ExamGecko
Search Search Login
Home Home / Microsoft / SC-300

Microsoft SC-300 Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.
You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?
SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.
Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.
HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. A. B. C. D.
HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No.
HOTSPOT You have an Azure subscription that contains the key vaults shown in the following table. The subscription contains the users shown in the following table. On June1, Admin4 performs the following actions: • Deletes a certificate named Certificate! from Key Vault1 • Deletes a secret named Secret1 from KeyVault2 For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Your company requires that users request access before they can access corporate applications. You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1. Which settings should you configure next for MyApp1?
SIMULATION 2 You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements: * The reviews must occur monthly. * The manager of each guest user must review the access. * If the reviews are NOT completed within five days, access must be removed. * If the guest user does not have a manager, Megan Bowen must review the access.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?

Question 171

Report
Export
Collapse

You have an Azure AD tenant that uses Azure AD Identity Protection and contains the resources shown in the following table.

Azure Multi-Factor Authentication (MFA) is enabled for all users.

User1 triggers a medium severity alert that requires additional investigation.

You need to force User1 to reset his password the next time he signs in. the solution must minimize administrative effort.

What should you do?

A.

Configure a sign-in risk policy.

A.

Configure a sign-in risk policy.

Answers
B.

Mark User1 as compromised.

B.

Mark User1 as compromised.

Answers
C.

Reconfigure the user risk policy to trigger on medium or low severity.

C.

Reconfigure the user risk policy to trigger on medium or low severity.

Answers
D.

Reset the Azure MFA registration for User1.

D.

Reset the Azure MFA registration for User1.

Answers
Suggested answer: B

Question 172

Report
Export
Collapse

HOTSPOT

You have an Azure AD tenant that contains the users shown in the following table.

In Azure AD Identity Protection, you configure a user risk policy that has the following settings:

• Assignments:

o Users: Group1

o User risk: Low and above

• Controls:

o Access: Block access

• Enforce policy: On

In Azure AD Identity Protection, you configure a sign-in risk policy that has the following settings:

• Assignments:

o Users: Group2

o Sign-in risk: Low and above

• Controls:

o Access: Require multi-factor authentication

• Enforce policy. On

the following settings:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 172
Correct answer: Question 172

Question 173

Report
Export
Collapse

You have an Azure AD tenant that contains a user named User1 and the conditional access policies shown in the following table.

You need to evaluate which policies will be applied User1 when User1 attempts to sign-in from various IP addresses.

Which feature should you use?

A.

Access reviews

A.

Access reviews

Answers
B.

Identity Secure Score

B.

Identity Secure Score

Answers
C.

The What If tool

C.

The What If tool

Answers
D.

the Microsoft 365 network connectivity test tool

D.

the Microsoft 365 network connectivity test tool

Answers
Suggested answer: C

Question 174

Report
Export
Collapse

HOTSPOT

Your network contains an on-premises Active Directory Domain services (AD DS) domain that syncs with an Azure AD tenant. The AD DS domain contains the organizational units (OUs) shown in the following table.

You need to create a break-glass account named BreakGlass.

Where should you create BreakGlass, and which role should you assign to BreakGlass? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 174
Correct answer: Question 174

Question 175

Report
Export
Collapse

You have a Microsoft 365 E5 subscription that contains a web app named App1.

Guest users are regularly granted access to App1.

You need to ensure that the guest users that have NOT accessed App1 during the past 30 days have their access removed the solution must minimize administrative effort.

What should you configure?

A.

a compliance policy

A.

a compliance policy

Answers
B.

an access review for application access

B.

an access review for application access

Answers
C.

a guest access review

C.

a guest access review

Answers
D.

a Conditional Access policy

D.

a Conditional Access policy

Answers
Suggested answer: C

Question 176

Report
Export
Collapse

You have an Azure AD tenant named Contoso that contains a terms of use (ToU) named Terms1 and an access package. Contoso users collaborate with an external organization named Fabrikam.

Fabrikam users must accept Terms1 before being allowed to use the access package.

You need to identify which users accepted or declined Terms1.

What should you use?

A.

provisioning logs

A.

provisioning logs

Answers
B.

the Usage and Insights report

B.

the Usage and Insights report

Answers
C.

sign-in logs

C.

sign-in logs

Answers
D.

audit logs

D.

audit logs

Answers
Suggested answer: D

Question 177

Report
Export
Collapse

You have an Azure AD tenant that contains a user named User1 and a registered app named App1.

User1 deletes the app registration of App1.

You need to restore the app registration.

What is the maximum number of days you have to restore the app registration from when it was deleted?

A.

14

A.

14

Answers
B.

30

B.

30

Answers
C.

60

C.

60

Answers
D.

180

D.

180

Answers
Suggested answer: B

Question 178

Report
Export
Collapse

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1.

You need to ensure that users can request access to Site. the solution must meet the following requirements.

• Automatically approve requests from users based on their group membership.

• Automatically remove the access after 30 days

What should you do?

A.

Create a Conditional Access policy.

A.

Create a Conditional Access policy.

Answers
B.

Create an access package.

B.

Create an access package.

Answers
C.

Configure Role settings in Azure AD Privileged Identity Management.

C.

Configure Role settings in Azure AD Privileged Identity Management.

Answers
D.

Create a Microsoft Defender for Cloud Apps access policy.

D.

Create a Microsoft Defender for Cloud Apps access policy.

Answers
Suggested answer: B

Question 179

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the following virtual machine

Name: VM1

Azure region: East US

System-assigned managed identity: Disabled

You create the managed identities shown in the following table.

You perform the following actions:

• Assign Managed1 to VM1.

• Create a resource group named RG1 in the West US region.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 179
Correct answer: Question 179

Question 180

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the key vaults shown in the following table.

The subscription contains the users shown in the following table.

On June1, Admin4 performs the following actions:

• Deletes a certificate named Certificate! from Key Vault1

• Deletes a secret named Secret1 from KeyVault2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 180
Correct answer: Question 180

Explanation:


Total 290 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms