SC-300 Online Practice Questions and Answers

DRAG DROP

You have a Microsoft 365 E5 subscription that contains three users named User1, User2, and User3.

You need to configure the users as shown in the following table.

Which portal should you use to configure each user? To answer, drag the appropriate portals to the correct users. Each portal may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to

view content.

NOTE: Each correct selection is worth one point.

Select and Place:

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.

You are creating a conditional access policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 tenant.

You need to identify users who have leaked credentials. The solution must meet the following requirements:

1.

Identify sign-ins by users who are suspected of having leaked credentials.

2.

Flag the sign-ins as a high-risk event.

3.

Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have an Azure subscription.

You need to create two custom roles named Role1 and Role2. The solution must meet the following requirements:

1.

Users that are assigned Role1 can create or delete instances of Azure Container Apps.

2.

Users that are assigned Role2 can enforce adaptive network hardening rules.

Which resource provider permissions are required for each role? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

You implement the planned changes for SSPR.

What occurs when User3 attempts to use SSPR? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.

You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.

What should you do first?

A. Disable the User consent settings.

B. Disable Security defaults.

C. Configure a multi-factor authentication (MFA) registration policy.

D. Configure password protection for Windows Server Active Directory.

You have a Microsoft 365 tenant.

All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.

Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

You need to block the users automatically when they report an MFA request that they did not Initiate.

Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).

Does this meet the goal?

A. Yes

B. No

You have an Azure Active Directory (Azure AD) tenant.

For the tenant. Users can register applications Is set to No.

A user named Admin1 must deploy a new cloud app named App1.

You need to ensure that Admin1 can register App1 in Azure AD. The solution must use the principle of least privilege.

Which role should you assign to Admin1?

A. Application developer in Azure AD

B. App Configuration Data Owner for Subscription1

C. Managed Application Contributor for Subscription1

D. Cloud application administrator in Azure AD

You have a Microsoft 365 tenant that uses the domain named fabrikam.com.

The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.)

A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table.

Which users will be emailed a passcode?

A. User2 only

B. User1 only

C. User1 and User2 only

D. User1, User2, and User3

Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table.

users can request access by using package 1.

Users at Fabrikam and Litware use ail then respective domain names for email addresses.

You plan to create an access package named packaqel that will be accessible only to the Fabrikam and Litware users.

You need to configure connected organizations for Fabrikam and litware so that any of their users can request access by using package1.

What is the minimum of connected organization that you should create.

A. 1

B. 2

C. 3

D. 4

Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains the users shown in the following table.

All the users work remotely.

Azure AD Connect is configured in Azure AD as shown in the following exhibit.

Connectivity from the on-premises domain to the internet is lost. Which users can sign in to Azure AD?

A. User1 only

B. User1 and User 3 only

C. User1, and User2 only

D. User1, User2, and User3

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 hosts PDF files.

You need to prevent users from printing the files directly from Site1.

Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?

A. activity policy

B. access policy

C. file policy

D. session policy

You have a Microsoft 365 subscription. The subscription contains users that use Microsoft Outlook 2016 and Outlook 2013 clients.

You need to implement tenant restrictions. The solution must minimize administrative effort.

What should you do first?

A. Configure the Outlook 2013 clients to use modern authentication.

B. Upgrade the Outlook 2013 clients to Outlook 2016.

C. From the Exchange admin center, configure Organization Sharing.

D. Upgrade all the Outlook clients to Outlook 2019.

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the conditional access policies shown in the following table.

You need to evaluate which policies will be applied to User1 when User1 attempts to sign-in from various IP addresses. Which feature should you use?

A. Access reviews

B. Identity Secure Score

C. The What If tool

D. the Microsoft 365 network connectivity test tool

You need to implement the planned changes for litware.com. What should you configure?

A. Azure AD Connect cloud sync between the Azure AD tenant and litware.com

B. Azure AD Connect to include the litware.com domain

C. staging mode in Azure AD Connect for the litware.com domain