ExamGecko
Login
Home / Microsoft / SC-300 / List of questions
Ask Question

Microsoft SC-300 Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

You have an Azure Active Directory (Azure AD) tenant that contains the objects shown in the following table.

Microsoft SC-300 image Question 33 108125 10052024010905000000

Which objects can you add as members to Group3?

User2 and Group2 only

User2 and Group2 only

User2, Group1, and Group2 only

User2, Group1, and Group2 only

User1, User2, Group1 and Group2

User1, User2, Group1 and Group2

User1 and User2 only

User1 and User2 only

User2 only

User2 only

Suggested answer: E
Explanation:

Reference:

https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groupsnesting/

asked 05/10/2024
Joe Pardee
58 questions

Question 62

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.

You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.

You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.

Solution: You configure password writeback.

Does this meet the goal?

Yes

Yes

No

No

Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

asked 05/10/2024
Aung Aung Myo Myint
47 questions

Question 63

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.

You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.

You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.

Solution: You configure pass-through authentication.

Does this meet the goal?

Yes

Yes

No

No

Suggested answer: A
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

asked 05/10/2024
Nagaretnam, Ravin
45 questions

Question 64

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.

You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.

You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.

Solution: You configure conditional access policies.

Does this meet the goal?

Yes

Yes

No

No

Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

asked 05/10/2024
justen layne
44 questions

Question 65

Report Export Collapse

You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1.

SecAdmin1 is assigned the Security administrator role.

SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.

You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.

Which role should you assign to SecAdmin1?

Authentication administrator

Authentication administrator

Helpdesk administrator

Helpdesk administrator

Privileged authentication administrator

Privileged authentication administrator

Security operator

Security operator

Suggested answer: C
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference

asked 05/10/2024
MICHELE CRISTINA DOS FELIX
41 questions

Question 66

Report Export Collapse

You configure Azure Active Directory (Azure AD) Password Protection as shown in the exhibit. (Click the Exhibit tab.)

Microsoft SC-300 image Question 38 108130 10052024010905000000

You are evaluating the following passwords:

Pr0jectlitw@re

T@ilw1nd

C0nt0s0

Which passwords will be blocked?

Pr0jectlitw@re and T@ilw1nd only

Pr0jectlitw@re and T@ilw1nd only

C0nt0s0 only

C0nt0s0 only

C0nt0s0, Pr0jectlitw@re, and T@ilw1nd

C0nt0s0, Pr0jectlitw@re, and T@ilw1nd

C0nt0s0 and T@ilw1nd only

C0nt0s0 and T@ilw1nd only

C0nt0s0 and Pr0jectlitw@re only

C0nt0s0 and Pr0jectlitw@re only

Suggested answer: C
Explanation:

Reference:

https://blog.enablingtechcorp.com/azure-ad-password-protection-password-evaluation

asked 05/10/2024
Javier Cardaba Enjuto
43 questions

Question 67

Report Export Collapse

You have a Microsoft 365 tenant.

All users have mobile phones and laptops.

The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity.

While working from the remote locations, the users connect their laptop to a wired network that has internet access.

You plan to implement multi-factor authentication (MFA).

Which MFA authentication method can the users use from the remote location?

a verification code from the Microsoft Authenticator app

a verification code from the Microsoft Authenticator app

security questions

security questions

voice

voice

an app password

an app password

Suggested answer: A
Explanation:


asked 05/10/2024
Narmada Balaji
34 questions

Question 68

Report Export Collapse

You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.

You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.

What should you do first?

Disable the User consent settings.

Disable the User consent settings.

Disable Security defaults.

Disable Security defaults.

Configure a multi-factor authentication (MFA) registration policy.

Configure a multi-factor authentication (MFA) registration policy.

Configure password protection for Windows Server Active Directory.

Configure password protection for Windows Server Active Directory.

Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentalssecurity-defaults

asked 05/10/2024
Enayat Meer
33 questions

Question 69

Report Export Collapse

Your company has a Microsoft 365 tenant.

The company has a call center that contains 300 users. In the call center, the users share desktop computers and might use a different computer every day. The call center computers are NOT configured for biometric identification.

The users are prohibited from having a mobile phone in the call center.

You need to require multi-factor authentication (MFA) for the call center users when they access Microsoft 365 services.

What should you include in the solution?

a named network location

a named network location

the Microsoft Authenticator app

the Microsoft Authenticator app

Windows Hello for Business authentication

Windows Hello for Business authentication

FIDO2 tokens

FIDO2 tokens

Suggested answer: D
Explanation:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authenticationpasswordless

asked 05/10/2024
JENNIFER MALIWANAG
48 questions

Question 70

Report Export Collapse

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

All users who run applications registered in Azure AD are subject to conditional access policies.

You need to prevent the users from using legacy authentication.

What should you include in the conditional access policies to filter out legacy authentication attempts?

a cloud apps or actions condition

a cloud apps or actions condition

a user risk condition

a user risk condition

a client apps condition

a client apps condition

a sign-in risk condition

a sign-in risk condition

Suggested answer: C
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacyauthentication

asked 05/10/2024
Mitesh Patel
50 questions
Total 306 questions
Go to page: of 31
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

SIMULATION 8 You need to prevent all users from using legacy authentication protocols when authenticating to Microsoft Entra ID.
HOTSPOT You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1. User1 has the devices shown in the following table. On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings: Name: Terms1 Display name: Contoso terms of use Require users to expand the terms of use: On Require users to consent on every device: On Expire consents: On Expire starting on: December 10, 2020 Frequency: Monthly On November 15, 2020, User1 accepts Terms1 on Device3. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
SIMULATION 4 You need to ensure that all users can consent to apps that require permission to read their user profile. Users must be prevented from consenting to apps that require any other permissions.
Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table. users can request access by using package 1. Users at Fabrikam and Litware use ail then respective domain names for email addresses. You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users. You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1. What is the minimum of connected organization that you should create.
SIMULATION 1 You need to deploy multi factor authentication (MFA). The solution must meet the following requirements: * Require MFA registration only for members of the Sg-Finance group. * Exclude Debra Berger from having to register for MFA. * Implement the solution without using a Conditional Access policy.
You have an Azure subscription. You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege. Which role should you assign to the service principal of Permissions Management?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account. You deploy an Azure subscription and enable Microsoft 365 Defender. You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps. Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector. Does this meet the goal?
DRAG DROP You have an Azure AD tenant that contains a user named Admin1. Admin1 uses the Require password change for high-risk user's policy template to create a new Conditional Access policy. Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 tenant. You have 100 IT administrators who are organized into 10 departments. You create the access review shown in the exhibit. (Click the Exhibit tab.) You discover that all access review requests are received by Megan Bowen. You need to ensure that the manager of each department receives the access reviews of their respective department. Solution: You modify the properties of the IT administrator user accounts. Does this meet the goal?
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.) A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table. Which users will be emailed a passcode?