Practice Microsoft Certified: Identity and Access Administrator Associate SC-300 exam. Online Exam Practice Tests with detailed explanations! Pass SC-300 with confidence!
SC-300 - Microsoft Identity and Access Administrator Practice Tests 2021 | Lead1Pass
NEW QUESTION 18
You have a Microsoft Exchange organization that uses an SMTP' address space of contoso.com.
Several users use their contoso.com email address for self-service sign up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.
Which PowerShell cmdlet should you run?
- A. Set-MsolCompanySettings
- B. Set-MsolDomain
- C. Update-MsolfederatedDomain
- D. Set-MsolDomainFederationSettings
Answer: A
Explanation:
Explanation
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-self-service-signup
NEW QUESTION 19
You need to locate licenses to the A.
Datum users. The solution must need the technical requirements.
Which type of object should you create?
- A. An administrative unit
- B. An OU
- C. A distribution group
- D. A Dynamo User security group
Answer: D
NEW QUESTION 20
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing a web service named App1.
You need to ensure that App1 can use Microsoft Graph to read directory data in contoso.com.
Which three actions should yon perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them In the correct order.
Answer:
Explanation:
NEW QUESTION 21
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
User1 has the devices shown in the following table.
On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings:
Name: Terms1
Display name: Contoso terms of use
Require users to expand the terms of use: On
Require users to consent on every device: On
Expire consents: On
Expire starting on: December 10, 2020
Frequency: Monthly
On November 15, 2020, User1 accepts Terms1 on Device3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 22
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using Azure AD Connect.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
1 - On Server2, run export for all connectors.
2 - On Server2, run delta synchronization for all connectors.
3 - On Server1, run export for all connectors.
NEW QUESTION 23
You have a Microsoft 365 tenant that contains a group named Group! as shown in the Group1 exhibit. (Click the Group 1 tab.)
You create an enterprise application named App1 as shown in the App1 Properties exhibit. (Click the App1 Properties tab.)
You configure self-service for App1 as shown in the App1 Self-service exhibit: (Click the App1 Self-service tab.)
For each of the following statements, select Yes if the statement is true, Otherwise select NO.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 24
You need to meet the planned changes and technical requirements for App1.
What should you implement?
- A. Azure AD Application Proxy
- B. a policy set in Microsoft Endpoint Manager
- C. an app registration in Azure AD
- D. an app configuration policy in Microsoft Endpoint Manager
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
NEW QUESTION 25
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not Initiate.
Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).
Does this meet the goal?
- A. No
- B. Yes
Answer: B
NEW QUESTION 26
You have a custom cloud app named App1 that is registered in Azure Active Directory (Azure AD).
App1 is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal
NEW QUESTION 27
You need to meet the technical requirements for the probability that user identifies were compromised.
What should the users do first, and what should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 28
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant syncs to an on-premises Active Directory domain.
Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.
You plan to manage access to external applications by using Azure AD.
You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.
What should you use to gather the information?
- A. Cloud App Discovery in Microsoft Cloud App Security
- B. enterprise applications in Azure AD
- C. Application Insights in Azure Monitor
- D. access reviews in Azure AD
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/create-snapshot-cloud-discovery-reports#using-traffic-logs-for-cloud-discovery
NEW QUESTION 29
You have a Microsoft 365 tenant.
You need to identify users who have leaked credentials. The solution must meet the following requirements.
* Identity sign-Ins by users who ate suspected of having leaked credentials.
* Rag the sign-ins as a high risk event.
* Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 30
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
- A. No
- B. Yes
Answer: A
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
NEW QUESTION 31
You need to meet the technical requirements for license management by the helpdesk administrators.
What should you create first, and which tool should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 32
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You need to ensure that Azure AD External Identities pricing is based on monthly active users (MAU).
What should you configure?
- A. a user flow
- B. the terms or use
- C. a linked subscription
- D. an access review
Answer: A
NEW QUESTION 33
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.
You are creating a conditional access policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa
NEW QUESTION 34
You need to implement the planned changes and technical requirements for the marketing department.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization
NEW QUESTION 35
You have an Azure Active Directory (Azure AD) tenant that contains three users named User1, User1, and User3, You create a group named Group1. You add User2 and User3 to Group1.
You configure a role in Azure AD Privileged identity Management (PIM) as shown in the application administrator exhibit. (Click the application Administrator tab.)
Group1 is configured as the approver for the application administrator role.
You configure User2to be eligible for the application administrator role.
For User1, you add an assignment to the Application administrator role as shown in the Assignment exhibit. (Click Assignment tab)
For each of the following statement, select Yes if the statement is true, Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION 36
You have a custom cloud app named App1 that is registered in Azure Active Directory (Azure AD).
App1 is configured as shown in the following exhibit.
Answer:
Explanation:
NEW QUESTION 37
......
Get instant access to SC-300 practice exam questions: https://drive.google.com/open?id=1C1d9_YRdnE_y16JTcjqcwHEo4oy8-XrO
The best SC-300 exam study material and preparation tool is here: https://www.lead1pass.com/Microsoft/SC-300-practice-exam-dumps.html