ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 3 question 57 discussion

Actual exam question from Microsoft's SC-100
Question #: 57
Topic #: 3
[All SC-100 Questions]

You have a Microsoft Entra tenant named contoso.com and use Microsoft Intune. Each user in contoso.com has a Microsoft Entra ID P1 license and a Windows 11 device that has the Global Secure Access client deployed.

You plan to deploy the following configuration of Microsoft Entra Internet Access:

• Enable a baseline profile.
• Create a security profile named Profile1 that has a priority of 300 and contains a single web content filtering policy named
WCFPolicy1. Configure WCFPolicy1 as follows:
o Set Action to allow.
o Include a single rule that has a fully qualified domain name (FQDN) destination of *.adatum.com.
• Link Profile1 to a Conditional Access policy named CAPolicy1, apply CAPolicy1 to all users, and grant access unless a user's device is noncompliant.

You need to evaluate the impact of the planned deployment on traffic to the following resources:

• https://www.adatum.com:8433
• https://www.fabrikam.com

Which two traffic scenarios will occur? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

  • A. Traffic to https://www.fabrikam.com will be allowed from all the devices.
  • B. Traffic to https://www.adatum.com:8433 will be blocked from all the devices.
  • C. Traffic to https://www.adatum.com:8433 will be allowed from all the devices.
  • D. Traffic to https://www.fabrikam.com will be allowed from compliant devices only.
  • E. Traffic to https://www.adatum.com:8433 will be allowed from compliant devices only.
  • F. Traffic to https://www.fabrikam.com will be blocked from noncompliant devices only.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by AlbertE1nstein at Jan. 30, 2025, 1:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Er_01
2 months, 3 weeks ago
Selected Answer: BD
B because P1 license does not have GSA functionality. D because fabrikam is not listed in policy so only compliant is allowed as non-c are blocked. Need Entra ID Suite license not P1.
upvoted 3 times
Er_01
2 months, 3 weeks ago
Further research has the P1 is needed for Microsoft services. So is web content filtering a MS service like sharepoint or exchange or not.
upvoted 1 times
...
...
Mick2024
2 months, 3 weeks ago
Selected Answer: DE
These were the options I was leaning towards. Can some explain why B?
upvoted 3 times
brobers1180
2 months, 3 weeks ago
Because 8433 is a non-standard port, blocked by default, and there's no rule to allow it.
upvoted 3 times
Er_01
2 months, 2 weeks ago
That is a good call. That is a pretty clear reason to block vs the ambiguous licensing angle.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago