Practice Free SC-300 Exam Online Questions
You need implement the planned changes for application access to organizational data.
What should you configure?
- A . authentication methods
- B . the User consent settings
- C . access packages
- D . an application proxy
You have an Azure subscription that contains the resources shown in the following table.
You need to grant permissions to the resources by using attribute-based access control (ABAC).
To which resource can you grant permissions?
- A . Vault1
- B . VM1
- C . App1
- D . storage 1
You have a Microsoft 36S subscription. The subscription contains users that use Microsoft Outlook 2016 and Outlook 2013 clients. You need to implement tenant restrictions. The solution must minimize administrative effort.
What should you do first?
- A . Upgrade the Outlook 2013 clients to Outlook 2016.
- B . Configure the Outlook 2013 clients to use modem authentication.
- C . Upgrade all the Outlook clients to Outlook 2019.
- D . From the Exchange admin center, configure Organization Sharing.
HOTSPOT
You have an Azure subscription named Sub1.
You plan to deploy Microsoft Entra Permissions Management.
You need to ensure that Permission Management can onboard Sub1. The solution must follow the principle of least privilege.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Your company recently implemented Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
While you review the roles in PIM, you discover that all 15 users in the IT department at the company have permanent security administrator rights.
You need to ensure that the IT department users only have access to the Security administrator role when required.
What should you configure for the Security administrator role assignment?
- A . Expire eligible assignments after from the Role settings details
- B . Expire active assignments after from the Role settings details
- C . Assignment type to Active
- D . Assignment type to Eligible
HOTSPOT
You have an Azure AD tenant that contains multiple storage accounts.
You plan to deploy multiple Azure App Service apps that will require access to the storage accounts.
You need to recommend an identity solution to provide the apps with access to the storage accounts.
The solution must minimize administrative effort.
Which type of identity should you recommend, and what should you recommend using to control access to the storage accounts? To answer, select the appropriate options in the answer area.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.
You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account.
You deploy an Azure subscription and enable Microsoft 365 Defender.
You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps.
Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector.
Does this meet the goal?
- A . Yes
- B . No
You plan to deploy a new Azure AD tenant.
Which multifactor authentication (MFA) method will be enabled by default for the tenant?
- A . Microsoft Authenticator
- B . SMS
- C . voice call
- D . email OTP
You need to configure the MFA settings for users who connect from the Boston office. The solution must meet the authentication requirements and the access requirements.
What should you configure?
- A . named locations that have a private IP address range
- B . named locations that have a public IP address range
- C . trusted IPs that have a public IP address range
- D . trusted IPs that have a private IP address range
You configure Azure Active Directory (Azure AD) Password Protection as shown in the exhibit. (Click the Exhibit tab.)
You are evaluating the following passwords:
✑ Pr0jectlitw@re
✑ T@ilw1nd
✑ C0nt0s0
Which passwords will be blocked?
- A . Pr0jectlitw@re and T@ilw1nd only
- B . C0nt0s0 only
- C . C0nt0s0, Pr0jectlitw@re, and T@ilw1nd
- D . C0nt0s0 and T@ilw1nd only
- E . C0nt0s0 and Pr0jectlitw@re only