ExamGecko
Login
Home / Microsoft / SC-300 / List of questions
Ask Question

Microsoft SC-300 Practice Test - Questions Answers, Page 25

Add to Whishlist

List of questions

Question 241

Report Export Collapse

HOTSPOT

You have an Azure subscription named Sub1 that contains two resource groups named RG1 and RG2. Sub1 contains the users shown in the following table.

Microsoft SC-300 image Question 213 108305 10052024010905000000

Sub1 contains the resources shown in the following table.

Microsoft SC-300 image Question 213 108305 10052024010905000000

You create the role-based access control (RBAC) role assignments shown in the following table.

Microsoft SC-300 image Question 213 108305 10052024010905000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No NOTE: Each correct selection is worth one point.


Become a Premium Member for full access
  Unlock Premium Member

Question 242

Report Export Collapse

HOTSPOT

You have a Microsoft Entra tenant that contains the users shown in the following table.

Microsoft SC-300 image Question 214 108306 10052024010905000000

You have a user risk policy that has the following settings:

* Assignments:

o Include: Group1

o Exclude: Group2

* Sign-in risk Medium and above

* Access controls:

o Grant access: Require password change

When the users attempt to sign in. user risk levels are detected as shown in the following table.

Microsoft SC-300 image Question 214 108306 10052024010905000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No.


Become a Premium Member for full access
  Unlock Premium Member

Question 243

Report Export Collapse

You have a Microsoft Entra tenant that contains the groups shown in the following table.

You need to implement Privileged Identity Management (PIM) for the groups.

Which groups can be managed by using PIM?

Become a Premium Member for full access
  Unlock Premium Member

Question 244

Report Export Collapse

You have an Azure subscription named Sub1 that contains a resource group named RG1. RG1 contains an Azure Cosmos DB database named DB1 and an Azure Kubernetes Service (AKS) cluster named AKS1. AKS1 uses a managed identity.

You need to ensure that AKS1 can access DB1. The solution must meet the following requirements:

* Ensure that AKS1 uses the managed identity to access DB1.

* Follow the principle of least privilege.

Which role should you assign to the managed identity of AKS1.

Become a Premium Member for full access
  Unlock Premium Member

Question 245

Report Export Collapse

HOTSPOT

You have an Azure subscription that contains the resources shown in the following table.

Microsoft SC-300 image Question 217 108309 10052024010905000000

The subscription contains the virtual machines shown in the following table.

Microsoft SC-300 image Question 217 108309 10052024010905000000

Which identities can be assigned the Owner role for RG1, and to which virtual machines can you assign Managed2? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point.


Become a Premium Member for full access
  Unlock Premium Member

Question 246

Report Export Collapse

You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server.

You enable Microsoft Entra login for the virtual machines.

Users report that they cannot sign in to the virtual machines by using their Microsoft Entra credentials.

You need to ensure that the users can sign in to the virtual machines.

What should you do first?

Become a Premium Member for full access
  Unlock Premium Member

Question 247

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant.

All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.

Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

You need to block the users automatically when they report an MFA request that they did not initiate.

Solution: From the Azure portal, you configure the Notifications settings for multi-factor authentication (MFA).

Does this meet the goal?

Become a Premium Member for full access
  Unlock Premium Member

Question 248

Report Export Collapse

HOTSPOT

You have an Azure subscription named Sub1 ilia1 contains a storage account named storage1. You need to deploy two apps named App1 and App2 that will have the following configurations:

* App1 will be deployed as a registered app in Sub1.

* App1 will access storage1 by using Microsoft Entra authentication.

* App2 will access storage1 by using a single Microsoft Entra identity.

* App2 be hosted on two new virtual machines named VM1 and VM2.

The solution must minimize administrative effort.

Which type of identity will each app use to access storage1? To answer, select the appropriate options in the answer area.


Become a Premium Member for full access
  Unlock Premium Member

Question 249

Report Export Collapse

You have an Azure subscription that containes a registered app named App1.

You need to review the sign-in activity for App1. The solution must meet the following requirements:

* Identify the number of failed sign-ins.

* Identify the success rate of sign-ins.

* Minimize administrative effort.

What should you use?

Become a Premium Member for full access
  Unlock Premium Member

Question 250

Report Export Collapse

You have an Azure subscription that contains a user named User! and two resource groups named RG1 and RG2.

You need to ensure that User1 can perform the following tasks:

* View all resources.

* Restart virtual machines.

* Create virtual machines in RG1 only.

* Create storage accounts in RG1 only.

What is the minimum number of role-based access control (RBAC) role assignment* required?

Become a Premium Member for full access
  Unlock Premium Member
Total 306 questions
Go to page: of 31
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.
HOTSPOT You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1. User1 has the devices shown in the following table. On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings: Name: Terms1 Display name: Contoso terms of use Require users to expand the terms of use: On Require users to consent on every device: On Expire consents: On Expire starting on: December 10, 2020 Frequency: Monthly On November 15, 2020, User1 accepts Terms1 on Device3. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.
Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.
SIMULATION 1 You need to deploy multi factor authentication (MFA). The solution must meet the following requirements: * Require MFA registration only for members of the Sg-Finance group. * Exclude Debra Berger from having to register for MFA. * Implement the solution without using a Conditional Access policy.
You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?
DRAG DROP You have an Azure AD tenant that contains a user named Admin1. Admin1 uses the Require password change for high-risk user's policy template to create a new Conditional Access policy. Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 tenant. You have 100 IT administrators who are organized into 10 departments. You create the access review shown in the exhibit. (Click the Exhibit tab.) You discover that all access review requests are received by Megan Bowen. You need to ensure that the manager of each department receives the access reviews of their respective department. Solution: You modify the properties of the IT administrator user accounts. Does this meet the goal?
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.) A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table. Which users will be emailed a passcode?