Exam MS-900 topic 1 question 2 discussion

A is wrong no doubt B Sensitive information can be protected using AIP or other options C USB option is available for MFA and there are FIDO devices for serve the purpose D Legacy application would always be there which are not cloud compatible D stands correct, some companies do chose B but not because of sensitivity but due to security and legal requirements than sensitivity. For instance, many use cloud for payroll info, what can be more sensitive than that? Or even health info in some cases.

Nothing is underlined!

It's tricky, USB apps should be considerate as Legacy. So, answer es D.

The correct choice is B, focusing on applications that manage sensitive information remaining in a hybrid environment. This decision isn't primarily because these applications can't be protected in the cloud—modern security measures like Azure Information Protection provide robust options. Rather, regulations and specific security requirements sometimes dictate that such sensitive applications stay partially on-premises, adding an extra layer of control and compliance that certain organizations might need.

Applications that don’t contain sensitive data are good candidates for the cloud; those that do may be a better fit for a hybrid cloud. However, legacy apps - Older versions of some applications that have been around for a long time cannot be moved to the cloud without first carrying out several upgrades. Also, many organizations customized their applications to fit their needs, and they might find it challenging to find a cloud solution suitable for them. Legacy applications need extra care. I'm going with D.

Why does everyone seem to think that legacy applications can't be hosted on a VM. Let's be real here, those same legacy apps are probably on an ESXi host anyways. There's no specific details on what the apps are so we can't assume that none are able to migrate. I also don't understand why everyone thinks that sensitive information cannot be protected in Azure. There are tons of ways to protect it. On-premise can be a lot more insecure than cloud. It all depends on how you manage your infrastructure. The only option that is decent is hardware tokens. There are applications that require hardware tokens for licensing as well not just authentication. Some of those apps don't support usb passthrough. Like someone else mentioned Autocad is a perfect example. Don't get tunnel vision on an answer. Think outside of the box because D and B are not the correct answer that's for sure

its correct

Legacy Applications: D - Legacy applications that are not easily migrated or modernized may stay on-premises while integrating with cloud services for certain functionalities, resulting in a hybrid setup.

All legacy applications

I personally don't see how B could be correct when Microsoft is thriving selling all those security products which are supposedly top of the mark and designed to secure sensitive data.

hardware

B is not really promoting that the Cloud is secure. But of course you can go all out on security while on-prem.

Hybrid is present in Microsoft 365 because of 'workloads' like Exchange Online, Skype for Business Online, and SharePoint in Microsoft 365. These are workloads...

D stands correct, some companies do chose B but not because of sensitivity but due to security and legal requirements than sensitivity. For instance, many use cloud for payroll info, what can be more sensitive than that? Or even health info in some cases.

D legacy applications

D legacy applications

Answer C Seems that I am the only one who believes that the answer is C A. Is obviously wrong B. Azure is well suited for sensitive information, it has all the required certifications (Probably much more secure than 99% of on-prem environments) C. Applications like Autocad requires a USB token to be present, I do not see how to do that in azure. D. Most Legacy apps would be able to run on VM's