ExamGecko
Home / Microsoft / SC-300 / List of questions
Ask Question

Microsoft SC-300 Practice Test - Questions Answers, Page 17

List of questions

Question 161

Report
Export
Collapse

You have an Azure subscription that contains a user named User1. You need to meet the following requirements:

• Prevent User1 from being added as an owner of newly registered apps.

• Ensure that User1 can manage the application proxy settings.

• Ensure that User2 can register apps.

• Use the principle of least privilege.

Which role should you assign to User1?

Application developer

Application developer

Cloud application administrator

Cloud application administrator

Service support administrator

Service support administrator

Application administrator

Application administrator

Suggested answer: D
asked 05/10/2024
Francesco Facco
29 questions

Question 162

Report
Export
Collapse

Your company purchases 2 new Microsoft 365 ES subscription and an app named App.

You need to create a Microsoft Defender for Cloud Apps access policy for App1.

What should you do you first? (Choose Correct Answer based on Microsoft Identity and Access Administrator at microsoft.com)

Configure a Token configuration for App1.

Configure a Token configuration for App1.

Add an API permission for App.

Add an API permission for App.

Configure a Conditional Access policy to use app-enforced restrictions.

Configure a Conditional Access policy to use app-enforced restrictions.

Configure a Conditional Access policy to use Conditional Access App Control.

Configure a Conditional Access policy to use Conditional Access App Control.

Suggested answer: C

Explanation:

https://learn.microsoft.com/en-us/defender-cloud-apps/access-policy-aad

To create a Microsoft Defender for Cloud Apps access policy for App1, you should configure a Conditional Access policy to use app-enforced restrictions. This will allow you to control access to your cloud apps based on conditions such as user, device, location, and app state. You can also use app-enforced restrictions to control access to your cloud apps based on the state of the app, such as whether it’s running on a managed or unmanaged device.

asked 05/10/2024
Jorge Andres Gutierrez
30 questions

Question 163

Report
Export
Collapse

You have an Azure AD tenant named contoso.com that contains the resources shown in the following table.

You create a user named Admin 1.

Microsoft SC-300 image Question 135 108227 10052024010905000000

You need to ensure that Admin can enable Security defaults for contoso.com.

What should you do first?

Configure Identity Governance.

Configure Identity Governance.

Delete Package1.

Delete Package1.

Delete CAPolicy1.

Delete CAPolicy1.

Assign Admin1 the Authentication administrator role for Au1

Assign Admin1 the Authentication administrator role for Au1

Suggested answer: D

Explanation:

To enable Security defaults for contoso.com, you should first sign in to the Azure portal as a security administrator, Conditional Access administrator, or global administrator. Then, browse to Azure Active Directory > Properties and select Manage security defaults. Set the Enable security defaults toggle to Yes and select Save.

After that, you can assign Admin1 the Identity Administrator role for Au1 to enable them to manage security defaults for the tenant.

https://practical365.com/what-are-azure-ad-security-defaults-and-should-you-use-them/

asked 05/10/2024
Sander Verheijen
36 questions

Question 164

Report
Export
Collapse

HOTSPOT

You have an Azure AD tenant that contains a user named User1. User1 is assigned the User Administrator role.

You need to configure External collaboration settings for the tenant to meet the following requirements:

*Guest users must be prevented from querying staff email addresses.

*Guest users must be able to access the tenant only if they are invited by User1.

Which three settings should you configure? To answer, select the appropriate settings in the answer area.


Microsoft SC-300 image Question 164 108228 10052024010905000
Correct answer: Microsoft SC-300 image answer Question 164 108228 10052024010905000

Explanation:

Box1 = User access is restricted to properties and memberships of their own directory objects (most restrictive). This setting ensures that guest users are prevented from querying staff email addresses and can access the tenant only if they are invited by User1.

Box2 = Only users assigned to specific admin roles can invite guest users. This setting ensures that guest users can access the tenant only if they are invited by User1.

Box3 = This setting enables guest users to sign up for the tenant only if they are invited by User1.

asked 05/10/2024
Zahidul Haque
47 questions

Question 165

Report
Export
Collapse

HOTSPOT

You have an Azure subscription.

Azure AD logs are sent to a Log Analytics workspace.

You need to query the logs and graphically display the number of sign-ins per user.

How should you complete the query? To answer, select the appropriate options in the answer area.


Microsoft SC-300 image Question 165 108229 10052024010905000
Correct answer: Microsoft SC-300 image answer Question 165 108229 10052024010905000

Explanation:

Box 1 =

SigninLogs

| where ResultType == 0

| summarize login_count = count() by identity

| render piechart

This query retrieves the sign-in logs, filters the successful sign-ins, summarizes the count of sign-ins

per user, and renders the result as a pie chart.

Box 2 = Render

asked 05/10/2024
Karen Charllotte Aglipay
30 questions

Question 166

Report
Export
Collapse

You have an Azure AD tenant that contains the users shown in the following table.

Microsoft SC-300 image Question 138 108230 10052024010905000000

The User settings for enterprise applications have the following configuration.

• Users can consent to apps accessing company data on their behalf:

• Users can consent to apps accessing company data for the groups they

• Users can request admin consent to apps they are unable to consent to: Yes

• Who can review admin consent requests: Admin2, User2

User1 attempts to add an app that requires consent to access company data.

Which user can provide consent?

User1

User1

User2

User2

Admin1

Admin1

Admin2

Admin2

Suggested answer: C
asked 05/10/2024
MC Chrys Darcy MASSALA MPIKA
34 questions

Question 167

Report
Export
Collapse

HOTSPOT

You have an Azure AD tenant named contoso.com that has Email one-time passcode for guests set to Yes.

You invite the guest users shown in the following table.

Which users will receive a one-time passcode, and how long will the passcode be valid? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft SC-300 image Question 167 108231 10052024010905000
Correct answer: Microsoft SC-300 image answer Question 167 108231 10052024010905000
asked 05/10/2024
Lars Bleckmann
41 questions

Question 168

Report
Export
Collapse

HOTSPOT

You have an Azure AD tenant that contains the users shown in the following table.

Microsoft SC-300 image Question 140 108232 10052024010905000000

User2 reports that he can only configure multi-factor authenticating (MFA) to use the Microsoft Authenticator app.

You need to ensure that User2 can configure alternate MFA methods.

Which configuration is required, and which user should perform the configuration? To answer, select the appropriate options in the answer area.


Microsoft SC-300 image Question 168 108232 10052024010905000
Correct answer: Microsoft SC-300 image answer Question 168 108232 10052024010905000
asked 05/10/2024
Robbie Shen
34 questions

Question 169

Report
Export
Collapse

Your network contains an on-premises Active Directory domain that syncs to an Azure AD tenant.

Users sign in to computers that run Windows 10 and are joined to the domain.

You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).

You need to configure the Windows 10 computers to support Azure AD Seamless SSO.

What should you do?

Modify the Local intranet zone settings

Modify the Local intranet zone settings

Configure Sign-in options from the Settings app.

Configure Sign-in options from the Settings app.

Enable Enterprise State Roaming.

Enable Enterprise State Roaming.

Install the Azure AD Connect Authentication Agent.

Install the Azure AD Connect Authentication Agent.

Suggested answer: B
asked 05/10/2024
Ksu doo Makek
45 questions

Question 170

Report
Export
Collapse

HOTSPOT

You have an Azure AD tenant and an Azure web app named App1.

You need to provide guest users with self-service sign-up for App1. The solution must meet the following requirements:

• Guest users must be able to sign up by using a one-time password.

• The users must provide their first name, last name, city, and email address during the sign-up process.

What should you configure in the Azure Active Directory admin center for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft SC-300 image Question 170 108234 10052024010905000
Correct answer: Microsoft SC-300 image answer Question 170 108234 10052024010905000
asked 05/10/2024
Jaroslaw Mikolajczyk
36 questions
Total 306 questions
Go to page: of 31
Search

Related questions