We share the latest updated Microsoft SC-300 test questions and answers for free, all test questions are real cracked, guaranteed to be true and effective! You can practice the test online! Or download the latest SC-300 exam pdf.
The free exam questions are only part of what we share. If you want to get the complete Microsoft SC-300 exam questions and answers, you can get them in lead4pass.
The lead4pass SC-300 exam dumps contain VCE dumps and PDF dumps.
Microsoft SC-300 Exam “Microsoft Identity and Access Administrator” https://www.leads4pass.com/sc-300.html (Total Questions: 72 Q&A)
[August 2021] The latest update of Microsoft SC-300 (Microsoft Identity and Access Administrator) exam questions and answers
QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
You have 100 IT administrators who are organized into 10 departments.
You create the access review shown in the exhibit. (Click the Exhibit tab.)
You discover that all access review requests are received by Megan Bowen.
You need to ensure that the manager of each department receives the access reviews of their respective department.
Solution: You add each manager as a fallback reviewer.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
QUESTION 2
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
User1 is the owner of Group1.
You create an access review that has the following settings:
Users to review: Members of a group Scope: Everyone Group: Group1 Reviewers: Members (self)
Which users can perform access reviews for User3?
A. User1, User2, and User3
B. User3 only
C. User1 only
D. User1 and User2 only
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-startsecurity-review
QUESTION 3
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.
You are creating a conditional access policy as shown in the following exhibit.
…
Get free complete Microsoft SC-300 exam questions and answers
Get FREE Microsoft SC-300 pdf from Lead4Pass for free
Free share Microsoft SC-300 exam PDF from Fulldumps provided by Lead4pass
https://www.fulldumps.com/wp-content/uploads/2021/05/Lead4pass-Microsoft-Certified-SC-300-Exam-Dumps-Braindumps-PDF-VCE.pdf
Microsoft SC-300 exam questions online practice test
QUESTION 1
You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.
You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.
What should you do first?
A. Disable the User consent settings.
B. Disable Security defaults.
C. Configure a multi-factor authentication (MFA) registration policy.
D. Configure password protection for Windows Server Active Directory.
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-securitydefaults
QUESTION 2
You have a Microsoft 365 tenant.
You have 100 IT administrators who are organized into 10 departments.
You create the access review shown in the exhibit. (Click the Exhibit tab.)
You discover that all access review requests are received by Megan Bowen.
You need to ensure that the manager of each department receives the access reviews of their respective department.
Solution: You set Reviewers to Member (self).
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
QUESTION 3
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has the default App registrations settings. The tenant
contains the users shown in the following table.
You purchase two cloud apps named App1 and App2. The global administrator registers App1 in Azure AD.
You need to identify who can assign users to App1, and who can register App2 in Azure AD.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 4
You have a Microsoft Exchange organization that uses an SMTP address space of contoso.com.
Several users use their contoso.com email address for self-service sign-up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up
to Microsoft 365 services.
Which PowerShell cmdlet should you run?
A. Set-MsolCompanySettings
B. Set-MsolDomainFederationSettings
C. Update-MsolfederatedDomain
D. Set-MsolDomain
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-self-service-signup
QUESTION 5
You need to meet the planned changes and technical requirements for App1. What should you implement?
A. a policy set in Microsoft Endpoint Manager
B. an app configuration policy in Microsoft Endpoint Manager
C. an app registration in Azure AD
D. Azure AD Application Proxy
Correct Answer: C
Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
QUESTION 6
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While
working from the remote locations, the users connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?
A. a verification code from the Microsoft Authenticator app
B. security questions
C. voice
D. SMS
Correct Answer: B
QUESTION 7
You have a Microsoft 365 tenant.
All users have computers that run Windows 10. Most computers are company-owned and joined to Azure Active
Directory (Azure AD). Some computers are user-owned and are only registered in Azure AD.
You need to prevent users who connect to Microsoft SharePoint Online on their user-owned computer from
downloading or syncing files. Other users must NOT be restricted.
Which policy type should you create?
A. a Microsoft Cloud App Security activity policy that has Microsoft Office 365 governance actions configured
B. an Azure AD conditional access policy that has session controls configured
C. an Azure AD conditional access policy that has client apps conditions configured
D. a Microsoft Cloud App Security app discovery policy that has governance actions configured
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad
QUESTION 8
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active
Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.)
A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the
following table.
Which users will be emailed a passcode?
A. User2 only
B. User1 only
C. User1 and User2 only
D. User1, User2, and User3
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/active-directory/external-identities/one-time-passcode
QUESTION 9
You have a Microsoft 365 tenant.
You have 100 IT administrators who are organized into 10 departments.
You create the access review shown in the exhibit. (Click the Exhibit tab.)
You discover that all access review requests are received by Megan Bowen.
You need to ensure that the manager of each department receives the access reviews of their respective department.
Solution: You modify the properties of the IT administrator user accounts.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
QUESTION 10
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure
AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented
from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
QUESTION 11
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to bulk invite Azure AD business-to-business (B2B) collaboration users.
Which two parameters must you include when you create the bulk invite? Each correct answer presents part of the
solution
NOTE: Each correct selection is worth one point.
A. email address
B. redirection URL
C. username
D. shared key
E. password
Correct Answer: AB
Reference: https://docs.microsoft.com/en-us/azure/active-directory/external-identities/tutorial-bulk-invite
QUESTION 12
You have an Azure Active Directory (Azure AD) tenant.
You create an enterprise application collection named HR Apps that has the following settings:
Applications: App1, App2, App3
Owners: Admin1 Users and groups: HRUsers
All three apps have the following Properties settings: Enabled for users to sign in: Yes User assignment required: Yes
Visible to users: Yes
Users report that when they go to the My Apps portal, they only see App1 and App2.
You need to ensure that the users can also see App3.
What should you do from App3?
A. From Users and groups, add HRUsers.
B. From Single sign-on, configure a sign-on method.
C. From Properties, change User assignment required to No.
D. From Permissions, review the User consent permissions.
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal
https://docs.microsoft.com/en-us/azure/active-directory/user-help/my-applications-portal-workspaces
QUESTION 13
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
All users who run applications registered in Azure AD are subject to conditional access policies.
You need to prevent the users from using legacy authentication.
What should you include in the conditional access policies to filter out legacy authentication attempts?
A. a cloud apps or actions condition
B. a user risk condition
C. a client apps condition
D. a sign-in risk condition
Correct Answer: C
Reference: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacy-authentication
Thank you for reading! I have told you how to successfully pass the Microsoft SC-300 exam.
You can choose: https://www.leads4pass.com/sc-300.html to directly enter the SC-300 Exam dumps channel! Get the key to successfully pass the exam!
Wish you happiness!
Get free Microsoft SC-300 exam PDF online: https://www.fulldumps.com/wp-content/uploads/2021/05/Lead4pass-Microsoft-Certified-SC-300-Exam-Dumps-Braindumps-PDF-VCE.pdf