Practice Free SC-300 Exam Online Questions
HOTSPOT
You have a Microsoft 365 tenant.
You configure a conditional access policy as shown in the Conditional Access policy exhibit. (Click the Conditional Access policy tab.)
You view the User administrator role settings as shown in the Role setting details exhibit. (Click the Role setting details tab.)
You view the User administrator role assignments as shown in the Role assignments exhibit. (Click the Role assignments lab.)
For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant.
The tenant contains the groups shown in the following table.
The tenant contains the users shown in the following table.
You create an access review as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains a virtual machine named VM1 and an Azure key vault named Vault1. VM1 has a system-assigned managed identity. You need to ensure that VM1 can retrieve the values of secrets stored in Vault 1. The solution must minimize administrative effort.
What should you do first?
- A . Configure the Resource access settings for Vault1.
- B . Configure the permissions model for Vault1
- C . Add a user-assigned managed identity to VM1.
- D . Assign an Azure role to VM1.
You have an Azure AD tenant that contains the users shown in The following table.
You enable self-service password reset (SSPR) for all the users and configure SSPR to require security questions as the only authentication method.
Which users must use security questions when resetting their password?
- A . User4 only
- B . User3and User4only
- C . User1 and User4only
- D . User1, User3, and User4 only
- E . User1, User2, User3. and User4
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.
You plan to manage the lifecycles of the groups.
Which groups can be set to expire, and what is the shortest group lifetime you can set? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft 365 E5 subscription.
You need to configure app consent for the subscription.
The solution must meet the following requirements:
• Disable user consent to apps.
• Configure admin consent workflow for apps.
Which portal should you use for each requirement? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest. The tenant-uses through authentication.
A corporate security policy states the following:
✑ Domain controllers must never communicate directly to the internet.
✑ Only required software must be- installed on servers.
The Active Directory domain contains the on-premises servers shown in the following table.
You need to ensure that users can authenticate to Azure AD if a server fails.
On which server should you install an additional pass-through authentication agent?
- A . Server2
- B . Server4
- C . Server1
- D . Server3
Your company has two divisions named Contoso East and Contoso West.
The Microsoft 365 identity architecture tor both divisions is shown in the following exhibit.
You need to assign users from the Contoso East division access to Microsoft SharePoint Online sites in the Contoso West tenant. The solution must not require additional Microsoft 3G5 licenses.
What should you do?
- A . Configure the exiting Azure AD Connect server in Contoso Cast to sync the Contoso East Active Directory forest to the Contoso West tenant.
- B . Configure Azure AD Application Proxy in the Contoso West tenant.
- C . Deploy a second Azure AD Connect server to Contoso East and configure the server to sync the Contoso East Active Directory forest to the Contoso West tenant.
- D . Invite the Contoso East users as guests in the Contoso West tenant.
HOTSPOT
You have a hybrid Microsoft 365 subscription that contains the users show in the following table.
You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription.
Azure AD logs are sent to a Log Analytics workspace.
You need to query the logs and graphically display the number of sign-ins per user.
How should you complete the query? To answer, select the appropriate options in the answer area.
