Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 41–50 of 147

Q41

A company needs to implement self-service password reset (SSPR) for users. What must be configured to achieve this?

  • A Password policies only
  • B MFA for all users
  • C Azure AD user settings
  • D Alerts for password changes
Explanation Only Azure AD user settings provide the SSPR functionality effectively.
Q42

What happens when a user is removed from an Azure AD group?

  • A User loses access to all resources
  • B User retains specific resource access
  • C User can still manage the group
  • D User is removed from the tenant
Explanation The user retains access to resources not tied to the group, while options A, C, and D are incorrect based on Azure AD behavior.
Q43

Which Azure service allows for centralized identity management?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Kubernetes Service
  • D Azure Virtual Machines
Explanation Azure Active Directory provides centralized identity management, while the others serve different purposes.
Q44

A company needs to ensure non-repudiation for its Azure AD access logs. What should it implement?

  • A Audit log retention policies
  • B Multi-Factor Authentication
  • C Role-Based Access Control
  • D Privileged Identity Management
Explanation Audit log retention policies ensure logs are preserved for non-repudiation, unlike the other options which focus on security controls and permissions.
Q45

What happens when you add a user outside of an organization to Azure AD as a guest?

  • A They can be assigned licenses
  • B They cannot access any resources
  • C They can participate in teams
  • D They automatically gain admin rights
Explanation Guest users can participate in teams but lack full access to resources like licensed users and don’t gain admin rights automatically.
Q46

Which Azure service is primarily used for managing access policies?

  • A Azure Active Directory
  • B Azure Key Vault
  • C Azure Storage
  • D Azure Backup
Explanation Azure Active Directory manages user access, while the others serve different purposes.
Q47

A company needs to restrict access to resources based on user attributes; what feature should they use?

  • A Conditional Access
  • B Authentication Flow
  • C Role-Based Access Control
  • D Privileged Identity Management
Explanation Conditional Access policies enforce restrictions based on user attributes, unlike the other options.
Q48

What happens when you configure an Azure AD application with the 'User Consent' option enabled?

  • A Admins must approve all access requests.
  • B Users can grant permissions themselves.
  • C No permissions are granted automatically.
  • D Services access is automatically revoked.
Explanation User Consent allows users to grant permissions, while other options are misleading.
Q49

Which service is used for managing user identities?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure Kubernetes Service
  • D Azure Functions
Explanation Azure Active Directory is specifically designed for identity management.
Q50

A company needs to enforce conditional access based on user location. What should they use?

  • A Management Groups
  • B User Roles
  • C Access Policies
  • D Conditional Access
Explanation Conditional Access is specifically designed for enforcing access based on multiple conditions.