Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 21–30 of 147

Q21

You are configuring a compliance policy in Azure AD. What happens when a user violates the policy?

  • A User account is deleted
  • B Compliance status changes to non-compliant
  • C User access is permanently revoked
  • D User receives an email notification only
Explanation When a compliance policy is violated, the user's compliance status changes to non-compliant, not deleted or revoked without further actions.
Q22

Which Azure service provides identity protection and governance for user credentials?

  • A Azure Active Directory
  • B Azure Storage
  • C Azure Kubernetes Service
  • D Azure App Service
Explanation Azure Active Directory manages identity protection, while other options handle different aspects of Azure service management.
Q23

A company needs conditional access policies for risk-based authentication. What should they use?

  • A Multi-Factor Authentication
  • B Azure AD Identity Protection
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure AD Identity Protection offers risk-based conditions, while others offer authentication or monitoring capabilities.
Q24

You are configuring role assignments in Azure AD. What happens when a user is assigned the owner role at a subscription level?

  • A They can modify all resources.
  • B They can only view resources.
  • C They are denied access.
  • D They have no permissions.
Explanation The owner role provides full control, while other options describe inadequate or non-existent access levels.
Q25

Which service allows for conditional access policies in Azure AD?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Traffic Manager
  • D Azure Monitor
Explanation Azure Active Directory is the service that provides conditional access policies, while the others do not relate to identity management.
Q26

A company needs to enable users to access an on-premises application seamlessly without additional prompts. Which technology should be implemented?

  • A Password Hash Synchronization
  • B Secure Token Service
  • C Pass-through Authentication
  • D Federated Identity
Explanation Pass-through Authentication allows for seamless access without additional prompts; the other options involve added complexity or different use cases.
Q27

You are configuring role-based access control (RBAC) for a new application in Azure. What happens if a user is assigned multiple roles that contain conflicting permissions?

  • A User gets only the higher privilege
  • B User has cumulative permissions
  • C User must choose a role
  • D User access is denied
Explanation In RBAC, users accumulate permissions from all assigned roles, while the other options do not accurately describe how RBAC functions.
Q28

Which service provides Identity Protection in Azure AD?

  • A Azure Sentinel
  • B Azure AD Identity Protection
  • C Azure Security Center
  • D Azure Policy
Explanation Azure AD Identity Protection specifically focuses on risk-based conditional access and detection.
Q29

A company needs to automate user provisioning. Which feature should they implement?

  • A Self-service password reset
  • B Azure AD Connect
  • C Azure RBAC
  • D Enterprise applications management
Explanation Azure AD Connect automates user provisioning from on-premises directories.
Q30

What happens when a user exceeds their MFA attempt limit?

  • A User is locked out indefinitely
  • B User is prompted to reset MFA
  • C User can authenticate using password
  • D User receives a warning but can try again
Explanation Users receive a warning and typically can retry MFA until successful.