We recommend you to try the PREMIUM SC-300 Dumps From Exambible

https://www.exambible.com/SC-300-exam/ (192 Q&As)

Microsoft
Exam Questions SC-300
Microsoft Identity and Access Administrator

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

About Exambible

Your Partner of IT Exam

Found in 1998

Exambible is a company specialized on providing high quality IT exam practice study materials, especially Cisco CCNA, CCDA,
CCNP, CCIE, Checkpoint CCSE, CompTIA A+, Network+ certification practice exams and so on. We guarantee that the
candidates will not only pass any IT exam at the first attempt but also get profound understanding about the certificates they have
got. There are so many alike companies in this industry, however, Exambible has its unique advantages that other companies could
not achieve.

Our Advances

* 99.9% Uptime
All examinations will be up to date.
* 24/7 Quality Support
We will provide service round the clock.
* 100% Pass Rate
Our guarantee that you will pass the exam.
* Unique Gurantee
If you do not pass the exam at the first time, we will not only arrange FULL REFUND for you, but also provide you another
exam of your claim, ABSOLUTELY FREE!

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 1
- (Exam Topic 1)
You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements and the access requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 2
- (Exam Topic 3)
You need implement the planned changes for application access to organizational data. What should you configure?

A. authentication methods
B. the User consent settings
C. access packages
D. an application proxy

Answer: B

NEW QUESTION 3
- (Exam Topic 3)
You need to resolve the recent security incident issues.
What should you configure for each incident? To answer, drag the appropriate policy types to the correct
issues. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

Answer: A

Explanation:

NEW QUESTION 4
- (Exam Topic 4)
You have an Azure AD tenant that contains a user named User1 User1 needs to manage license assignments and reset user passwords. Which role should you
assign to User1?

A. License administrator
B. Helpdesk administrator
C. Billing administrator
D. User administrator

Answer: D

NEW QUESTION 5
- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
You have 100 IT administrators who are organized into 10 departments. You create the access review shown in the exhibit. (Click the Exhibit tab.)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

You discover that all access review requests are received by Megan Bowen.
You need to ensure that the manager of each department receives the access reviews of their respective department.
Solution: You set Reviewers to Member (self).
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 6
- (Exam Topic 4)
You have a Microsoft 365 E5 subscription.
You purchase the app governance add-on license. You need to enable app governance integration. Which portal should you use?

A. the Microsoft Defender for Cloud Apps portal

B. the Microsoft 365 admin center
C. Microsoft 365 Defender
D. the Azure Active Directory admin center
E. the Microsoft Purview compliance portal

Answer: A

NEW QUESTION 7
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant.
You create an enterprise application collection named HR Apps that has the following settings:
• Applications: Appl. App?, App3
• Owners: Admin 1
• Users and groups: HRUsers
AH three apps have the following Properties settings:
• Enabled for users to sign in: Yes
• User assignment required: Yes

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

• Visible to users: Yes

Users report that when they go to the My Apps portal, they only sue App1 and App2-You need to ensure that the users can also see App3. What should you do
from App3?
What should you do from App3?

A. From Users and groups, add HRUsers.

B. Prom Properties, change User assignment required to No.
C. From Permissions, review the User consent permissions.
D. From Single sign on, configure a sign-on method.

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal https://docs.microsoft.com/en-us/azure/active-
directory/user-help/my-applications-portal-workspaces

NEW QUESTION 8
- (Exam Topic 4)
You have an Azure AD tenant.
You perform the tasks shown in the following table.

On April 5, an administrator deletes App1, App2, App3, and App4.

You need to restore the apps and the settings.
Which apps can you restore on April 16, and which settings can you restore for App4 on April 16? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
A screenshot of a phone Description automatically generated

NEW QUESTION 9
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled. You are creating a conditional access policy as shown in the following
exhibit.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 10
- (Exam Topic 4)
You have an Azure Active Directory (Azure Azure) tenant that contains the objects shown in the following table.
• A device named Device1
• Users named User1, User2, User3, User4, and User5
• Five groups named Group1, Group2, Group3, Ciroup4, and Group5 The groups are configured as shown in the following table.

How many licenses are used if you assign the Microsoft Office 365 Enterprise E5 license to Group1?

A. 2
B. 3
C. 4

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced

NEW QUESTION 10
- (Exam Topic 4)
You have an Azure AD tenant.
You need to bulk create 25 new user accounts by uploading a template file. Which properties are required in the template file?

A. Option A
B. Option B
C. Option C
D. Option D

Answer: B

NEW QUESTION 14
- (Exam Topic 4)
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. The tenant contains the users shown in
the following table.

All the users work remotely.

Azure AD Connect is configured in Azure AD as shown in the following exhibit.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

Connectivity from the on-premises domain to the internet is lost. Which users can sign in to Azure AD?

A. User1 and User3 only

B. User1 only
C. User1, User2, and User3
D. User1 and User2 only

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-current-limitations

NEW QUESTION 18
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant.
You configure self-service password reset (SSPR) by using the following settings:
• Require users to register when signing in: Yes
• Number of methods required to reset: 1
What is a valid authentication method available to users?

A. home prions
B. mobile app notification
C. a mobile app code
D. an email to an address in your organization

Answer: C

NEW QUESTION 20
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant that has multi-factor authentication (MFA) enabled. The account lockout settings are configured as shown in
the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
App code 60
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#account-lockout

NEW QUESTION 24
- (Exam Topic 4)
You have a Microsoft 365 tenant.
You need to identify users who have leaked credentials. The solution must meet the following requirements.
• Identity sign-Ins by users who ate suspected of having leaked credentials.
• Rag the sign-ins as a high risk event.
• Immediately enforce a control to mitigate the risk, while still allowing the user to access applications. What should you use? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks

NEW QUESTION 27
- (Exam Topic 4)
Your company has a Microsoft 365 tenant.
The company has a call center that contains 300 users. In the call center, the users share desktop computers and might use a different computer every day. The
call center computers are NOT configured for biometric identification.
The users are prohibited from having a mobile phone in the call center.
You need to require multi-factor authentication (MFA) for the call center users when they access Microsoft 365 services.
What should you include in the solution?

A. a named network location

B. the Microsoft Authenticator app
C. Windows Hello for Business authentication
D. FIDO2 tokens

Answer: D

Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 28
- (Exam Topic 4)
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com. The company is developing a web service named App1.
You need to ensure that App1 can use Microsoft Graph to read directory data in contoso.com.
Which three actions should yon perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them In the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Graphical user interface, text, application Description automatically generated
Create an app registration:
Your app must be registered with the Microsoft identity platform and be authorized by either a user or an administrator for access to the Microsoft Graph resources
it needs.
Grant admin consent:
Higher-privileged permissions require administrator consent.
Add app permissions:
After the consents to permissions for your app, your app can acquire access tokens that represent the app's permission to access a resource in some capacity.
Encoded inside the access token is every permission that your app has been granted for that resource.
Reference:
https://docs.microsoft.com/en-us/graph/auth/auth-concepts

NEW QUESTION 33
- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.
You have a Microsoft 365 ES subscription. You create a user named User1.
You need to ensure that User1 can update the status of identity Secure Score improvement actions. Solution: You assign the Exchange Administrator role to
User1.

A. Yes
B. No

Answer: B

NEW QUESTION 36
- (Exam Topic 4)
You have an Azure AD tenant that uses Azure AD Identity Protection and contains the resources shown in the following table.

Azure Multi-Factor Authentication (MFA) is enabled for all users.

User1 triggers a medium severity alert that requires additional investigation.
You need to force User1 to reset his password the next time he signs in. the solution must minimize administrative effort.
What should you do?

A. Configure a sign-in risk policy.

B. Mark User1 as compromised.
C. Reconfigure the user risk policy to trigger on medium or low severity.
D. Reset the Azure MFA registration for User1.

Answer: B

NEW QUESTION 38
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

For which users can you configure the Job title property and the Usage location property in Azure AD? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 40
- (Exam Topic 4)
You create a conditional access policy that blocks access when a user triggers a high-seventy sign-in alert. You need to test the policy under the following
conditions;
• A user signs in from another country.
• A user triggers a sign-in risk.
What should you use to complete the test?

A. the Conditional Access What If tool

B. sign-ins logs in Azure AD
C. access reviews in Azure AD
D. the activity logs in Microsoft Defender for Cloud Apps

Answer: A

NEW QUESTION 43
- (Exam Topic 4)
You have an Azure AD tenant that contains an access package named Package1 and a user named User1. Package1 is configured as shown in the following
exhibit.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

You need to ensure that User1 can modify the review frequency of Package1. The solution must use the principle of least privilege.
Which role should you assign to User1?

A. Privileged role administrator

B. User administrator
C. External Identity Provider administrator
D. Security administrator

Answer: A

NEW QUESTION 47
- (Exam Topic 4)
You have a hybrid Microsoft 365 subscription that contains the users show in the following table.

You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle
of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 50
- (Exam Topic 4)
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as
shown in the exhibit. (Click the Exhibit tab.)

A user named bsmith@fabrikam.com shares a Microsoft SharePoint Online document library to the users shown in the following table.

Which users will be emailed a passcode?

A. User2 only
B. User1 only
C. User1 and User2 only
D. User1, User2, and User3

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/one-time-passcode

NEW QUESTION 51
- (Exam Topic 4)
Your company has a Microsoft 365 tenant.
All users have computers that run Windows 10 and are joined to the Azure Active Directory (Azure AD)
tenant.
The company subscribes to a third-party cloud service named Service1. Service1 supports Azure AD authentication and authorization based on OAuth. Service1 is
published to the Azure AD gallery.
You need to recommend a solution to ensure that the users can connect to Service1 without being prompted for authentication. The solution must ensure that the
users can access Service1 only from Azure AD-joined computers. The solution must minimize administrative effort.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-how-applications-are-added https://docs.microsoft.com/en-us/azure/active-
directory/conditional-access/require-managed-devices

NEW QUESTION 54
- (Exam Topic 4)
You have an Azure subscription.
Azure AD logs are sent to a Log Analytics workspace.
You need to query the logs and graphically display the number of sign-ins per user.
How should you complete the query? To answer, select the appropriate options in the answer area.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1 = SigninLogs
| where ResultType == 0
| summarize login_count = count() by identity
| render piechart
This query retrieves the sign-in logs, filters the successful sign-ins, summarizes the count of sign-ins per user, and renders the result as a pie chart.
Box 2 = Render

NEW QUESTION 55
- (Exam Topic 4)
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using
Azure AD Connect.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 56
- (Exam Topic 4)
You have an Azure AD tenant that contains a user named Admin1.
Admin1 uses the Require password change for high-risk user’s policy template to create a new Conditional Access policy.
Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once,
more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
A white background with black text Description automatically generated

NEW QUESTION 59
- (Exam Topic 4)
You have a Microsoft 365 tenant.
You need to ensure that you tan view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.
What should you do first?

A. Run the Get-AzureADAuditDirectoryLogs cmdlet.

B. Create an Azure AD workbook.
C. Run the Set-AzureADTenantDetail cmdlet.
D. Modify the Diagnostics settings for Azure AD.

Answer: D

NEW QUESTION 63
- (Exam Topic 4)
You have an Azure AD tenant named contoso.com that has Email one-time passcode for guests set to Yes.
You invite the guest users shown in the following table.

Which users will receive a one-time passcode, and how long will the passcode be valid? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 64
- (Exam Topic 4)
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
User1 has the devices shown in the following table.

On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings: Name: Terms1
Display name: Contoso terms of use
Require users to expand the terms of use: On
Require users to consent on every device: On
Expire consents: On
Expire starting on: December 10, 2020
Frequency: Monthly
On November 15, 2020, User1 accepts Terms1 on Device3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 68
- (Exam Topic 4)
You have a custom cloud app named App1 that is registered in Azure Active Directory (Azure AD). App1 is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal

NEW QUESTION 70
- (Exam Topic 4)
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
Yon receive more than 100 email alerts each day for tailed Azure Al) user sign-in attempts. You need to ensure that a new security administrator receives the
alerts instead of you. Solution: From Azure monitor, you modify the action group.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 74
- (Exam Topic 4)
You have a Microsoft 365 tenant.
The Sign-ins activity report shows that an external contractor signed in to the Exchange admin center. You need to review access to the Exchange admin center at
the end of each month and block sign-ins if required.
What should you create?

A. an access package that targets users outside your directory

B. an access package that targets users in your directory
C. a group-based access review that targets guest users
D. an application-based access review that targets guest users

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

NEW QUESTION 77
- (Exam Topic 4)
You have an on-premises datacenter that contains the hosts shown in the following table.

You have an Azure Active Directory (Azure AD) tenant that syncs to the Active Directory forest. Multi-factor authentication (MFA) is enforced for Azure AD.
You need to ensure that you can publish App1 to Azure AD users.
What should you configure on Server and Firewall1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy

NEW QUESTION 78
- (Exam Topic 4)
You have an Azure subscription that contains a user named User1. You need to meet the following requirements:
• Prevent User1 from being added as an owner of newly registered apps.
• Ensure that User1 can manage the application proxy settings.
• Ensure that User2 can register apps.
• Use the principle of least privilege. Which role should you assign to User1?

A. Application developer
B. Cloud application administrator
C. Service support administrator
D. Application administrator

Answer: D

NEW QUESTION 80
- (Exam Topic 4)
You have a Microsoft 365 tenant.
All users have computers that run Windows 10. Most computers are company-owned and joined to Azure Active Directory (Azure AD). Some computers are user-
owned and are only registered in Azure AD.
You need to prevent users who connect to Microsoft SharePoint Online on their user-owned computer from downloading or syncing files. Other users must NOT
be restricted.
Which policy type should you create?

A. a Microsoft Cloud App Security activity policy that has Microsoft Office 365 governance actions configured
B. an Azure AD conditional access policy that has session controls configured
C. an Azure AD conditional access policy that has client apps conditions configured
D. a Microsoft Cloud App Security app discovery policy that has governance actions configured

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad

NEW QUESTION 84
- (Exam Topic 4)
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant syncs to an on-premises Active Directory domain.
Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.
You plan to manage access to external applications by using Azure AD.
You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.
What should you use to gather the information?

A. Application Insights in Azure Monitor

B. access reviews in Azure AD
C. Cloud App Discovery in Microsoft Cloud App Security
D. enterprise applications in Azure AD

Answer: C

Explanation:
Reference:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

https://docs.microsoft.com/en-us/cloud-app-security/create-snapshot-cloud-discovery-reports#using-traffic-logs

NEW QUESTION 85
- (Exam Topic 4)
You configure Azure Active Directory (Azure AD) Password Protection as shown in the exhibit. (Click the Exhibit tab.)

You are evaluating the following passwords:

Pr0jectlitw@re
T@ilw1nd
C0nt0s0
Which passwords will be blocked?

A. Pr0jectlitw@re and T@ilw1nd only

B. C0nt0s0 only
C. C0nt0s0, Pr0jectlitw@re, and T@ilw1nd
D. C0nt0s0 and T@ilw1nd only
E. C0nt0s0 and Pr0jectlitw@re only

Answer: C

Explanation:
Reference:
https://blog.enablingtechcorp.com/azure-ad-password-protection-password-evaluation

NEW QUESTION 86
- (Exam Topic 4)
You have an Azure subscription that contains the resources shown in the following table.

For which resources can you create an access review?

A. Group1, App1, Contributor, and Role1

B. Hotel and Contributor only
C. Group1, Role1, and Contributor only
D. Group1 only

Answer: A

Explanation:
Access reviews require an Azure AD Premium P2 license.
Access reviews for Group1 and App1 can be configured in Azure AD Access Reviews.
Access reviews for the Contributor role and Role1 would need to be configured in Privileged Identity Management (PIM). PIM is included in Azure AD Premium P2.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-start-securi https://docs.microsoft.com/en-us/azure/active-
directory/governance/access-reviews-overview

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

NEW QUESTION 90
- (Exam Topic 4)
You have an Azure subscription that contains the following virtual machine Name: VM1
Azure region: East US
System-assigned managed identity: Disabled
You create the managed identities shown in the following table.

You perform the following actions:

• Assign Managed1 to VM1.
• Create a resource group named RG1 in the West US region.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 95
- (Exam Topic 4)
You have an on-premises Microsoft Exchange organization that uses an SMTP address space of contoso.com. You discover that users use their email address for
self-service sign-up to Microsoft 365 services.
You need to gain global administrator privileges to the Azure Active Directory (Azure AD) tenant that contains the self-signed users.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/domains-admin-takeover

NEW QUESTION 97
- (Exam Topic 4)
You have a Microsoft 365 tenant.
You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant. Users connect to the internet by using a hardware firewall at your
company. The users authenticate to the
firewall by using their Active Directory credentials.
You plan to manage access to external applications by using Azure AD.
You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.
What should you use to gather the information?

A. Cloud App Discovery in Microsoft Defender for Cloud Apps

B. enterprise applications in Azure AD
C. access reviews in Azure AD
D. Application Insights in Azure Monitor

Answer: A

NEW QUESTION 98
- (Exam Topic 4)
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users
connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?

A. a notification through the Microsoft Authenticator app

B. email
C. security questions
D. a verification code from the Microsoft Authenticator app

Answer: D

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-authenticator-app

NEW QUESTION 99
......

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM SC-300 Dumps From Exambible
https://www.exambible.com/SC-300-exam/ (192 Q&As)

Relate Links

100% Pass Your SC-300 Exam with Exambible Prep Materials

https://www.exambible.com/SC-300-exam/

Contact us

We are proud of our high-quality customer service, which serves you around the clock 24/7.

Viste - https://www.exambible.com/

Your Partner of IT Exam visit - https://www.exambible.com

Powered by TCPDF (www.tcpdf.org)