Home / Microsoft / SC-300

Microsoft SC-300 Practice Test - Questions Answers, Page 15

Question list

List of questions

Question 141

(0)

You have a Microsoft 365 subscription that contains the following: • An Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium P2 license • A Microsoft SharePoint Onli

Question 142

(0)

You have an Azure subscription that contains the custom roles shown in the following table. You need to create a custom Azure subscription role named Role3 by using the Azure portal. Role3 will u

Question 143

(0)

You have a Microsoft 365 tenant. You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant. Users connect to the internet by using a hardware firewall at your

Question 144

(0)

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1. You need to ensure that User1 can create new catalogs and add resources to the catalogs they own. What should

Question 145

(0)

HOTSPOT You need to support the planned changes and meet the technical requirements for MFA. Which feature should you use, and how long before the users must complete the registration? To answer,

Question 146

(0)

You need to resolve the issue of the guest user invitations. What should you do for the Azure AD tenant?

Question 147

(0)

DRAG DROP You have a Microsoft 365 E5 subscription. You need to perform the following tasks: • Identify the locations and IP addresses used by Azure AD users to sign in • Review the Azure AD secu

Question 148

(0)

You have an Azure AD tenant that contains two users named User1 and User2. You plan to perform the following actions: • Create a group named Group 1. • Add User1 and User 2 to Group1. • Assign Az

Question 149

(0)

DRAG DROP You have a Microsoft 365 E5 subscription and an Azure subscription. You need to meet the following requirements: • Ensure that users can sign in to Azure virtual machines by using their

Question 150

(0)

You have a Microsoft 365 E5 subscription. Users authorize third-party cloud apps to access their data. You need to configure an alert that will be triggered when an app requires high permissions a

Related questions

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.

You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?

SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.

Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.

HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. A. B. C. D.

HOTSPOT You have an Azure subscription that contains the key vaults shown in the following table. The subscription contains the users shown in the following table. On June1, Admin4 performs the following actions: • Deletes a certificate named Certificate! from Key Vault1 • Deletes a secret named Secret1 from KeyVault2 For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Your company requires that users request access before they can access corporate applications. You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1. Which settings should you configure next for MyApp1?

SIMULATION 2 You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements: * The reviews must occur monthly. * The manager of each guest user must review the access. * If the reviews are NOT completed within five days, access must be removed. * If the guest user does not have a manager, Megan Bowen must review the access.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?

Question 141

You have a Microsoft 365 subscription that contains the following:

• An Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium P2 license

• A Microsoft SharePoint Online site named Site1

• A Microsoft Teams team named Team1

You need to create an entitlement management workflow to manage Site1 and Team1. What should you do first?

Create an access package.

Create a catalog.

Create an administrative unit.

Configure an app registration.

Show Answer Comment (0)

Question 142

You have an Azure subscription that contains the custom roles shown in the following table.

You need to create a custom Azure subscription role named Role3 by using the Azure portal. Role3 will use the baseline permissions of an existing role. Which roles can you clone to create Role3?

Role2 only

built-in Azure subscription roles only

built-in Azure subscription roles and Role2 only

built-in Azure subscription roles and built-in Azure AD roles only

Role1, Role2 built-in Azure subscription roles, and built-in Azure AD roles

Show Answer Comment (0)

Question 143

You have a Microsoft 365 tenant.

You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant.

Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.

You plan to manage access to external applications by using Azure AD.

You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.

What should you use to gather the information?

Cloud App Discovery in Microsoft Defender for Cloud Apps

enterprise applications in Azure AD

access reviews in Azure AD

Application Insights in Azure Monitor

Show Answer Comment (0)

Question 144

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.

You need to ensure that User1 can create new catalogs and add resources to the catalogs they own.

What should you do?

From the Roles and administrators blade, modify the Service support administrator role.

From the identity Governance blade, modify the Entitlement management settings.

From the Identity Governance blade, modify the roles and administrators for the General catalog

From the Roles and administrators blade, modify the Groups administrator role.

Show Answer Comment (0)

Question 145

HOTSPOT

You need to support the planned changes and meet the technical requirements for MFA.

Which feature should you use, and how long before the users must complete the registration? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 146

You need to resolve the issue of the guest user invitations. What should you do for the Azure AD tenant?

Configure the Continuous access evaluation settings

Modify the External collaboration settings.

Configure the Access reviews settings

Configure a Conditional Access policy.

Show Answer Comment (0)

Question 147

DRAG DROP

You have a Microsoft 365 E5 subscription. You need to perform the following tasks:

• Identify the locations and IP addresses used by Azure AD users to sign in

• Review the Azure AD security settings and identify improvement recommendations.

• Identify changes to Azure AD users or service principle.

What should you use for each task? To answer, drag the appropriate resources to the correct requirements. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

Show Answer Comment (0)

Question 148

You have an Azure AD tenant that contains two users named User1 and User2. You plan to perform the following actions:

• Create a group named Group 1.

• Add User1 and User 2 to Group1.

• Assign Azure AD roles to Group1.

You need to create Group1.

Which two settings can you use? Each correct answer presents a complete solution

NOTE: Each correct selection is worth one point

Group type: Microsoft 365 Membership type: Dynamic User

Group type: Security Membership type: Dynamic Device

Group type Security Membership type: Dynamic User

Group type Security Membership type: Assigned

Group type: Microsoft 365 Membership type: Assigned

Show Answer Comment (0)

Question 149

DRAG DROP

You have a Microsoft 365 E5 subscription and an Azure subscription. You need to meet the following requirements:

• Ensure that users can sign in to Azure virtual machines by using their Microsoft 365 credentials.

• Delegate the ability to create new virtual machines.

What should you use for each requirement? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.