Practice Free SC-300 Exam Online Questions
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to a Microsoft Entra tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Microsoft Entra for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Microsoft Entra.
Solution: You configure Microsoft Entra Password Protection.
Does this meet the goal?
- A . Yes
- B . No
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.
In Azure AD. you add a new enterprise application named Appl.
Which groups can you assign to App1?
- A . Group1 and Group2 only
- B . Group2 only
- C . Group3 only
- D . Group1 only
- E . Group1 and Group4
You have a Microsoft Entra tenant that has a Microsoft Entta ID P2 license. You create a Log Analytics workspace.
You need to ensure that you can view Microsoft Entra ID audit log information by using Azure Monitor.
What should you do first?
- A . Create an Microsoft Entra ID workbook.
- B . Modify the Diagnostics settings for Microsoft Entra ID.
- C . Runtheupdate-ngoomaincmdlet.
- D . Run the update-Mgorganization cmdlet
You have an Azure AD tenant and a .NET web app named App1. You need to register App1 for Azure AD authentication.
What should you configure for App1?
- A . the executable name
- B . the bundle ID
- C . the package name
- D . the redirect URI
You have a Microsoft Exchange organization that uses an SMTP’ address space of contoso.com. Several users use their contoso.com email address for self-service sign up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.
Which PowerShell cmdlet should you run?
- A . Set-MsolCompanySettings
- B . Set-MsolDomainFederationSettings
- C . Update-MsolfederatedDomain
- D . Set-MsolDomain
You have an Azure subscription that containes a registered app named App1.
You need to review the sign-in activity for App1.
The solution must meet the following requirements:
• Identify the number of failed sign-ins.
• Identify the success rate of sign-ins.
• Minimize administrative effort.
What should you use?
- A . Audit logs
- B . Usage & insights
- C . Access reviews
- D . Sign-in logs
You have an Azure Active Directory Premium P2 tenant.
You create a Log Analytics workspace.
You need to ensure that you can view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.
What should you do first?
- A . Run theSet-AzureADTenantDetailcmdlet.
- B . Create an Azure AD workbook.
- C . Modify the Diagnostics settings for Azure AD.
- D . Run theGet-AzureADAuditDirectoryLogscmdlet.
You have a Microsoft Entra tenant.
You need to implement smart lockout with a lockout threshold of 10 failed sign-ins.
What should you configure in the Microsoft Entra admin center?
- A . User risk policy
- B . Password protection
- C . Authentication strengths
- D . Sign-in risk policy
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.
You are creating a conditional access policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
