SC-300 Online Practice Questions and Answers

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium Plan 2 license. The tenant contains the users shown in the following table.

You have the Device Settings shown in the following exhibit.

User1 has the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 tenant.

You need to identify users who have leaked credentials. The solution must meet the following requirements:

1.

Identify sign-ins by users who are suspected of having leaked credentials.

2.

Flag the sign-ins as a high-risk event.

3.

Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You need to create the LWGroup1 group to meet the management requirements.

How should you complete the dynamic membership rule? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

You create the Azure Active Directory (Azure AD) users shown in the following table.

On February 1, 2021, you configure the multi-factor authentication (MFA) settings as shown in the following exhibit.

The users authentication to Azure AD on their devices as shown in the following table.

On February 26, 2021, what will the multi-factor auth status be for each user?

A. Option A

B. Option B

C. Option C

D. Option D

You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.

Yon receive more than 100 email alerts each day for tailed Azure Al) user sign-in attempts.

You need to ensure that a new security administrator receives the alerts instead of you.

Solution: From Azure monitor, you create a data collection rule.

Does this meet the goal?

A. Yes

B. No

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains an Azure AD enterprise application named App1.

A contractor uses the credentials of user1@outlook.com.

You need to ensure that you can provide the contractor with access to App1. The contractor must be able to authenticate as user1@outlook.com.

What should you do?

A. Run the New-AzureADMSInvitation cmdlet.

B. Configure the External collaboration settings.

C. Add a WS-Fed identity provider.

D. Implement Azure AD Connect.

You have an Azure Active Directory (Azure AD) tenant named conto.so.com that has Azure AD Identity Protection enabled. You need to Implement a sign-in risk remediation policy without blocking access. What should you do first?

A. Configure access reviews in Azure AD.

B. Enforce Azure AD Password Protection.

C. implement multi-factor authentication (MFA) for all users.

D. Configure self-service password reset (SSPR) for all users.

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

User1 is the owner of Group1.

You create an access review that has the following settings:

1.

Users to review: Members of a group

2.

Scope: Everyone

3.

Group: Group1

4.

Reviewers: Members (self)

Which users can perform access reviews for User3?

A. User1, User2, and User3

B. User3 only

C. User1 only

D. User1 and User2 only

You create a conditional access policy that blocks access when a user triggers a high-severity sign-in alert. You need to test the policy under the following conditions:

1.

A user signs in from another country.

2.

A user triggers a sign-in risk. What should you use to complete the test?

A. the Conditional Access What If tool

B. sign-ins logs in Azure Active Directory (Azure AD)

C. the activity logs in Microsoft Defender for Cloud Apps

D. access reviews in Azure Active Directory (Azure AD)

You create a Log Analytics workspace.

You need to implement the technical requirements for auditing.

What should you configure in Azure AD?

A. Company branding

B. Diagnostics settings

C. External Identities

D. App registrations