Practice Free SC-300 Exam Online Questions
You configure Azure Active Directory (Azure AD) Password Protection as shown in the exhibit. (Click the Exhibit tab.)
You are evaluating the following passwords:
✑ Pr0jectlitw@re
✑ T@ilw1nd
✑ C0nt0s0
Which passwords will be blocked?
- A . Pr0jectlitw@re and T@ilw1nd only
- B . C0nt0s0 only
- C . C0nt0s0, Pr0jectlitw@re, and T@ilw1nd
- D . C0nt0s0 and T@ilw1nd only
- E . C0nt0s0 and Pr0jectlitw@re only
C
Explanation:
Reference: https://blog.enablingtechcorp.com/azure-ad-password-protection-password-evaluation
You have a Microsoft 365 E5 subscription.
Users authorize third-party cloud apps to access their data.
You need to configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users.
Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?
- A . anomaly detection policy
- B . OAuth app policy
- C . access policy
- D . activity policy
You need to complete the query for failed sign-ins to meet the technical requirements.
Where can you find the column name to complete the where clause?
- A . Security alerts in Microsoft Defender for Cloud
- B . the query window of the Log Analytics workspace
- C . Activity log in Azure
- D . Azure Advisor
You have an Azure subscription that contains the resources shown in the following table.
For which resources can you create an access review?
- A . Group1, App1, Contributor, and Role1
- B . Hotel and Contributor only
- C . Group1, Role1, and Contributor only
- D . Group1 only
A
Explanation:
Access reviews require an Azure AD Premium P2 license.
Access reviews for Group1 and App1 can be configured in Azure AD Access Reviews.
Access reviews for the Contributor role and Role1 would need to be configured in Privileged Identity Management (PIM). PIM is included in Azure AD Premium P2.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-start-security-review?toc=/azure/active-directory/governance/toc.json
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
You have 100 IT administrators who are organized into 10 departments.
You create the access review shown in the exhibit. (Click the Exhibit tab.)
You discover that all access review requests are received by Megan Bowen.
You need to ensure that the manager of each department receives the access reviews of their respective department.
Solution: You create a separate access review for each role.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
You have a Microsoft Entra tenant.
You need to query risky user activity for the tenant.
How long will the logs of risky user activity be retained?
- A . 30 days
- B . 60 days
- C . 90 days
- D . 180 days
You have an Azure AD tenant that contains the users shown in the following table.
The User settings for enterprise applications have the following configuration.
• Users can consent to apps accessing company data on their behalf:
• Users can consent to apps accessing company data for the groups they
• Users can request admin consent to apps they are unable to consent to: Yes
• Who can review admin consent requests: Admin2, User2
User1 attempts to add an app that requires consent to access company data.
Which user can provide consent?
- A . User1
- B . User2
- C . Admin1
- D . Admin2
You have a Microsoft 365 subscription.
You need to identify all the security principals that submitted requests to change or delete groups.
How should you complete the KQL query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need implement the planned changes for application access to organizational data.
What should you configure?
- A . authentication methods
- B . the User consent settings
- C . access packages
- D . an application proxy
You have an Azure AD tenant that contains the users shown in the following table.
The tenant has the authentication methods shown in the following table.
Which users will sign in to cloud apps by matching a number shown in the app with a number shown on their phone?
- A . User1 only
- B . User2 only
- C . User3 only
- D . User1 and User2 only
- E . User2 and User3 only