Exam SC-100 topic 1 question 23 discussion

1. Segmenting access 2. Data classification 3. JIT access https://learn.microsoft.com/en-us/security/zero-trust/zero-trust-overview#guiding-principles-of-zero-trust - Assume breach Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses. - Verify explicitly Always authenticate and authorize based on all available data points. - Use least privilege access Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based adaptive policies, and data protection.

On Exam 8 Apr 2024 scored 764 1. Segmenting access 2. Data classification 3. JIT access

1 - segment access - assume breach means contain attacker 2- JIT - slide 31 JIT / JEA under explicit and least privileged. The issue is they left out JEA as an option but per slide 31 it infers both. Misleading question that requires more clarity and accuracy for such a fundamental concept.

From page 31 of MCRA, correct answer is: Business continuity Segmenting Access Just-in-time (JIT)

I have checked MCRA presentation (Pages 31-32) Source: aka.ms/MCRA(Download presentation file from link bottom of page on the link aka) 1-Business continuity - Assume breach 2 -Segmenting - Verify explicitly 3 -Just-intime (JIT) - Use least privilege access

Answer seems correct. Slide 31 of the MCRA. https://github.com/MicrosoftDocs/security/blob/main/Downloads/mcra-december-2023.pptx?raw=true

Segmenting access is an important methodology for implementing a least privileged access approach within a Zero Trust architecture

Exam question 5/25/2023

Slide 20 of the MCRA, answer looks correct!

Segmentation will contain the breach with the specific instance - This will help to isolate the breach. Enforcing Principle 1 : Assume Breach Data Classification helps to determine the most sentive data and labeling them, enforcing RBAC based access control on the data will help to enforce the Principle 2 Verify Explicitly. Finally JIT is providing access based on time period, Enforcing the 3rd in the list, Principles of Least Previlage

Answer Looks Good : https://www.microsoft.com/en-us/security/business/zero-trust Zero Trust principles Verify explicitly Always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies. Use least-privilege access Limit user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive polices, and data protection to help secure both data and productivity. Assume breach Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.

I think Answer is correct. https://www.microsoft.com/en-us/security/business/zero-trust Zero Trust principles Verify explicitly Always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies. Use least-privilege access Limit user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive polices, and data protection to help secure both data and productivity. Assume breach Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.