Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 147

Q11

A company needs to enforce multi-factor authentication for external users accessing its Azure resources. What is the best approach?

  • A Use Conditional Access policies
  • B Implement role-based access control
  • C Create a Security group
  • D Disable guest user access
Explanation Conditional Access policies allow you to enforce MFA for different user conditions, whereas the other options do not enforce MFA.
Q12

What happens when an Azure AD user reaches their authentication retry limit?

  • A User account is immediately deleted
  • B User is permanently locked out
  • C User is temporarily locked out
  • D User remains unaffected
Explanation The user is temporarily locked out after reaching the retry limit, allowing for security while not permanently disabling user access.
Q13

Which service allows you to manage user identities in Azure?

  • A Azure Active Directory
  • B Azure DNS
  • C Azure Blob Storage
  • D Azure Virtual Network
Explanation Azure Active Directory is dedicated to identity management, while the others serve different functionality.
Q14

A company needs to enable multi-factor authentication (MFA) for their users. What is the best way to enforce this in Azure?

  • A Use Conditional Access Policies
  • B Set User Roles only
  • C Limit sign-in hours
  • D Modify password complexity requirements
Explanation Conditional Access Policies are specifically designed to enforce MFA based on conditions.
Q15

You are configuring an application to use Azure AD for single sign-on (SSO). What happens if the application does not support modern authentication?

  • A SSO will work with basic authentication
  • B SSO will fail and not work
  • C Users will be prompted repeatedly
  • D Users must use separate login credentials
Explanation If an application does not support modern authentication, SSO will fail to function properly.
Q16

Which service is used for monitoring Azure resources?

  • A Azure Monitor
  • B Azure Application Insights
  • C Azure Security Center
  • D Azure Log Analytics
Explanation Azure Monitor performs monitoring for Azure resources; others are monitoring-related but not the main service.
Q17

A company needs to allow users to reset their own passwords without IT intervention. What should they implement?

  • A Self-service password reset
  • B Multi-factor authentication
  • C Role-based access control
  • D Conditional access policies
Explanation Self-service password reset allows users to reset passwords; others do not facilitate password changes directly.
Q18

What happens when you disable a user account in Azure Active Directory?

  • A User data is deleted
  • B User cannot sign in
  • C User is logged out immediately
  • D User retains access to all resources
Explanation Disabling an account prevents sign-in; others are incorrect as data and access remain intact.
Q19

Which Azure service provides managed identity for applications?

  • A Azure AD
  • B Azure Functions
  • C Azure Key Vault
  • D Azure Container Instances
Explanation Azure AD provides managed identities to securely access other Azure services, while the others serve different purposes.
Q20

A company needs to ensure multi-factor authentication for all users accessing Azure resources. What is the best approach?

  • A Set conditional access policies
  • B Use security groups
  • C Enable single sign-on
  • D Dark web monitoring
Explanation Conditional access policies enforce MFA for accessing resources, while the other options don't directly enforce MFA.