Microsoft SC-300 Microsoft Identity and Access Administrator Online Training
Microsoft SC-300 Online Training
The questions for SC-300 were last updated at Dec 20,2024.
- Exam Code: SC-300
- Exam Name: Microsoft Identity and Access Administrator
- Certification Provider: Microsoft
- Latest update: Dec 20,2024
You have an Azure Active Directory (Azure AD) tenant.
For the tenant. Users can register applications Is set to No.
A user named Admin1 must deploy a new cloud app named App1.
You need to ensure that Admin1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which role should you assign to Admin1?
- A . Application developer in Azure AD
- B . App Configuration Data Owner for Subscription1
- C . Managed Application Contributor for Subscription1
- D . Cloud application administrator in Azure AD
HOTSPOT
You have a custom cloud app named App1 that is registered in Azure Active Directory (Azure AD).
App1 is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Your company requires that users request access before they can access corporate applications.
You register a new enterprise application named MyApp1 in Azure Active Dilatory (Azure AD) and configure single sign-on (SSO) for MyApp1.
Which settings should you configure next for MyApp1?
- A . Self-service
- B . Provisioning
- C . Roles and administrators
- D . Application proxy
You have an Azure Active Directory (Azure AD) tenant.
You create an enterprise application collection named HR Apps that has the following settings:
• Applications: Appl. App?, App3
• Owners: Admin 1
• Users and groups: HRUsers
AH three apps have the following Properties settings:
• Enabled for users to sign in: Yes
• User assignment required: Yes
• Visible to users: Yes
Users report that when they go to the My Apps portal, they only sue App1 and App2-You need to ensure that the users can also see App3.
What should you do from App3?
- A . From Users and groups, add HRUsers.
- B . Prom Properties, change User assignment required to No.
- C . From Permissions, review the User consent permissions.
- D . From Single sign on, configure a sign-on method.
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.
In Azure AD. you add a new enterprise application named Appl.
Which groups can you assign to App1?
- A . Group1 and Group2 only
- B . Group2 only
- C . Group3 only
- D . Group1 only
- E . Group1 and Group4
DRAG DROP
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.
The company is developing a web service named App1.
You need to ensure that App1 can use Microsoft Graph to read directory data in contoso.com.
Which three actions should yon perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them In the correct order.
DRAG DROP
You have a Microsoft 365 E5 tenant.
You purchase a cloud app named App1.
You need to enable real-time session-level monitoring of App1 by using Microsoft Cloud app Security.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled.
You are creating a conditional access policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You configure a new Microsoft 36S tenant to use a default domain name of contosso.com.
You need to ensure that you can control access to Microsoft 365 resource-, by using conditional access policy.
What should you do first?
- A . Disable the User consent settings.
- B . Disable Security defaults.
- C . Configure a multi-factor authentication (Ml A) registration policy1.
- D . Configure password protection for Windows Server Active Directory.
You have an Azure Active Directory (Azure AD) tenant named conto.so.com that has Azure AD Identity Protection enabled. You need to Implement a sign-in risk remediation policy without blocking access.
What should you do first?
- A . Configure access reviews in Azure AD.
- B . Enforce Azure AD Password Protection.
- C . implement multi-factor authentication (MFA) for all users.
- D . Configure self-service password reset (SSPR) for all users.