Microsoft SC-300 Real Exam Questions
The questions for SC-300 were last updated at Nov 19,2024.
- Exam Code: SC-300
- Exam Name: Microsoft Identity and Access Administrator
- Certification Provider: Microsoft
- Latest update: Nov 19,2024
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure pass-through authentication.
Does this meet the goal?
- A . Yes
- B . No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure conditional access policies.
Does this meet the goal?
- A . Yes
- B . No
Your company has a Microsoft 365 tenant.
The company has a call center that contains 300 users. In the call center, the users share desktop computers and might use a different computer every day. The call center computers are NOT configured for biometric identification.
The users are prohibited from having a mobile phone in the call center.
You need to require multi-factor authentication (MFA) for the call center users when they access Microsoft 365 services.
What should you include in the solution?
- A . a named network location
- B . the Microsoft Authenticator app
- C . Windows Hello for Business authentication
- D . FIDO2 tokens
You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.
You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.
What should you do first?
- A . Disable the User consent settings.
- B . Disable Security defaults.
- C . Configure a multi-factor authentication (MFA) registration policy.
- D . Configure password protection for Windows Server Active Directory.
HOTSPOT
You need to configure app registration in Azure AD to meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to configure the detection of multi staged attacks to meet the monitoring requirements.
What should you do?
- A . Customize the Azure Sentinel rule logic.
- B . Create a workbook.
- C . Add an Azure Sentinel playbook.
- D . Add Azure Sentinel data connectors.
You have an Azure subscription that contains the resources shown in the following table.
For which resources can you create an access review?
- A . Group1, App1, Contributor, and Role1
- B . Hotel and Contributor only
- C . Group1, Role1, and Contributor only
- D . Group1 only