Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-300

Microsoft SC-300 Exam Questions
Microsoft Identity and Access Administrator (Page 14 )

Updated On: 24-Mar-2026
Page 14 of 83
PDF with 439 Questions

You have an Azure AD tenant that contains a user named Admin1.
You need to ensure that Admin1 can perform only the following tasks:
• From the Microsoft 365 admin center, create and manage service requests.
• From the Microsoft 365 admin center, read and configure service health.
• From the Azure portal, create and manage support tickets.
The solution must minimize administrative effort.
What should you do?

  1. Create an administrative unit and add Admin1.
  2. Enable Azure AD Privileged Identity Management (PIM) for Admin1.
  3. Assign Admin1 the Helpdesk Administrator role.
  4. Create a custom role and assign the role to Admin1.

Answer(s): D



HOTSPOT (Drag and Drop is not supported)
Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure AD tenant.
You need to ensure that user authentication always occurs by validating passwords against the AD DS domain.
What should you configure, and what should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.)
A user named bsmith@fabrikam.com shares a Microsoft SharePoint Online document library to the users shown in the following table.
Which users will be emailed a passcode?

  1. User2 only
  2. User1 only
  3. User1 and User2 only
  4. User1, User2, and User3

Answer(s): B



You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft Office 365 Enterprise E5 licenses to a group that includes all users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.
What should you use?

  1. the Administrative units blade in the Azure Active Directory admin center
  2. the Set-MsolUserLicense cmdlet
  3. the Groups blade in the Azure Active Directory admin center
  4. the Set-WindowsProductKey cmdlet

Answer(s): B



You have two Microsoft Entra tenants named contoso.com and fabrikam.com. Contoso.com contains the identities shown in the following table.
You configure cross-tenant synchronization from contoso.com to fabrikam.com.
Which identities will sync with fabrikam.com?

  1. User1 only
  2. User1 and Group1 only
  3. User1 and Group2 only
  4. User1, Group1, and Group2

Answer(s): A



Viewing page 14 of 83
Viewing questions 66 - 70 out of 439 questions



Post your Comments and Discuss Microsoft SC-300 exam dumps with other Community members:

SC-300 Exam Discussions & Posts

AI Tutor 👋 I’m here to help!