Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 31–40 of 147

Q31

Which service monitors and governs identity access in Azure?

  • A Azure AD Identity Protection
  • B Azure Unsigned Access
  • C Azure Security Center
  • D Azure Key Vault
Explanation Azure AD Identity Protection specifically monitors and governs identity access, while the others serve different security roles.
Q32

A company needs to implement conditional access policies based on user location. What should they configure?

  • A Multi-Factor Authentication
  • B Compliance policies
  • C User risk policies
  • D Conditional Access policies
Explanation Conditional Access policies are specifically designed to enforce actions based on user location and other conditions.
Q33

You are configuring Azure AD roles. What happens if a user is assigned multiple roles that grant conflicting permissions?

  • A User role is automatically removed
  • B Conflict resolved by highest privilege
  • C Always defaults to lowest privilege
  • D Roles are ignored entirely
Explanation If a user has multiple conflicting roles, permissions are merged, granting the highest privilege available.
Q34

Which service provides multi-factor authentication in Azure?

  • A Azure Active Directory
  • B Azure App Service
  • C Azure Functions
  • D Azure Logic Apps
Explanation Azure Active Directory offers MFA; others do not focus on authentication.
Q35

You are configuring a conditional access policy for a specific application. What happens if the device is not compliant?

  • A Access is granted as normal.
  • B Access is denied.
  • C Access is granted with limited features.
  • D Users receive a warning notification.
Explanation Non-compliant devices are typically denied access to ensure security.
Q36

What occurs when a user logs in with an expired password if self-service password reset is enabled?

  • A Access is granted immediately.
  • B The user must contact support.
  • C The system prompts for a password change.
  • D All sessions are terminated.
Explanation Expired passwords prompt users to change the password before accessing services.
Q37

Which Azure service provides an identity management solution for applications?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Functions
  • D Azure Virtual Machines
Explanation Azure Active Directory is specifically designed for identity management, while the others serve different purposes.
Q38

A company needs to securely manage access to Azure resources based on user roles. Which feature should they implement?

  • A Role-Based Access Control (RBAC)
  • B Azure Virtual Networks
  • C Azure Key Vault
  • D Azure Logic Apps
Explanation RBAC allows for fine-grained access control based on user roles, unlike the other options.
Q39

You are configuring Conditional Access policies. What happens if a user is marked as compliant with the device policy?

  • A Access is granted automatically
  • B Access is denied
  • C User must re-authenticate
  • D Access is granted with MFA
Explanation If compliant, users will gain access automatically, while the other options do not align with compliant device behavior.
Q40

Which service provides conditional access policies in Azure?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Functions
  • D Azure Virtual Machines
Explanation Azure Active Directory allows conditional access policies; others do not relate to access policies.