Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 1–10 of 147

Q1

Which service is responsible for securing APIs in Azure?

  • A Azure API Management
  • B Azure Functions
  • C Azure Logic Apps
  • D Azure Storage
Explanation Azure API Management provides security for APIs, while others focus on specific application functionalities.
Q2

A company needs to ensure that only specific users can access a confidential dataset in Azure Blob Storage. What should they implement?

  • A Role-Based Access Control (RBAC)
  • B Network Security Groups (NSGs)
  • C Azure Load Balancer
  • D Public IP Address
Explanation RBAC effectively restricts access to resources based on user roles, while NSGs manage network traffic, and the others are unrelated.
Q3

You are configuring Conditional Access policies. What will happen if the policy is set to block access for users with risky sign-ins?

  • A All users will be blocked instantaneously.
  • B Blocked users must verify their identity.
  • C Access will be allowed for risky sign-ins.
  • D The users will receive an alert only.
Explanation Blocked users with risky sign-ins are prompted to verify identity before access is granted, while other options incorrectly misrepresent the result.
Q4

Which Azure service is used for identity governance?

  • A Azure AD Privileged Identity Management
  • B Azure Information Protection
  • C Azure Security Center
  • D Azure Front Door
Explanation Azure AD Privileged Identity Management governs privileged access; others serve different purposes.
Q5

A company needs to implement MFA for all users. What must they configure?

  • A Security Defaults
  • B Conditional Access Policies
  • C Role-Based Access Control
  • D Azure AD Groups
Explanation Conditional Access Policies can enforce MFA; Security Defaults offer limited control.
Q6

What happens when a user's account is disabled in Azure AD?

  • A User can still access resources
  • B User's access is revoked immediately
  • C Access depends on MFA status
  • D User is prompted to reset password
Explanation Disabling an account revokes all access immediately; others do not correctly describe the outcome.
Q7

Which service can be used to manage Azure Active Directory identities?

  • A Azure Active Directory
  • B Azure SQL Database
  • C Azure Blob Storage
  • D Azure App Service
Explanation Azure Active Directory is specifically designed for identity management, the other services do not serve this purpose.
Q8

A company's Azure AD user needs to perform tasks in Azure, but should not access the subscription directly. What should you assign to the user?

  • A Owner role
  • B User Access Administrator role
  • C Reader role
  • D Contributor role
Explanation The User Access Administrator role allows managing access without providing subscription access, unlike the other roles which offer broader permissions.
Q9

You are configuring a Conditional Access policy to block sign-in attempts from specific regions. What happens if a user tries to access Azure from a blocked region?

  • A Access is granted normally
  • B User is logged out immediately
  • C Access is denied
  • D Requires approval from admin
Explanation A Conditional Access policy that blocks access from certain regions will outright deny access attempts, rather than granting or delaying access.
Q10

Which Azure service primarily manages identity synchronization with on-premises directories?

  • A Azure AD Connect
  • B Azure AD Domain Services
  • C Azure Active Directory
  • D Azure Automation
Explanation Azure AD Connect synchronizes identities between on-premises and Azure AD, unlike the other options which serve different purposes.