Practice Free SC-300 Exam Online Questions
You have an Azure AD tenant that contains a user named User1 and a registered app named App1.
User1 deletes the app registration of Appl.
You need to restore the app registration.
What is the maximum number of days you have to restore the app registration from when it was deleted?
- A . 14
- B . 30
- C . 60
- D . 180
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant syncs to an on-premises Active Directory domain. You plan to create an emergency-access administrative account named Emergency1. Emergency1 will be assigned the Global administrator role in Azure AD. Emergency1 will be used in the event of Azure AD
functionality failures and on-premises infrastructure failures.
You need to reduce the likelihood that Emergency1 will be prevented from signing in during an emergency.
What should you do?
- A . Configure Azure Monitor to generate an alert if Emergency1 is modified or signs in.
- B . Require Azure AD Privileged Identity Management (PIM) activation of the Global administrator role forEmergency1.
- C . Configure a conditional access policy to restrict sign-in locations for Emergency1 to only the corporate network.
- D . Configure a conditional access policy to require multi-factor authentication (MFA) for Emergency1.
You have a Microsoft 365 tenant.
All users have computers that run Windows 10. Most computers are company-owned and joined to Azure
Active Directory (Azure AD). Some computers are user-owned and are only registered in Azure AD. You need to prevent users who connect to Microsoft SharePoint Online on their user-owned computer from
downloading or syncing files. Other users must NOT be restricted.
Which policy type should you create?
- A . a Microsoft Cloud App Security activity policy that has Microsoft Office 365 governance actions configured
- B . an Azure AD conditional access policy that has session controls configured
- C . an Azure AD conditional access policy that has client apps conditions configured
- D . a Microsoft Cloud App Security app discovery policy that has governance actions configured
B
Explanation:
Reference: https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad
You have a Microsoft 365 subscription.
You need to ensure that users can grant enterprise applications access to their profile. The solution must ensure that the users can consent only to the User. Read and profile delegated permissions.
What should you configure first?
- A . Security defaults
- B . Admin consent settings
- C . Permission classifications
- D . Identity Protection settings
HOTSPOT
You have a Microsoft Entra tenant that contains the users shown in the following table.
You have a user risk policy that has the following settings:
• Assignments:
o Include: Group1
o Exclude: Group2
• Sign-in risk Medium and above
• Access controls:
o Grant access: Require password change
When the users attempt to sign in. user risk levels are detected as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
You have a Microsoft Entra tenant named contoso.com.
You plan to bulk invite business-to-business (B2B) collaboration users.
Which two parameters must you include when you create the bulk invite file? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . password
- B . shared key
- C . email address
- D . username
HOTSPOT
You have a Microsoft Entra tenant that contains two groups named Group! and Group2 and the users shown in the following table.
Group2 is a member of Group1.
You configure an access review that has the following settings:
• Name: Review 1
• Select what to review: Teams + Groups
• Review scope: Select Teams + groups
• Group: Group1
• Scope: Guest users only
• Select reviewers: Group owners(s)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You have an Azure AD tenant that contains two users named User1 and User2.
You plan to perform the following actions:
• Create a group named Group 1.
• Add User1 and User 2 to Group1.
• Assign Azure AD roles to Group1.
You need to create Group1.
Which two settings can you use? Each correct answer presents a complete solution NOTE: Each correct selection is worth one point
- A . Group type: Microsoft 365 Membership type: Dynamic User
- B . Group type: Security Membership type: Dynamic Device
- C . Group type Security Membership type: Dynamic User
- D . Group type Security Membership type: Assigned
- E . Group type: Microsoft 365 Membership type: Assigned
You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1 and 100 virtual machines that run Windows Server.
You need to configure the collection of Windows Security event logs for ingestion to Ws1.
The solution must meet the following requirements:
– Capture a full user audit trail including user sign-in and user sign-out events.
– Minimize the volume of events.
– Minimize administrative effort.
Which event set should you select?
- A . Minimal
- B . Custom
- C . Common
- D . All events
You have a Microsoft Entra tenant that has a Microsoft Entta ID P2 license. You create a Log Analytics workspace.
You need to ensure that you can view Microsoft Entra ID audit log information by using Azure Monitor.
What should you do first?
- A . Create an Microsoft Entra ID workbook.
- B . Modify the Diagnostics settings for Microsoft Entra ID.
- C . Runtheupdate-ngoomaincmdlet.
- D . Run the update-Mgorganization cmdlet