Microsoft SC-300 Practice Test - Questions Answers, Page 32

HOTSPOT

You have a Microsoft Entra tenant that contains two remote networks named RemoteNetworkl and RemoteNetwork2 and the users shown in the following table.

You have the devices shown in the following table.

You have a Microsoft 365 subscription.

You need to ensure that users can grant enterprise applications access to their profile. The solution must ensure that the users can consent only to the User. Read and profile delegated permissions.

What should you configure first?

You have a Microsoft Exchange organization that uses an SMTP address space of contoso.com.

Several users use their contoso.com email address for self-service sign-up to 1 Microsoft Entra.

You gain global administrator privileges to the Microsoft Entra tenant that contains the self-signed users.

You need to prevent the users from creating user accounts in the contoso.com 2 Microsoft Entra tenant for self-service sign-up to Microsoft 365 services.

Which PowerShell cmdlet should you run?

You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Linux. You need to configure enhanced security for VM1. The solution must meet the following requirements:

* Ensure that users can sign in to VM1 by using their Microsoft Entra credentials

* Ensure That users authenticate by using multi-factor out-of-band

* Prevent users from signing in to VM1 by using passwords.

Which two authentication methods can you include in the solution? Each correct answer presents a complete solution. NOTE: Each correct selection Is worth one point.

You have an Azure subscription that contains a user named User1 and an Azure Key Vault named Vault1.

You need to ensure that User1 can read the metadata of certificates, keys, and secrets stored in Vault1. The solution must follow the principle of least privilege.

Which role should you assign to User1?

HOTSPOT

Your on-premises network contains an Active Directory domain that uses Microsoft Entra Connect to sync with a Microsoft Entra tenant.

You need to configure Microsoft Entra Connect to meet the following requirements:

Microsoft Entra sign-ins must be authenticated by an Active Directory domain controller.

Active Directory domain users must be able to use Microsoft Entra self-service password reset (SSPR).

Minimize administrative effort.

What should you use for each requirement? To answer, select the appropriate options in the answer area.

Answer:

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.

You plan to manage the lifecycles of the groups.

Which groups can be set to expire, and what is the shortest group lifetime you can set? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

You plan to deploy a third-party software as a service (SaaS) app named App1.

You need to onboard App1 to Microsoft Defender for Cloud Apps. The solution must ensure that you can implement session control policies.

What should you do first?

HOTSPOT

You have a Microsoft 365 subscription that contains three users named User1, User2, and User3 and an enterprise app named Appl. The subscription contains the devices shown in the following table.

The subscription contains the groups shown in the following table.

You create two Conditional Access policies that have the following settings:

* Name: Policy1

* Users:

o Include: Group1

o Exclude: Group3

* Target resources:

o Include: All resources

* Access controls: Block access

* Name: Policy2

* Users:

o Include: Group2

* Target resources:

o Include: App1

* Access controls:

Grant access: Require device to be marked as compliant

For each of the following statements select Yes if the statement is true Otherwise select No.

NOTE: Each correct selection is worth one point.