAWs) This recommendation will help mitigate the risks of ransomware attacks on privileged accounts without locking you out.
upvoted 1 times
...
besoaus
10 months ago
Selected Answer: D
He said clearly " limit the scope of damage of ransomware attacks without being locked out", So the right one here should be D. Emergency Access Accounts". https://learn.microsoft.com/en-us/azure/active-directory-b2c/tenant-management-emergency-access-account
upvoted 1 times
...
calotta1
1 year, 8 months ago
I can see why some may confuse the 'break-glass' account to this question, but clearly asks to NOT be locked! Which means you've already had access to the environment, whatever that maybe. You don't need emergency account at that point.
upvoted 4 times
...
MaciekMT
2 years ago
Selected Answer: B
ChatGPT: To limit the scope of damage of ransomware attacks without being locked out, you should recommend Privileged Access Workstations (PAWs). Privileged Access Workstations (PAWs) are dedicated devices that are used to perform sensitive administrative tasks, such as configuring security settings and managing domain controllers. PAWs provide enhanced security by isolating administrative activities from regular user activities and by requiring multi-factor authentication and additional controls. By using a PAW, administrators can perform sensitive tasks without exposing their credentials to the regular network or potentially malicious content, such as ransomware. This helps to limit the scope of damage of ransomware attacks while also maintaining access to critical systems. Therefore, option B is the correct answer.
upvoted 4 times
ariania
7 months, 3 weeks ago
ChatGPT says this now: D. Emergency access accounts Emergency access accounts are crucial for limiting the scope of damage during ransomware attacks without being locked out. These accounts are highly privileged, but they are only used in case of emergencies, such as when normal administrative access is unavailable. This ensures that you can maintain access to critical systems while working to contain and recover from a ransomware attack, following Microsoft Security Best Practices. Device compliance policies (A) primarily focus on ensuring that devices meet security standards, which is preventive but not directly applicable for emergency response to ransomware. Privileged Access Workstations (PAWs) (B) are used to isolate administrative tasks, but they don't help directly in recovering from a ransomware attack. Customer Lockbox (C) is a feature for control over data access but is not related to mitigating ransomware attacks.
upvoted 2 times
...
...
janesb
2 years ago
Selected Answer: B
correct https://learn.microsoft.com/en-us/security/ransomware/protect-against-ransomware-phase2 https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-devices
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago