Practice Free SC-300 Exam Online Questions
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
HOTSPOT
You have a Microsoft 36S tenant.
You create a named location named HighRiskCountries that contains a list of high-risk countries.
You need to limit the amount of time a user can stay authenticated when connecting from a high-risk country.
What should you configure in a conditional access policy? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-session
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
You receive more than 100 email alerts each day for failed Azure AD user sign-in attempts.
You need to ensure that a new security administrator receives the alerts instead of you.
Solution: From Azure AD, you modify the Diagnostics settings.
Does this meet the goal?
- A . Yes
- B . No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure pass-through authentication.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 ES subscription.
You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions.
Solution: You assign the Exchange Administrator role to User1.
- A . Yes
- B . No
You need to modify the settings of the User administrator role to meet the technical requirements.
Which two actions should you perform for the role? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Select Require justification on activation
- B . Set all assignments to Active
- C . Set all assignments to Eligible
- D . Modify the Expire eligible assignments after setting.
- E . Select Require ticket information on activation.
You have a Microsoft 365 subscription.
You plan to deploy an app named App1 that will have the following configurations:
• Will be registered in Microsoft Entra
• Will run as a service without user interaction
• Will collect audit logs associated with user sign-ins
• Will access resources by using the Microsoft Graph API
You need to ensure that App1 can access Microsoft Graph.
What should you use?
- A . application permissions
- B . delegated permissions
- C . a custom role-based access control (RBAC) role
- D . a built-in role-based access control (RBAC) role
You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server.
You enable Microsoft Entra login for the virtual machines.
Users report that they cannot sign in to the virtual machines by using their Microsoft Entra credentials.
You need to ensure that the users can sign in to the virtual machines.
What should you do first?
- A . Ensure that the virtual machines can access https://enterpriseregistration.windows.net.
- B . Revoke the primary refresh token.
- C . From the Microsoft Entra admin center, delete the device registrations of the virtual machines.
- D . Enable SSH client support for OpenSSH.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure Azure AD Password Protection.
Does this meet the goal?
- A . Yes
- B . No
Your network contains an on-premises Active Directory domain that sync to an Azure Active Directory (Azure AD) tenant.
The tenant contains the shown in the following table.
All the users work remotely.
Azure AD Connect is configured in Azure as shown in the following exhibit.
Connectivity from the on-premises domain to the internet is lost.
Which user can sign in to Azure AD?
- A . User1 only
- B . User1 and User 3 only
- C . User1, and User2 only
- D . User1, User2, and User3