Microsoft SC-300 Practice Test - Questions Answers, Page 19
Question list
List of questions
Related questions
HOTSPOT
You have an Azure AD tenant that contains the users shown in the following table.
You have the locations shown in the following table.
The tenant contains a named location that Das the following configurations:
* Name: location1
* Mark as trusted location: Enabled
* IPv4 range: 10.10.0.0/16
MFA has a trusted iPad dress range of 193.17.17.0/24.
You have a Conditional Access policy that has the following settings:
* Name: CAPolicy1
* Assignments
o Users or workload identities: Group 1
o Cloud apps or actions: All cloud apps
* Conditions
* Locations All trusted locations
* Access controls
o Gant
* Grant access: Require multi-factor authentication
Session: 0 controls selected
* Enable policy: On
For each of the following statements select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have the Azure resources show in the following table.
To Which identities can you assign the Contributor role for RG1?
User1 only
User1 and Group1 only
User1 and VW1 only
User1, VM1, and App1 only
User1, Group1, Vm1, and App1
You have an Azure subscription that contains an Azure SQL database named db1.
You deploy an Azure App Service web app named App1 that provide product information to users that connect to App1 anonymously.
You need to provide App1 with Access to db1. The solution must meet the following requirements:
* Credentials must only be available to App1.
* Administrative effort must be minimized.
Which type of credentials should you use?
a user-assigned managed identity
an Azure AD user account
A SQL Server account
a system-assigned managed identity
HOTSPOT
You have a hybrid Microsoft 365 subscription that contains the users show in the following table.
You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the SharePoint Administrator role to User1
Does this meet the goal?
Yes
No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 ES subscription.
You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the Exchange Administrator role to User1.
Yes
No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the User Administrator role to User1.
Does this meet the goal?
Yes
No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 ES subscription.
You create a user namedUser1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the Security Operator role User1.
Does this meet the goal?
Yes
No
You have an Azure AD tenant
You configure User consent settings to allow users to provide consent to apps from verified publishers.
You need to ensure that the users can only provide consent to apps that require low impact permissions.
What should you do?
Create an access package.
Configure permission classifications.
Create an enterprise application collection.
Create an access review.
You have an Azure AD tenant that contains the users shown in the following table.
You add an enterprise application named App1 to Azure AD and set User1 as the owner of App1 requires admin consent to access Azure AD before the app can be used.
You configure the Admin consent requests strong as shown in the following exhibit.
Admin consent requests.
Admm1 only
Admm1 and Admin2 only
Admm1 Admm2 and Admin3 only
Admln1, Admin2. and User1 only
Admm1 Admm2. Admm3, and User1
Question