ExamGecko
Login
Home / Microsoft / SC-300 / List of questions
Ask Question

Microsoft SC-300 Practice Test - Questions Answers, Page 4

List of questions

Question 31

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant that uses conditional access policies.

You plan to use third-party security information and event management (SIEM) to analyze conditional access usage.

You need to download the Azure AD log that contains conditional access policy data.

What should you export from Azure AD?

sign-ins in JSON format

sign-ins in JSON format

sign-ins in CSV format

sign-ins in CSV format

audit logs in JSON format

audit logs in JSON format

audit logs in CSV format

audit logs in CSV format
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs

asked 05/10/2024
Jose Osnayo
44 questions

Question 32

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant.

You need to review the Azure AD sign-ins log to investigate sign ins that occurred in the past.

For how long does Azure AD store events in the sign-in log?

14 days

14 days

30 days

30 days

90 days

90 days

365 days

365 days
Suggested answer: B
asked 05/10/2024
Manuel Guerrero Rojas
33 questions

Question 33

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant that contains the objects shown in the following table.

Microsoft SC-300 image Question 5 108097 10052024010905000000

Which objects can you add as eligible in Azure Privileged identity Management (PIM) for an Azure AD role?

User1 only

User1 only

User1 and Identity1 only

User1 and Identity1 only

User1. Guest1, and Identity

User1. Guest1, and Identity

User1 and Guest1 only

User1 and Guest1 only
Suggested answer: D

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pimdeployment-plan

asked 05/10/2024
Gaurav Singh
36 questions

Question 34

Report
Export
Collapse

You have a Microsoft 365 tenant.

You need to ensure that you tan view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.

What should you do first?

Run the Get-AzureADAuditDirectoryLogs cmdlet.

Run the Get-AzureADAuditDirectoryLogs cmdlet.

Create an Azure AD workbook.

Create an Azure AD workbook.

Run the Set-AzureADTenantDetail cmdlet.

Run the Set-AzureADTenantDetail cmdlet.

Modify the Diagnostics settings for Azure AD.

Modify the Diagnostics settings for Azure AD.
Suggested answer: A
asked 05/10/2024
Mehdi BELGAS
46 questions

Question 35

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant.

For the tenant. Users can register applications Is set to No.

A user named Admin1 must deploy a new cloud app named App1.

You need to ensure that Admin1 can register App1 in Azure AD. The solution must use the principle of least privilege.

Which role should you assign to Admin1?

Application developer in Azure AD

Application developer in Azure AD

App Configuration Data Owner for Subscription1

App Configuration Data Owner for Subscription1

Managed Application Contributor for Subscription1

Managed Application Contributor for Subscription1

Cloud application administrator in Azure AD

Cloud application administrator in Azure AD
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles

asked 05/10/2024
Jessy Kevin NGANE OBAME
32 questions

Question 36

Report
Export
Collapse

Your company requires that users request access before they can access corporate applications.

You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1.

Which settings should you configure next for MyApp1?

Self-service

Self-service

Provisioning

Provisioning

Roles and administrators

Roles and administrators

Application proxy

Application proxy
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-access

asked 05/10/2024
MOHD SAIFUL SYAHMI SAIFUDDIN
37 questions

Question 37

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant.

You create an enterprise application collection named HR Apps that has the following settings:

• Applications: Appl. App?, App3

• Owners: Admin 1

• Users and groups: HRUsers

AH three apps have the following Properties settings:

• Enabled for users to sign in: Yes

• User assignment required: Yes

• Visible to users: Yes Users report that when they go to the My Apps portal, they only sue App1 and App2-You need to ensure that the users can also see App3. What should you do from App3?

What should you do from App3?

From Users and groups, add HRUsers.

From Users and groups, add HRUsers.

Prom Properties, change User assignment required to No.

Prom Properties, change User assignment required to No.

From Permissions, review the User consent permissions.

From Permissions, review the User consent permissions.

From Single sign on, configure a sign-on method.

From Single sign on, configure a sign-on method.
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-accessportal

https://docs.microsoft.com/en-us/azure/active-directory/user-help/my-applications-portalworkspaces

asked 05/10/2024
Russell Bartsch
39 questions

Question 38

Report
Export
Collapse

You have a Microsoft 365 tenant.

The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.

Microsoft SC-300 image Question 10 108102 10052024010905000000

In Azure AD. you add a new enterprise application named Appl. Which groups can you assign to App1?

Group1 and Group

Group1 and Group

Group2 only

Group2 only

Group3 only

Group3 only

Group1 only

Group1 only

Group1 and Group4

Group1 and Group4
Suggested answer: A
asked 05/10/2024
Pedram Habibi
37 questions

Question 39

Report
Export
Collapse

You configure a new Microsoft 36S tenant to use a default domain name of contosso.com.

You need to ensure that you can control access to Microsoft 365 resource-, by using conditional access policy.

What should you do first?

Disable the User consent settings.

Disable the User consent settings.

Disable Security defaults.

Disable Security defaults.

Configure a multi-factor authentication (Ml A) registration policy1.

Configure a multi-factor authentication (Ml A) registration policy1.

Configure password protection for Windows Server Active Directory.

Configure password protection for Windows Server Active Directory.
Suggested answer: B
asked 05/10/2024
Arnab Gupta
39 questions

Question 40

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant named conto.so.com that has Azure AD Identity Protection enabled. You need to Implement a sign-in risk remediation policy without blocking access.

What should you do first?

Configure access reviews in Azure AD.

Configure access reviews in Azure AD.

Enforce Azure AD Password Protection.

Enforce Azure AD Password Protection.

implement multi-factor authentication (MFA) for all users.

implement multi-factor authentication (MFA) for all users.

Configure self-service password reset (SSPR) for all users.

Configure self-service password reset (SSPR) for all users.
Suggested answer: C

Explanation:

MFA and SSPR are both required. However, MFA is required first.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identityprotection-remediate-unblock

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment

asked 05/10/2024
Biji Abraham
39 questions
Total 306 questions
Go to page: of 31
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.
HOTSPOT You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1. User1 has the devices shown in the following table. On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings: Name: Terms1 Display name: Contoso terms of use Require users to expand the terms of use: On Require users to consent on every device: On Expire consents: On Expire starting on: December 10, 2020 Frequency: Monthly On November 15, 2020, User1 accepts Terms1 on Device3. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.
SIMULATION 1 You need to deploy multi factor authentication (MFA). The solution must meet the following requirements: * Require MFA registration only for members of the Sg-Finance group. * Exclude Debra Berger from having to register for MFA. * Implement the solution without using a Conditional Access policy.
Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.
You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?
DRAG DROP You have an Azure AD tenant that contains a user named Admin1. Admin1 uses the Require password change for high-risk user's policy template to create a new Conditional Access policy. Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 tenant. You have 100 IT administrators who are organized into 10 departments. You create the access review shown in the exhibit. (Click the Exhibit tab.) You discover that all access review requests are received by Megan Bowen. You need to ensure that the manager of each department receives the access reviews of their respective department. Solution: You modify the properties of the IT administrator user accounts. Does this meet the goal?
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.) A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table. Which users will be emailed a passcode?