Free Microsoft Cybersecurity SC-100 Actual Exam Questions - Question 1 Discussion
You need to recommend best practices for applying Zero Trust principles to the OT and loT devices
based on the Microsoft Cybersecurity Reference Architectures (MCRA). The solution must minimize
the risk of disrupting business operations.
Which two security methodologies should you include in the recommendation? Each correct answer
presents part of the solution.
NOTE: Each correct selection is worth one point
I think D might be tricky since patching OT devices often risks downtime or crashes. Active scanning (B) could cause more harm than good in legacy systems too. So focusing on A and C makes sense to me because both help spot issues without poking the devices directly. Would adding patching really fit “minimizing disruption”? Seems risky to me here.
A, C - Both minimize disruption and improve visibility without touching the devices directly.
Probably A and C, since passive monitoring doesn’t disrupt and threat monitoring adds good visibility.
It’s C and D since threat monitoring plus patching reduce risks without heavy interference.
I’m not convinced about active scanning (B) because it can disrupt OT devices, which are often sensitive to network changes. Passive traffic monitoring (A) lets you watch for anomalies without interfering, which fits the need to avoid disruptions. Threat monitoring (C) complements that by analyzing the data to detect risks in real time. Software patching (D) is important but can cause downtime, so it might not be ideal as a primary approach here. So I’d go with A and C since they balance security with operational stability better.
Options A and C make sense here, less disruptive on OT systems.