CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. SC-300

Free SC-300 Exam Braindumps (page: 29)

Page 28 of 103
PDF with 419 Questions

You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant is configured to sync with an on-premises Active Directory domain. The domain contains the servers shown in the following table.
The domain controllers are prevented from communicating to the internet.
You implement Azure AD Password Protection on Server1 and Server2.
You deploy a new server named Server4 that runs Windows Server 2019.
You need to ensure that Azure AD Password Protection will continue to work if a single server fails.
What should you implement on Server4?

  1. Azure AD Connect
  2. Azure AD Application Proxy
  3. Password Change Notification Service (PCNS)
  4. the Azure AD Password Protection proxy service

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy



You have a Microsoft Entra tenant.
You have the devices shown in the following table.
You configure Microsoft Entra Internet Access for the tenant.
On which devices can you use Global Secure Access?

  1. Device1 only
  2. Device3 only
  3. Device1 and Device2 only
  4. Device1, Device3, and Device4 only
  5. Device1, Device2, Device3, and Device4

Answer(s): B



DRAG DROP (Drag and Drop is not supported)
You have a Microsoft 365 E5 tenant.
You purchase a cloud app named App1.
You need to enable real-time session-level monitoring of App1 by using Microsoft Cloud App Security.
In which order should you perform the actions? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-any-app https://docs.microsoft.com/en-us/cloud-app-security/session-policy-aad



You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?

  1. a notification through the Microsoft Authenticator app
  2. an app password
  3. Windows Hello for Business
  4. SMS

Answer(s): C

Explanation:

In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN.
After an initial two-step verification of the user during enrollment, Windows Hello is set up on the user's device and Windows asks the user to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Windows Hello to authenticate users.
Incorrect Answers:
A: A notification through the Microsoft Authenticator app requires connectivity to send the verification code to the device requesting the logon
B: An app password can be used to open an application but it cannot be used to sign in to a computer.
D: SMS requires a mobile phone


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview






Post your Comments and Discuss Microsoft SC-300 exam with other Community members:

SC-300 Exam Discussions & Posts