- (Exam Topic 3)
Your company is moving all on-premises workloads to Azure and Microsoft 365. You need to design a security orchestration, automation, and response (SOAR) strategy in Microsoft Sentinel that meets the following requirements:
• Minimizes manual intervention by security operation analysts
• Supports Waging alerts within Microsoft Teams channels What should you include in the strategy?

1. A. data connectors
2. B. playbooks
3. C. workbooks
4. D. KQL

Correct Answer: B
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook?tabs=LAC

- (Exam Topic 3)
Your on-premises network contains an e-commerce web app that was developed in Angular and Nodejs. The web app uses a MongoDB database. You plan to migrate the web app to Azure. The solution architecture team proposes the following architecture as an Azure landing zone.

You need to provide recommendations to secure the connection between the web app and the database. The solution must follow the Zero Trust model.
Solution: You recommend implementing Azure Key Vault to store credentials.

1. A. Yes
2. B. No

Correct Answer: B
When using Azure-provided PaaS services (e.g., Azure Storage, Azure Cosmos DB, or Azure Web App, use the PrivateLink connectivity option to ensure all data exchanges are over the private IP space and the traffic never leaves the Microsoft network.

- (Exam Topic 3)
Your company has on-premises Microsoft SQL Server databases. The company plans to move the databases to Azure.
You need to recommend a secure architecture for the databases that will minimize operational requirements for patching and protect sensitive data by using dynamic data masking. The solution must minimize costs.
What should you include in the recommendation?

1. A. Azure SQL Managed Instance
2. B. Azure Synapse Analytics dedicated SQL pools
3. C. Azure SQL Database
4. D. SQL Server on Azure Virtual Machines

Correct Answer: C

- (Exam Topic 3)
You are designing a ransomware response plan that follows Microsoft Security Best Practices.
You need to recommend a solution to minimize the risk of a ransomware attack encrypting local user files. What should you include in the recommendation?

1. A. Microsoft Defender for Endpoint
2. B. Windows Defender Device Guard
3. C. protected folders
4. D. Azure Files
5. E. BitLocker Drive Encryption (BitLocker)

Correct Answer: E

- (Exam Topic 3)
You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (O/CD) workflows for the deployment of applications to Azure. You need to recommend what to include in dynamic application security testing (DAST) based on the principles of the Microsoft Cloud Adoption Framework for Azure. What should you recommend?

1. A. unit testing
2. B. penetration testing
3. C. dependency testing
4. D. threat modeling

Correct Answer: C