Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 147

Q131

You are configuring Azure AD Conditional Access policies. What happens when a user is assigned multiple policies?

  • A Only the highest priority policy applies
  • B All policies apply simultaneously
  • C Policies merge into one
  • D Policies conflict and cause an error
Explanation Azure AD processes Conditional Access policies based on priority, executing the highest priority one only if conditions match.
Q132

What kind of authentication is a self-service password reset feature primarily associated with in Azure AD?

  • A MFA Authentication
  • B Password-less Authentication
  • C Preventive Authentication
  • D Frictionless Authentication
Explanation Self-service password reset enables users to reset passwords without MFA, thus relying on password-less methods for identity management.
Q133

Which Azure service allows identity governance and access management?

  • A Azure Active Directory
  • B Azure DevOps
  • C Azure Functions
  • D Azure Blob Storage
Explanation Azure Active Directory manages identity and access, while others serve different purposes.
Q134

A company needs to implement MFA for all users. Which Azure feature should they utilize?

  • A Conditional Access
  • B Identity Protection
  • C Access Reviews
  • D Service Principals
Explanation Conditional Access policies allow the enforcement of MFA requirements effectively.
Q135

What happens when a user's roles are deleted in Azure AD?

  • A User loses all access instantly
  • B Roles are removed after a delay
  • C User retains access temporarily
  • D Roles can be restored easily
Explanation The user loses any permissions granted by the deleted roles immediately.
Q136

Which service allows verification of user identities across platforms?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Virtual Network
  • D Azure Logic Apps
Explanation Azure Active Directory verifies user identities; the others are for different functionalities.
Q137

A company needs to prevent conditional access based on user device state. What configuration should they use?

  • A Sign-in risk policy
  • B Location conditions
  • C Device-based policy
  • D User group conditions
Explanation Sign-in risk policies focus on user behavior rather than device state; the other options leverage device checks.
Q138

You are configuring Privileged Identity Management (PIM). What happens when a user becomes a privileged role member?

  • A Immediate full permission access
  • B Requires activation for access
  • C Access is delayed by 24 hours
  • D User loses existing admin rights
Explanation Users must activate their roles for temporary access; immediate access is not granted.
Q139

Which service enables you to configure Conditional Access policies?

  • A Azure Active Directory
  • B Azure RBAC
  • C Azure Key Vault
  • D Azure Firewall
Explanation Azure Active Directory is responsible for Conditional Access, while the others serve different functions.
Q140

A company needs to ensure only specific users access certain resources in Azure. What should they implement?

  • A Multi-Factor Authentication
  • B Privileged Identity Management
  • C Access Reviews
  • D Role-Based Access Control
Explanation Role-Based Access Control (RBAC) directly governs user resource access, unlike the other options.