Home / Microsoft / SC-300

Microsoft SC-300 Practice Test - Questions Answers, Page 5

Question list

List of questions

Question 41

(0)

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest. The tenant-uses through authentication. A corporate security policy states the following: Domain cont

Question 42

(0)

You have an Azure Active Directory (Azure AD) tenant. You configure self-service password reset (SSPR) by using the following settings: • Require users to register when signing in: Yes • Number o

Question 43

(0)

You have a Microsoft 365 tenant. You currently allow email clients that use Basic authentication to conned to Microsoft Exchange Online. You need to ensure that users can connect t to Exchange onl

Question 44

(0)

You create the Azure Active Directory (Azure AD) users shown in the following table. On February 1, 2021, you configure the multi-factor authentication (MFA) settings as shown in the following ex

Question 45

(0)

Your company has two divisions named Contoso East and Contoso West. The Microsoft 365 identity architecture tor both divisions is shown in the following exhibit. You need to assign users from the

Question 46

(0)

Your network contains an on-premises Active Directory domain that sync to an Azure Active Directory (Azure AD) tenant. The tenant contains the shown in the following table. All the users work rem

Question 47

(0)

You have an Azure Active Directory (Azure AD) tenant named contoso.com. You need to ensure that Azure AD External Identities pricing is based on monthly active users (MAU). What should you configu

Question 48

(0)

You have an Azure Active Directory (Azure Azure) tenant that contains the objects shown in the following table. • A device named Device1 • Users named User1, User2, User3, User4, and User5 • Five

Question 49

(0)

You have a Microsoft Exchange organization that uses an SMTP' address space of contoso.com. Several users use their contoso.com email address for self-service sign up to Azure Active Directory (Azu

Question 50

(0)

Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant- Users sign in to computers that run Windows 10 and are joined to the domain.

Related questions

You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.

SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.

HOTSPOT Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.) You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. A. B. C. D.

Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.

HOTSPOT You have an Azure subscription that contains the key vaults shown in the following table. The subscription contains the users shown in the following table. On June1, Admin4 performs the following actions: • Deletes a certificate named Certificate! from Key Vault1 • Deletes a secret named Secret1 from KeyVault2 For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

SIMULATION 2 You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements: * The reviews must occur monthly. * The manager of each guest user must review the access. * If the reviews are NOT completed within five days, access must be removed. * If the guest user does not have a manager, Megan Bowen must review the access.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?

Your company requires that users request access before they can access corporate applications. You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1. Which settings should you configure next for MyApp1?

Question 41

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest. The tenant-uses through authentication.

A corporate security policy states the following:

Domain controllers must never communicate directly to the internet.

Only required software must be- installed on servers.

The Active Directory domain contains the on-premises servers shown in the following table.

You need to ensure that users can authenticate to Azure AD if a server fails.

On which server should you install an additional pass-through authentication agent?

Server2

Server4

Server1

Server3

Show Answer Comment (0)

Question 42

You have an Azure Active Directory (Azure AD) tenant.

You configure self-service password reset (SSPR) by using the following settings:

• Require users to register when signing in: Yes

• Number of methods required to reset: 1

What is a valid authentication method available to users?

home prions

mobile app notification

a mobile app code

an email to an address in your organization

Show Answer Comment (0)

Question 43

You have a Microsoft 365 tenant.

You currently allow email clients that use Basic authentication to conned to Microsoft Exchange Online.

You need to ensure that users can connect t to Exchange only run email clients that use Modern authentication protocols.

What should you implement?

You need to ensure that use Modern authentication

a compliance policy in Microsoft Endpoint Manager

a conditional access policy in Azure Active Directory (Azure AD)

an application control profile in Microsoft Endpoint Manager

an OAuth policy in Microsoft Cloud App Security

Show Answer Comment (0)

Question 44

You create the Azure Active Directory (Azure AD) users shown in the following table.

On February 1, 2021, you configure the multi-factor authentication (MFA) settings as shown in the following exhibit.

The users authentication to Azure AD on their devices as shown in the following table.

On February 26, 2021, what will the multi-factor auth status be for each user?

Show Answer Comment (0)

Question 45

Your company has two divisions named Contoso East and Contoso West. The Microsoft 365 identity architecture tor both divisions is shown in the following exhibit.

You need to assign users from the Contoso East division access to Microsoft SharePoint Online sites in the Contoso West tenant. The solution must not require additional Microsoft 3G5 licenses.

What should you do?

Configure The exiting Azure AD Connect server in Contoso Cast to sync the Contoso East Active Directory forest to the Contoso West tenant.

Configure Azure AD Application Proxy in the Contoso West tenant.

Deploy a second Azure AD Connect server to Contoso East and configure the server to sync the Contoso East Active Directory forest to the Contoso West tenant.

Invite the Contoso East users as guests in the Contoso West tenant.

Show Answer Comment (0)

Question 46

Your network contains an on-premises Active Directory domain that sync to an Azure Active Directory (Azure AD) tenant. The tenant contains the shown in the following table.

All the users work remotely.

Azure AD Connect is configured in Azure as shown in the following exhibit.

Connectivity from the on-premises domain to the internet is lost.

Which user can sign in to Azure AD?

User1 only

User1 and User 3 only

User1, and User2 only

User1, User2, and User3

Show Answer Comment (0)

Question 47

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You need to ensure that Azure AD External Identities pricing is based on monthly active users (MAU).

What should you configure?

an access review

the terms or use

a linked subscription

a user flow

Show Answer Comment (0)

Question 48

You have an Azure Active Directory (Azure Azure) tenant that contains the objects shown in the following table.

• A device named Device1

• Users named User1, User2, User3, User4, and User5

• Five groups named Group1, Group2, Group3, Ciroup4, and Group5

The groups are configured as shown in the following table.

How many licenses are used if you assign the Microsoft Office 365 Enterprise E5 license to Group1?

Show Answer Comment (0)

Question 49

You have a Microsoft Exchange organization that uses an SMTP' address space of contoso.com.

Several users use their contoso.com email address for self-service sign up to Azure Active Directory (Azure AD).

You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.

You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.

Which PowerShell cmdlet should you run?

Set-MsolCompanySettings

Set-MsolDomainFederationSettings

Update-MsolfederatedDomain

Set-MsolDomain

Show Answer Comment (0)

Question 50

Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant- Users sign in to computers that run Windows 10 and are joined to the domain.

You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).

You need to configure the computers for Azure AD Seamless SSO.

What should you do?

Enable Enterprise State Roaming.

Configure Sign-in options.

Install the Azure AD Connect Authentication Agent.

Modify the Intranet Zone settings.

Show Answer Comment (0)

Total 290 questions