ExamGecko
Search Search Login
Home Home / Microsoft / SC-300

Microsoft SC-300 Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?
SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.
SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.
HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. A. B. C. D.
Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.
HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No.
HOTSPOT You have an Azure subscription that contains the key vaults shown in the following table. The subscription contains the users shown in the following table. On June1, Admin4 performs the following actions: • Deletes a certificate named Certificate! from Key Vault1 • Deletes a secret named Secret1 from KeyVault2 For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Your company requires that users request access before they can access corporate applications. You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1. Which settings should you configure next for MyApp1?
SIMULATION 2 You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements: * The reviews must occur monthly. * The manager of each guest user must review the access. * If the reviews are NOT completed within five days, access must be removed. * If the guest user does not have a manager, Megan Bowen must review the access.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?

Question 1

Report
Export
Collapse

You need to configure the MFA settings for users who connect from the Boston office. The solution must meet the authentication requirements and the access requirements.

What should you configure?

A.

named locations that have a private IP address range

A.

named locations that have a private IP address range

Answers
B.

named locations that have a public IP address range

B.

named locations that have a public IP address range

Answers
C.

trusted IPs that have a public IP address range

C.

trusted IPs that have a public IP address range

Answers
D.

trusted IPs that have a private IP address range

D.

trusted IPs that have a private IP address range

Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-conditionLocation offer your country set, IP ranges MFA trusted IP and corporate network VPN gateway IP address: This is the public IP address of the VPN device for your on-premises network. The VPN device requires an IPv4 public IP address. Specify a valid public IP address for the VPN device to which you want to connect. It must be reachable by Azure Client Address space: List the IP address ranges that you want routed to the local on-premises network through this gateway. You can add multiple address space ranges. Make sure that the ranges you specify here do not overlap with ranges of other networks your virtual network connects to, or with the address ranges of the virtual network itself.

Question 2

Report
Export
Collapse

You need to configure the detection of multi staged attacks to meet the monitoring requirements.

What should you do?

A.

Customize the Azure Sentinel rule logic.

A.

Customize the Azure Sentinel rule logic.

Answers
B.

Create a workbook.

B.

Create a workbook.

Answers
C.

Add an Azure Sentinel playbook.

C.

Add an Azure Sentinel playbook.

Answers
D.

Add Azure Sentinel data connectors.

D.

Add Azure Sentinel data connectors.

Answers
Suggested answer: D

Question 3

Report
Export
Collapse

You need to configure the detection of multi-staged attacks to meet the monitoring requirements.

What should you do?

A.

Customize the Azure Sentinel rule logic.

A.

Customize the Azure Sentinel rule logic.

Answers
B.

Create a workbook.

B.

Create a workbook.

Answers
C.

Add Azure Sentinel data connectors.

C.

Add Azure Sentinel data connectors.

Answers
D.

Add an Azure Sentinel playbook.

D.

Add an Azure Sentinel playbook.

Answers
Suggested answer: A

Question 4

Report
Export
Collapse

You need to track application access assignments by using Identity Governance. The solution must meet the delegation requirements.

What should you do first?

A.

Modify the User consent settings for the enterprise applications.

A.

Modify the User consent settings for the enterprise applications.

Answers
B.

Create a catalog.

B.

Create a catalog.

Answers
C.

Create a program.

C.

Create a program.

Answers
D.

Modify the Admin consent requests settings for the enterprise applications.

D.

Modify the Admin consent requests settings for the enterprise applications.

Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-managementoverview

Question 5

Report
Export
Collapse

HOTSPOT

You need to create the LWGroup1 group to meet the management requirements.

How should you complete the dynamic membership rule? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 5
Correct answer: Question 5

Question 6

Report
Export
Collapse

HOTSPOT

You need to implement password restrictions to meet the authentication requirements.

You install the Azure AD password Protection DC agent on DC1.

What should you do next? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 6
Correct answer: Question 6

Question 7

Report
Export
Collapse

HOTSPOT

You need to configure the assignment of Azure AD licenses to the Litware users. The solution must meet the licensing requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 7
Correct answer: Question 7

Explanation:

Litware recently added a custom user attribute named LWLicenses to the litware.com Active Directory forest. Litware wants to manage the assignment of Azure AD licenses by modifying the value of the LWLicenses attribute. Users who have the appropriate value for LWLicenses must be added automatically to a Microsoft 365 group that has the appropriate licenses assigned.

Question 8

Report
Export
Collapse

HOTSPOT

You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 8
Correct answer: Question 8

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference

Question 9

Report
Export
Collapse

HOTSPOT

You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements and the access requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 9
Correct answer: Question 9

Explanation:

Reference:

https://docs.microsoft.com/en-us/sharepoint/app-enforced-restrictions

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-session

Question 10

Report
Export
Collapse

HOTSPOT

You need to configure app registration in Azure AD to meet the delegation requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 10
Correct answer: Question 10

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles

Total 290 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms