[Dec 27, 2023] SC-300 Exam Dumps - Try Best SC-300 Exam Questions - TestPDF
Verified SC-300 exam dumps Q&As with Correct 226 Questions and Answers
Obtaining the Microsoft SC-300 certification can provide numerous benefits to professionals in the IT industry. It can help them advance their careers and increase their earning potential, as well as demonstrate their expertise and credibility to employers and clients. Additionally, individuals with this certification may have an advantage in job applications and be more likely to be considered for roles related to identity and access management within Microsoft environments.
Microsoft SC-300 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION # 12
You create the Azure Active Directory (Azure AD) users shown in the following table.
On February 1, 2021, you configure the multi-factor authentication (MFA) settings as shown in the following exhibit.
The users authentication to Azure AD on their devices as shown in the following table.
On February 26, 2021, what will the multi-factor auth status be for each user?
- A.

- B.

- C.

- D.

Answer: B
NEW QUESTION # 13
You have an Azure Active Directory (Azure AD) tenant that contains the following objects:
A device named Device1
Users named User1, User2, User3, User4, and User5
Groups named Group1, Group2, Group3, Group4, and Group5
The groups are configured as shown in the following table.
To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly?
- A. Group1 and Group2 only
- B. Group1 only
- C. Group1 and Group4 only
- D. Group1, Group2, Group3, Group4, and Group5
- E. Group1, Group2, Group4, and Group5 only
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced
NEW QUESTION # 14
You have a Microsoft 365 tenant.
You need to identify users who have leaked credentials. The solution must meet the following requirements.
* Identity sign-Ins by users who ate suspected of having leaked credentials.
* Rag the sign-ins as a high risk event.
* Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks
NEW QUESTION # 15
You need to sync the ADatum users. The solution must meet the technical requirements.
What should you do?
- A. From the Microsoft Azure Active Directory Connect wizard, select Change user sign-in.
- B. From PowerShell, run Start-ADSyncSyncCycle.
- C. From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options.
- D. From PowerShell, run Set-ADSyncScheduler.
Answer: C
Explanation:
You need to select Customize synchronization options to configure Azure AD Connect to sync the Adatum organizational unit (OU).
Implement an identity management solution
Question Set 2
NEW QUESTION # 16
You have an Azure Active Directory (Azure Azure) tenant that contains the objects shown in the following table.
* A device named Device1
* Users named User1, User2, User3, User4, and User5
* Five groups named Group1, Group2, Group3, Ciroup4, and Group5
The groups are configured as shown in the following table.
How many licenses are used if you assign the Microsoft Office 365 Enterprise E5 license to Group1?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced
NEW QUESTION # 17
You have a Microsoft 365 tenant and an Active Directory domain named adatum.com.
You deploy Azure AD Connect by using the Express Settings.
You need to configure self-service password reset (SSPR) to meet the following requirements:
When users reset their password, they must be prompted to respond to a mobile app notification or answer three predefined security questions.
Passwords must be synced between the tenant and the domain regardless of where the password was reset.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-security-questions
NEW QUESTION # 18
You have a Microsoft 365 tenant.
You need to ensure that you tan view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.
What should you do first?
- A. Run the Get-AzureADAuditDirectoryLogs cmdlet.
- B. Run the Set-AzureADTenantDetail cmdlet.
- C. Modify the Diagnostics settings for Azure AD.
- D. Create an Azure AD workbook.
Answer: A
NEW QUESTION # 19
You need to implement the planned changes and technical requirements for the marketing department.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization
NEW QUESTION # 20
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table.
You install Azure AD Connect. You configure the Domain and OU filtering settings as shown in the Domain and OU Filtering exhibit. (Click the Domain and OU Filtering tab.)
You configure the Filter users and devices settings as shown in the Filter Users and Devices exhibit. (Click the Filter Users and Devices tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-custom
NEW QUESTION # 21
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
You plan to implement Azure AD Identity Protection.
Which users can configure the user risk policy, and which users can view the risky users report? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
NEW QUESTION # 22
You have a Microsoft 365 tenant that contains a group named Group1 as shown in the Group1 exhibit. (Click the Group1 tab.)
You create an enterprise application named App1 as shown in the App1 Properties exhibit. (Click the App1 Properties tab.)
You configure self-service for App1 as shown in the App1 Self-service exhibit. (Click the App1 Self-service tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 23
Your on-premises network contains an Active Directory domain that uses Azure AD Connect to sync with an Azure AD tenant. You need to configure Azure AD Connect to meet the following requirements:
* User sign-ins to Azure AD must be authenticated by an Active Directory domain controller.
* Active Directory domain users must be able to use Azure AD self-service password reset (SSPR).
What should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 24
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not initiate.
Solution: From the Azure portal, you configure the Notifications settings for multi-factor authentication (MFA).
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
You need to configure the fraud alert settings.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings
NEW QUESTION # 25
You have a Microsoft 365 E5 subscription. You need to perform the following tasks:
* Identify the locations and IP addresses used by Azure AD users to sign in
* Review the Azure AD security settings and identify improvement recommendations.
* Identify changes to Azure AD users or service principle.
What should you use for each task? To answer, drag the appropriate resources to the correct requirements. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Explanation:
NEW QUESTION # 26
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Explanation/Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
NEW QUESTION # 27
You have a Microsoft 365 tenant.
You configure a conditional access policy as shown in the Conditional Access policy exhibit. (Click the Conditional Access policy tab.)
You view the User administrator role settings as shown in the Role setting details exhibit. (Click the Role setting details tab.)
You view the User administrator role assignments as shown in the Rote assignments exhibit. (Click the Role assignments lab.)
For each of the following statement, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 28
You have an Azure subscription.
You need to create two custom roles named Role1 and Role2. The solution must meet the following requirements:
* Users that are assigned Role1 can create or delete instances of Azure Container Apps.
* Users that are assigned Role2 can enforce adaptive network hardening rules.
Which resource provider permissions are required for each role? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 29
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant- Users sign in to computers that run Windows 10 and are joined to the domain.
You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).
You need to configure the computers for Azure AD Seamless SSO.
What should you do?
- A. Modify the Intranet Zone settings.
- B. Configure Sign-in options.
- C. Install the Azure AD Connect Authentication Agent.
- D. Enable Enterprise State Roaming.
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start
NEW QUESTION # 30
You have a Microsoft 365 tenant that contains a group named Group1 as shown in the Group1 exhibit. (Click the Group1 tab.)
You create an enterprise application named App1 as shown in the App1 Properties exhibit. (Click the App1 Properties tab.)
You configure self-service for App1 as shown in the App1 Self-service exhibit. (Click the App1 Self-service tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
a) https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal b) maybe https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-manage-groups c) https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-properties#visible-to-users
NEW QUESTION # 31
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the SharePoint Administrator role to User1
Does this meet the goal?
- A. Yes
- B. No
Answer: B
NEW QUESTION # 32
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
You plan to implement Azure AD Identity Protection.
Which users can configure the user risk policy, and which users can view the risky users report? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
NEW QUESTION # 33
You need to configure the assignment of Azure AD licenses to the Litware users. The solution must meet the licensing requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Litware recently added a custom user attribute named LWLicenses to the litware.com Active Directory forest.
Litware wants to manage the assignment of Azure AD licenses by modifying the value of the LWLicenses attribute. Users who have the appropriate value for LWLicenses must be added automatically to a Microsoft
365 group that has the appropriate licenses assigned.
NEW QUESTION # 34
You have an Azure AD tenant.
You perform the tasks shown in the following table.
On April 5, an administrator deletes App1, App2, App3, and App4.
You need to restore the apps and the settings.
Which apps can you restore on April 16, and which settings can you restore for App4 on April 16? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
A screenshot of a phone Description automatically generated
NEW QUESTION # 35
Your network contains an on-premises Active Directory domain that sync to an Azure Active Directory (Azure AD) tenant. The tenant contains the shown in the following table.
All the users work remotely.
Azure AD Connect is configured in Azure as shown in the following exhibit.
Connectivity from the on-premises domain to the internet is lost.
Which user can sign in to Azure AD?
- A. User1 and User 3 only
- B. User1, User2, and User3
- C. User1 only
- D. User1, and User2 only
Answer: C
NEW QUESTION # 36
......
Microsoft Identity and Access Administrator is an essential role in any organization that utilizes Microsoft technologies for their identity and access management needs. Microsoft has recently introduced the Microsoft SC-300 certification exam, which is designed to test the skills and knowledge of professionals in this field. Microsoft Identity and Access Administrator certification exam is intended for individuals who are responsible for managing and securing identity and access solutions in Microsoft Azure, hybrid, and on-premises environments.
Microsoft SC-300 Test Engine PDF - All Free Dumps: https://www.testpdf.com/SC-300-exam-braindumps.html
Get New SC-300 Certification – Valid Exam Dumps Questions: https://drive.google.com/open?id=1WXY_7bC-UGzuN0nXJzfxcKcJJB90Fyew
