The updated SC-300 Exam Dumps are truly valid exam material for becoming a Microsoft Identity and Access Administrator. Lead4Pass SC-300 Exam Dumps’ team of subject matter experts has verified and reviewed all exam questions and answers, confirming that all Microsoft Identity and Access Administrator certification exam questions have been cleared, Ultimately, 127 practice questions and answers are provided to prepare for the Microsoft Identity and Access Administrator certification exam.
SC-300 Exam Dumps https://www.leads4pass.com/sc-300.html: Contains both PDF and VCE learning tools, you can study anytime, anywhere, for preparing for Microsoft Identity and Access Administrator certification exam and Save more Precious time.
You can try the following SC-300 online practice questions first:
QUESTION 1:
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to bulk invite Azure AD business-to-business (B2B) collaboration users.
Which two parameters must you include when you create the bulk invite? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. email address
B. redirection URL
C. username
D. shared key
E. password
Correct Answer: AB
Reference: https://docs.microsoft.com/en-us/azure/active-directory/external-identities/tutorial-bulk-invite
QUESTION 2:
You have an Azure Active Directory (Azure AD) tenant that uses conditional access policies.
You plan to use third-party security information and event management (SIEM) to analyze conditional access usage.
You need to download the Azure AD log that contains conditional access policy data.
What should you export from Azure AD?
A. sign-ins in JSON format
B. sign-ins in CSV format
C. audit logs in JSON format
D. audit logs in CSV format
Correct Answer: C
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs
QUESTION 3:
Your company requires that users request access before they can access corporate applications.
You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1.
Which settings should you configure next for MyApp1?
A. Self-service
B. Provisioning
C. Roles and administrators
D. Application proxy
Correct Answer: A
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-access
QUESTION 4:
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from remote locations, the users connect their laptops to a wired network that has internet access. You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from a remote location?
A. a notification through the Microsoft Authenticator app
B. an app password
C. Windows Hello for Business
D. SMS
Correct Answer: C
In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN. After an initial two-step verification of the user during enrollment, Windows Hello is set up on the user\’s device and Windows asks the user to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Windows Hello to authenticate users.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview
QUESTION 5:
You need to sync the ADatum users. The solution must meet the technical requirements.
What should you do?
A. From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options.
B. From PowerShell, run Set-ADSyncScheduler.
C. From PowerShell, run Start-ADSyncSyncCycle.
D. From the Microsoft Azure Active Directory Connect wizard, select Change user sign-in.
Correct Answer: A
You need to select Customize synchronization options to configure Azure AD Connect to sync the Adatum organizational unit (OU).
QUESTION 6:
You have an Azure Active Directory (Azure AD) tenant.
You open the risk detection report.
Which risk detection type is classified as a user risk?
A. impossible travel
B. anonymous IP address
C. atypical travel
D. leaked credentials
Correct Answer: D
QUESTION 7:
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory domain.
The on-premises network contains a VPN server that authenticates to the on-premises Active Directory domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).
You need to recommend a solution to provide Azure MFA for VPN connections.
What should you include in the recommendation?
A. Azure AD Application Proxy
B. an Azure AD Password Protection proxy
C. Network Policy Server (NPS)
D. a pass-through authentication proxy
Correct Answer: C
QUESTION 8:
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.
You are creating a conditional access policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 9:
HOTSPOT-(Topic 3)
You have a Microsoft 365 tenant.
You need to identify users who have leaked credentials. The solution must meet the following requirements.
1. Identity sign-Ins by users who ate suspected of having leaked credentials.
2. Rag the sign-ins as a high-risk event.
3. Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.
What should you use?
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 10:
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.
In Azure AD. you add a new enterprise application named Appl.
Which groups can you assign to App1?
A. Group1 and Group
B. Group2 only
C. Group3 only
D. Group1 only
E. Group1 and Group4
Correct Answer: A
QUESTION 11:
HOTSPOT
You have an on-premises datacenter that contains the hosts shown in the following table.
You have an Azure Active Directory (Azure AD) tenant that syncs to the Active Directory forest. Multi-factor authentication (MFA) is enforced for Azure AD.
You need to ensure that you can publish App1 to Azure AD users.
What should you configure on Server and Firewall1?
To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
QUESTION 12:
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains shown in the following table.
All the users work remotely.
Azure AD Connect is configured in Azure as shown in the following exhibit.
Connectivity from the on-premises domain to the internet is lost.
Which user can sign in to Azure AD?
A. User1 only
B. User1 and User 3 only
C. User1, and User2 only
D. User1, User2, and User3
Correct Answer: A
QUESTION 13:
HOTSPOT
You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
Reference: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
……
[Google Drive] SC-300 online practice questions online download: https://drive.google.com/file/d/1zKwVeQPnVnML8AcTIhQ46LtCsi5qz5Fh/
Click for more SC-300 practice questions