Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 121–130 of 147

Q121

Which service is used for securing Azure resources through conditional access policies?

  • A Azure Active Directory
  • B Azure Security Center
  • C Azure Key Vault
  • D Azure Monitor
Explanation Azure Active Directory is responsible for implementing conditional access policies, while the others focus on security assessments or resource monitoring.
Q122

A company needs to ensure that only specific users can access sensitive information in Microsoft 365. Which feature should they implement?

  • A Multi-Factor Authentication
  • B Privileged Identity Management
  • C Access Reviews
  • D Information Protection
Explanation Information Protection helps secure sensitive data based on policies, while the others focus on authentication or user role management.
Q123

You are configuring Azure AD Connect for a hybrid identity solution. What is the primary purpose of enabling password hash synchronization?

  • A To create cloud-only accounts
  • B To synchronize passwords for users
  • C To enable single sign-on
  • D To back up user passwords
Explanation Enabling password hash synchronization allows passwords to be synchronized to the cloud, unlike the other options which serve different purposes.
Q124

Which Azure service provides identity protection capabilities?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Machines
  • D Azure Firewall
Explanation Azure Active Directory offers identity protection features; the others do not provide identity management.
Q125

A company needs to ensure that access to sensitive Azure resources is only granted to users from specific geographic locations. What should they implement?

  • A Conditional Access Policies
  • B Service Endpoints
  • C Azure RBAC
  • D Network Security Groups
Explanation Conditional Access Policies enforce controls based on user location; the other options do not restrict access by geography.
Q126

You are configuring Azure AD for single sign-on using SAML. What happens if the NameID format is not correctly set in the SAML configuration?

  • A Authentication will fail for users
  • B Users will get logged in automatically
  • C SAML authentication is bypassed completely
  • D User attributes will be ignored
Explanation Incorrect NameID format leads to authentication failures; the other options do not reflect the process correctly.
Q127

Which service provides identity protection capabilities in Azure?

  • A Azure AD Identity Protection
  • B Azure Security Center
  • C Azure Sentinel
  • D Azure Key Vault
Explanation Azure AD Identity Protection specifically focuses on identity risk management; the others serve different purposes.
Q128

A company needs to secure user access to applications based on location. What should they use?

  • A Network Security Groups
  • B Conditional Access Policies
  • C Role-Based Access Control
  • D Azure AD Connect
Explanation Conditional Access Policies allow location-based security measures, unlike the other options.
Q129

You are configuring Multi-Factor Authentication (MFA). What happens if a user loses their MFA device?

  • A Access is permanently denied
  • B User can log in without MFA
  • C User resets MFA through support
  • D No impact on access rights
Explanation Losing an MFA device can be remedied by user support processes; the other options are incorrect procedures.
Q130

A company needs to securely share documents between users while maintaining audit capabilities. Which Azure service should they use?

  • A Azure Blob Storage
  • B Azure Information Protection
  • C Azure Files
  • D Microsoft Teams
Explanation Azure Information Protection allows secure sharing and auditing of documents, while other options do not specifically provide these secure features.