Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam SC-100 Topic 1 Question 45 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 45
Topic #: 1
[All SC-100 Questions]

You have a Microsoft 365 tenant that contains 5,000 users and 5,000 Windows 11 devices. All users are assigned Microsoft 365 5 licenses and the Microsoft Defender Vulnerability Management add-on. The Windows 11 devices are managed by using Microsoft Intune and Microsoft Defender for Endpoint. The Windows 11 devices are configured during deployment to comply with Center for Internet Security (CIS) benchmarks for Windows 11.

You need to recommend a compliance solution for the Windows 11 devices. The solution must identify devices that were modified and no longer comply with the CIS benchmarks.

What should you include in the recommendation?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Bev
5 months ago
Option A seems like it could work, but I'm not sure if an authenticated scan would be enough to detect all the modifications. Gotta go with D on this one, security baselines are the way to go.
upvoted 0 times
Nieves
3 months ago
Yeah, security baselines assessments in Microsoft Defender Vulnerability Management should do the trick.
upvoted 0 times
...
Roxane
3 months ago
I agree, security baselines assessments will definitely help identify any modifications.
upvoted 0 times
...
Maile
4 months ago
I think D is the best option, security baselines assessments are thorough.
upvoted 0 times
...
Leila
4 months ago
Definitely, security baselines are essential for ensuring compliance with CIS benchmarks.
upvoted 0 times
...
Narcisa
4 months ago
I agree, I think D is the better choice. Security baselines assessments would give a more comprehensive view.
upvoted 0 times
...
Jamal
4 months ago
Option A seems like it could work, but I'm not sure if an authenticated scan would be enough to detect all the modifications.
upvoted 0 times
...
...
Sharmaine
5 months ago
I see your point, Shaunna, but I still think option D is more comprehensive for our needs.
upvoted 0 times
...
Shaunna
5 months ago
I'm not sure, I think option A) Authenticated scan for Windows in Microsoft Defender Vulnerability Management could also be a good solution.
upvoted 0 times
...
Loreen
5 months ago
Haha, can we just call it the 'Center for Insecurity' benchmarks? Just kidding, but seriously, option D is the way to go. Security baselines are the way to keep those pesky Windows 11 devices in check.
upvoted 0 times
...
Glendora
5 months ago
I think option B, Microsoft Secure Score for Devices in Defender for Endpoint, would be a good choice too. It provides a detailed assessment of the security posture of the devices and can help identify any compliance issues.
upvoted 0 times
Tiffiny
4 months ago
I think option D, security baselines assessments in Microsoft Defender Vulnerability Management, would also be a good recommendation. It can help us ensure that the devices comply with the CIS benchmarks.
upvoted 0 times
...
Arlyne
5 months ago
I agree, option B sounds like a good choice. It can definitely help us identify any compliance issues.
upvoted 0 times
...
...
Sharee
6 months ago
I agree with Sharmaine, option D sounds like the best choice to ensure compliance with CIS benchmarks.
upvoted 0 times
...
Tawanna
6 months ago
Option D seems to be the most comprehensive solution for identifying devices that have been modified and no longer comply with the CIS benchmarks. The security baselines assessments in Defender Vulnerability Management should be able to detect any deviations from the established security configurations.
upvoted 0 times
Sina
5 months ago
I agree, the security baselines assessments in Defender Vulnerability Management should be able to catch any modifications on the Windows 11 devices.
upvoted 0 times
...
Viva
5 months ago
I think option D is the best choice. It can help us identify any devices that are not compliant with the CIS benchmarks.
upvoted 0 times
...
...
Sharmaine
6 months ago
I think we should go with option D) security baselines assessments in Microsoft Defender Vulnerability Management.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77