CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-300

Free SC-300 Exam Braindumps (page: 11)

Page 11 of 80
PDF with 315 Questions

Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant.

Users sign in to computers that run Windows 10 and are joined to the domain.

You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).

You need to configure the Windows 10 computers to support Azure AD Seamless SSO.

What should you do?

  1. Configure Sign-in options from the Settings app.
  2. Enable Enterprise State Roaming.
  3. Modify the Intranet Zone settings.
  4. Install the Azure AD Connect Authentication Agent.

Answer(s): C


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start



DRAG DROP (Drag and Drop is not supported)
You need to resolve the recent security incident issues.

What should you configure for each incident? To answer, drag the appropriate policy types to the correct issues. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: A user risk policy
User-linked detections include:
Leaked credentials: This risk detection type indicates that the user's valid credentials have been leaked. When cybercriminals compromise valid passwords of legitimate users, they often share those credentials.

User risk policy.
Identity Protection can calculate what it believes is normal for a user's behavior and use that to base decisions for their risk. User risk is a calculation of probability that an identity has been compromised. Administrators can make a decision based on this risk score signal to enforce organizational requirements. Administrators can choose to block access, allow access, or allow access but require a password change using Azure AD self-service password reset.

Box 2: A sign-in risk policy
Suspicious browser: Suspicious browser detection indicates anomalous behavior based on suspicious sign-in activity across multiple tenants from different countries in the same browser.

Box 3: A sign-in risk policy
A sign-in risks include activity from anonymous IP address: This detection is discovered by Microsoft Defender for Cloud Apps. This detection identifies that users were active from an IP address that has been identified as an anonymous proxy IP address.

Note: The following three policies are available in Azure AD Identity Protection to protect users and respond to suspicious activity. You can choose to turn the policy enforcement on or off, select users or groups for the policy to apply to, and decide if you want to block access at sign-in or prompt for additional action.

* User risk policy
Identifies and responds to user accounts that may have compromised credentials. Can prompt the user to create a new password.

* Sign in risk policy
Identifies and responds to suspicious sign-in attempts. Can prompt the user to provide additional forms of verification using Azure AD Multi-Factor Authentication.

* MFA registration policy
Makes sure users are registered for Azure AD Multi-Factor Authentication. If a sign-in risk policy prompts for MFA, the user must already be registered for Azure AD Multi-Factor Authentication.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies



HOTSPOT (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.



For which users can you configure the Job title property and the Usage location property in Azure AD? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: User1 and User2 only.
You can add or update a user's profile information using Azure Active Directory.
Add user profile information, including a profile picture, job-specific information, and some settings using Azure Active Directory (Azure AD).

The user profile includes:
Job info. Add any job-related information, such as the user's job title, department, or manager.

Box 2: User1, User2, and User3
Invite users with Azure Active Directory B2B collaboration, Update user’s name and usage location.

To assign a license, the invited user’s Usage location must be specified. Admins can update the invited user’s profile on the Azure portal.

1. Go to Azure Active Directory > Users and groups > All users. If you don't see the newly created user, refresh the page.

2. Click on the invited user, and then click Profile.

3. Update First name, Last name, and Usage location.

4. Click Save, and then close the Profile blade.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-profile-azure-portal
https://docs.microsoft.com/en-us/power-platform/admin/invite-users-azure-active-directory-b2b-collaboration#update-users-name-and-usage-location



You have an Azure Active Directory (Azure AD) tenant that: contains a user named User1.

You need to ensure that User1 can create new catalogs and add resources to the catalogs they own.

What should you do?

  1. From the Roles and administrators blade, modify the Groups administrator role.
  2. From the Roles and administrators blade, modify the Service support administrator role.
  3. From the Identity Governance blade, modify the Entitlement management settings.
  4. From the Identity Governance blade, modify the roles and administrators for the General catalog.

Answer(s): C

Explanation:

Create and manage a catalog of resources in Azure AD entitlement management.
Create a catalog.
A catalog is a container of resources and access packages. You create a catalog when you want to group related resources and access packages. A user who has been delegated the catalog creator role can create a catalog for resources that they own. Whoever creates the catalog becomes the first catalog owner. A catalog owner can add more users, groups of users, or application service principals as catalog owners.

Prerequisite roles: Global administrator, Identity Governance administrator, User administrator, or Catalog creator.

Incorrect:
* Groups Administrator - Members of this role can create/manage groups, create/manage groups settings like naming and expiration policies, and view groups activity and audit reports.

* Service Support Administrator
Users with this role can create and manage support requests with Microsoft for Azure and Microsoft 365 services, and view the service dashboard and message center in the Azure portal and Microsoft 365 admin center.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-catalog-create
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference



Page 11 of 80



Post your Comments and Discuss Microsoft SC-300 exam with other Community members:

Subodh commented on December 11, 2024
Q45 Is wrong, it should be User Administrator
Anonymous
upvote

gg commented on December 01, 2024
it seems ok the questions and answers look legit.
Anonymous
upvote

Anonymous commented on March 24, 2024
as per https://learn.microsoft.com/en-us/entra/id-governance/deploy-access-reviews question 32 is wrong. Its asking for least privileged access.
Anonymous
upvote

siva commented on May 17, 2023
very helpfull
Anonymous
upvote

Barley commented on December 22, 2023
question 18 is wrong
UNITED STATES
upvote

Barley commented on December 22, 2023
question 22 is out of date and should be updated.
UNITED STATES
upvote

MyBrain commented on October 12, 2023
q28 and q32 are the same but with different response... what is the right answer in this case? thanks !
Anonymous
upvote

Jorn commented on July 13, 2023
relevant questions
UNITED KINGDOM
upvote

Barley commented on December 22, 2023
Question 22 is out of date and should be updated.
UNITED STATES
upvote

Barley commented on December 22, 2023
Question 18 is wrong
UNITED STATES
upvote

MyBrain commented on October 12, 2023
Q28 and Q32 are the same but with different response... What is the right answer in this case? Thanks !
Anonymous
upvote

ferry commented on September 29, 2023
gret was ok
NETHERLANDS
upvote

mani commented on August 29, 2023
awesome questions
Anonymous
upvote

Jorn commented on July 13, 2023
Relevant questions
UNITED KINGDOM
upvote

Paiva commented on June 04, 2023
PDF is good formatted and exam prep course practice questions are same as the test.
GERMANY
upvote

siva commented on May 17, 2023
very helpfull
Anonymous
upvote

Liotta commented on April 11, 2023
A friend recommended this site and I went based on her recommendation. I am glad I did. The questions are all valid and I passed.
CANADA
upvote

Lesli commented on March 30, 2023
Just purchased and downloaded my files. So far all looks good.
UNITED STATES
upvote

lols De Tees commented on September 02, 2022
I passed the exam today. The majority of the question was the same as the practice test. However, there were 11 new questions added.
UNITED STATES
upvote

Brendan commented on August 01, 2022
Now I know how to pass these freaking stupid exams. These exam dumps are the best way to pass your exams.
UNITED STATES
upvote