• Home
  • Articles
  • Get The Most Updated SC-300 Dumps To Microsoft Certified: Identity and Access Administrator Associate Certification [Q163-Q178]

Get The Most Updated SC-300 Dumps To Microsoft Certified: Identity and Access Administrator Associate Certification [Q163-Q178]

Share

Get The Most Updated SC-300 Dumps To Microsoft Certified: Identity and Access Administrator Associate Certification

Microsoft Certified SC-300  Dumps Questions Valid SC-300 Materials

NEW QUESTION # 163
You have a Microsoft 365 E5 subscription. You need to perform the following tasks:
* Identify the locations and IP addresses used by Azure AD users to sign in
* Review the Azure AD security settings and identify improvement recommendations.
* Identify changes to Azure AD users or service principle.
What should you use for each task? To answer, drag the appropriate resources to the correct requirements.
Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

Answer:

Explanation:

Explanation:


NEW QUESTION # 164
You have a Microsoft 365 tenant that has 5,000 users. One hundred of the users are executives. The executives have a dedicated support team.
You need to ensure that the support team can reset passwords and manage multi-factor authentication (MFA) settings for only the executives. The solution must use the principle of least privilege.
Which object type and Azure Active Directory (Azure AD) role should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:


NEW QUESTION # 165
You have a Microsoft 365 tenant.
You configure a conditional access policy as shown in the Conditional Access policy exhibit. (Click the Conditional Access policy tab.)

You view the User administrator role settings as shown in the Role setting details exhibit. (Click the Role setting details tab.)

You view the User administrator role assignments as shown in the Rote assignments exhibit. (Click the Role assignments lab.)

For each of the following statement, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 166
You have a hybrid Microsoft 365 subscription that contains the users show in the following table.

You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 167
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the groups shown in the following table.

In the tenant, you create the groups shown in the following table.

Which members can you add to GroupA and GroupB? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groups-nesting/


NEW QUESTION # 168
You have an Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium Plan 2 license. The tenant contains the users shown in the following table.

You have the Device Settings shown in the following exhibit.

User1 has the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Box 1: Yes
Users may join 5 devices to Azure AD.
Box 2: Yes
Box 3: No
An additional local device administrator has not been applied
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal


NEW QUESTION # 169
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
An administrator deletes User1.
You need to identity the following:
* How many days after the account of User1 is deleted can you restore the account?
* Which is the least privileged role that can be used to restore User1?
What should you identify? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 170
You have an Azure subscription that contains the following virtual machine Name: VM1 Azure region: East US System-assigned managed identity: Disabled You create the managed identities shown in the following table.

You perform the following actions:
* Assign Managed1 to VM1.
* Create a resource group named RG1 in the West US region.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 171
Your company has two divisions named Contoso East and Contoso West. The Microsoft 365 identity architecture tor both divisions is shown in the following exhibit.

You need to assign users from the Contoso East division access to Microsoft SharePoint Online sites in the Contoso West tenant. The solution must not require additional Microsoft 3G5 licenses.
What should you do?

  • A. Deploy a second Azure AD Connect server to Contoso East and configure the server to sync the Contoso East Active Directory forest to the Contoso West tenant.
  • B. Configure The exiting Azure AD Connect server in Contoso Cast to sync the Contoso East Active Directory forest to the Contoso West tenant.
  • C. Configure Azure AD Application Proxy in the Contoso West tenant.
  • D. Create guest accounts for all the Contoso East users in the West tenant.

Answer: D


NEW QUESTION # 172
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory domain.
The on-premises network contains a VPN server that authenticates to the on-premises Active Directory domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).
You need to recommend a solution to provide Azure MFA for VPN connections.
What should you include in the recommendation?

  • A. Azure AD Application Proxy
  • B. Network Policy Server (NPS)
  • C. an Azure AD Password Protection proxy
  • D. a pass-through authentication proxy

Answer: B


NEW QUESTION # 173
You have an Azure Active Directory (Azure AD) tenant that has multi-factor authentication (MFA) enabled.
The account lockout settings are configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 174
You have an Azure Active Directory (Azure AD) tenant that contains Azure AD Privileged Identity Management (PIM) role settings for the User administrator role as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan


NEW QUESTION # 175
You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference


NEW QUESTION # 176
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site!. Site!
hosts PDF files
You need to prevent users from printing the files directly from Sitel.
Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?

  • A. session policy
  • B. file policy
  • C. access policy
  • D. activity policy

Answer: A


NEW QUESTION # 177
You have an Azure subscription that uses Azure AD Privileged Identity Management (PIM).
You need to identify users that are eligible for the Cloud Application Administrator role.
Which blade in the Privileged Identity Management settings should you use?

  • A. Review access
  • B. Privileged access groups
  • C. Azure resources
  • D. Azure AD roles

Answer: D


NEW QUESTION # 178
......

SC-300 Premium PDF & Test Engine Files with 272 Questions & Answers: https://learningtree.testkingfree.com/Microsoft/SC-300-practice-exam-dumps.html

Related Articles

more
Microsoft SC-300 Certification Practice Exam