Microsoft SC-300 Practice Test - Questions Answers, Page 18

HOTSPOT

You have an Azure AD tenant that contains the users shown in the following table.

In Azure AD Identity Protection, you configure a user risk policy that has the following settings:

• Assignments:

o Users: Group1

o User risk: Low and above

• Controls:

o Access: Block access

• Enforce policy: On

In Azure AD Identity Protection, you configure a sign-in risk policy that has the following settings:

• Assignments:

o Users: Group2

o Sign-in risk: Low and above

• Controls:

o Access: Require multi-factor authentication

• Enforce policy. On

the following settings:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have an Azure AD tenant that contains a user named User1 and the conditional access policies shown in the following table.

You need to evaluate which policies will be applied User1 when User1 attempts to sign-in from various IP addresses.

Which feature should you use?

HOTSPOT

Your network contains an on-premises Active Directory Domain services (AD DS) domain that syncs with an Azure AD tenant. The AD DS domain contains the organizational units (OUs) shown in the following table.

You need to create a break-glass account named BreakGlass.

Where should you create BreakGlass, and which role should you assign to BreakGlass? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains a web app named App1.

Guest users are regularly granted access to App1.

You need to ensure that the guest users that have NOT accessed App1 during the past 30 days have their access removed the solution must minimize administrative effort.

What should you configure?

You have an Azure AD tenant named Contoso that contains a terms of use (ToU) named Terms1 and an access package. Contoso users collaborate with an external organization named Fabrikam.

Fabrikam users must accept Terms1 before being allowed to use the access package.

You need to identify which users accepted or declined Terms1.

What should you use?

You have an Azure AD tenant that contains a user named User1 and a registered app named App1.

User1 deletes the app registration of App1.

You need to restore the app registration.

What is the maximum number of days you have to restore the app registration from when it was deleted?

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.

You need to ensure that users can request access to Site. the solution must meet the following requirements.

• Automatically approve requests from users based on their group membership.

• Automatically remove the access after 30 days

What should you do?

HOTSPOT

You have an Azure subscription that contains the following virtual machine

Name: VM1

Azure region: East US

System-assigned managed identity: Disabled

You create the managed identities shown in the following table.

You perform the following actions:

• Assign Managed1 to VM1.

• Create a resource group named RG1 in the West US region.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

HOTSPOT

You have an Azure subscription that contains the key vaults shown in the following table.

The subscription contains the users shown in the following table.

On June1, Admin4 performs the following actions:

• Deletes a certificate named Certificate! from Key Vault1

• Deletes a secret named Secret1 from KeyVault2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.