Back

Practice Free SC-300 Exam Online Questions

Question #61

HOTSPOT

You have an Azure subscription that contains the following virtual machine

Name: VM1

Azure region: East US

System-assigned managed identity: Disabled

You create the managed identities shown in the following table.

You perform the following actions:

• Assign Managed1 to VM1.

• Create a resource group named RG1 in the West US region.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #62

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure AD Identity Protection policies enforced.

You create an Azure Sentinel instance and configure the Azure Active Directory connector.

You need to ensure that Azure Sentinel can generate incidents based on the risk alerts raised by Azure AD Identity Protection.

What should you do first?

  • A . Add an Azure Sentinel data connector.
  • B . Configure the Notify settings in Azure AD Identity Protection.
  • C . Create an Azure Sentinel playbook.
  • D . Modify the Diagnostics settings in Azure AD.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-ad-identity-protection
Question #63

You implement the planned changes for SSPR.

What occurs when User3 attempts to use SSPR? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #64

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.

User1 has the devices shown in the following table.

On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings:

✑ Name: Terms1

✑ Display name: Contoso terms of use

✑ Require users to expand the terms of use: On

✑ Require users to consent on every device: On

✑ Expire consents: On

✑ Expire starting on: December 10, 2020

✑ Frequency: Monthly

On November 15, 2020, User1 accepts Terms1 on Device3.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #65

You need to meet the planned changes and technical requirements for App1.

What should you implement?

  • A . a policy set in Microsoft Endpoint Manager
  • B . an app configuratifon policy in Microsoft Endpoint Manager
  • C . an app registration in Azure AD
  • D . Azure AD Application Proxy

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
Question #66

You have an Azure AD tenant.

You need to bulk create 25 new user accounts by uploading a template file.

Which properties are required in the template file?

  • A . Option A
  • B . Option B
  • C . Option C
  • D . Option D

Reveal Solution Hide Solution

Correct Answer: B
Question #67

You have an Azure Active Directory (Azure AD) tenant.

You need to review the Azure AD sign-ins log to investigate sign ins that occurred in the past.

For how long does Azure AD store events in the sign-in log?

  • A . 14 days
  • B . 30 days
  • C . 90 days
  • D . 365 days

Reveal Solution Hide Solution

Correct Answer: B
Question #68

HOTSPOT

You have an Azure AD tenant contains the users shown in the following table.

In Azure AD Privileged Identity Management (PIM), you configure the Global Administrator role as shown in the following exhibit.

User 1 is eligible for the Global Administrator role.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:


Question #69

You have an Azure Ad tenant that contains the users show in the following table.

You create a dynamic user group and configure the following rule syntax.

Which users will be added to the group?

  • A . User1 only
  • B . User2 only
  • C . User3 only
  • D . User1 and User2 only
  • E . User1 and User3 only
  • F . User1, User2, and User3

Reveal Solution Hide Solution

Correct Answer: D
Question #70

You have an Azure AD tenant named contoso.com that contains the resources shown in the following table.

You create a user named Admin 1.

You need to ensure that Admin can enable Security defaults for contoso.com.

What should you do first?

  • A . Configure Identity Governance.
  • B . Delete Package1.
  • C . Delete CAPolicy1.
  • D . Assign Admin1 the Authentication administrator role for Au1

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

To enable Security defaults for contoso.com, you should first sign in to the Azure portal as a security administrator, Conditional Access administrator, or global administrator. Then, browse to Azure Active Directory > Properties and select Manage security defaults. Set the Enable security defaults toggle to Yes and select Save.

After that, you can assign Admin1 the Identity Administrator role for Au1 to enable them to manage security defaults for the tenant.

https://practical365.com/what-are-azure-ad-security-defaults-and-should-you-use-them/