Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 147

Q51

You are configuring multi-factor authentication for a user. What happens if they fail to complete the second factor?

  • A They gain access normally
  • B Access is blocked until next attempt
  • C Access is granted without second factor
  • D System logs them out instantly
Explanation Access is blocked until the user successfully completes the second factor authentication.
Q52

Which service allows for conditional access policies in Azure AD?

  • A Azure AD Premium P1
  • B Azure VPN Gateway
  • C Azure Logic Apps
  • D Azure Synapse Analytics
Explanation Azure AD Premium P1 supports conditional access policies; the others do not provide this feature.
Q53

A company needs to ensure users can access resources only during business hours. What Azure feature should they implement?

  • A Identity Protection
  • B Access Reviews
  • C Conditional Access
  • D Identity Governance
Explanation Conditional Access policies can be set for specific times; the other options do not control access timing.
Q54

You are configuring multi-factor authentication (MFA) for Azure users. What happens if a user does not have a second authentication method registered?

  • A Access is granted immediately.
  • B User cannot log in.
  • C User can recover their account.
  • D MFA is skipped for that user.
Explanation If MFA is required and a method isn't registered, access is denied; other options don't accurately represent MFA behavior.
Q55

Which service can you use for identity protection in Azure Active Directory?

  • A Azure AD Identity Protection
  • B Azure Policy
  • C Azure Lockout Service
  • D Azure Security Center
Explanation Azure AD Identity Protection provides risk detection, while the others serve different purposes like policy enforcement or security management.
Q56

A company needs to enforce Multi-Factor Authentication (MFA) for all users accessing sensitive applications. What is the best practice to implement this in Azure?

  • A Apply Conditional Access Policies
  • B Enable Azure AD Connect
  • C Use Identity Governance
  • D Assign user roles in Azure
Explanation Conditional Access Policies allow targeting specific users and scenarios for MFA, while the others are unrelated to MFA enforcement.
Q57

What happens when you set a user as a guest in an Azure AD tenant?

  • A They have full admin rights
  • B They can access all resources
  • C They require approval for access
  • D They are not visible to users
Explanation Guests require consent from the organization to access resources, differing from regular users who typically have immediate access, while the other options are incorrect regarding guest privileges.
Q58

Which feature in Azure AD helps secure applications without exposing credentials?

  • A Conditional Access
  • B Access Reviews
  • C Managed Identities
  • D Identity Protection
Explanation Managed Identities facilitate secure resource access without manual credentials; other options relate to security but do not specifically handle credentials.
Q59

A company needs to implement a policy that enforces multi-factor authentication (MFA) for all users accessing a critical application. Which Azure service should they use?

  • A Azure AD Identity Protection
  • B Azure AD Conditional Access
  • C Azure AD B2C
  • D Azure AD Connect
Explanation Azure AD Conditional Access allows MFA enforcement, while other options don't provide direct policy management for MFA.
Q60

What happens when an Azure AD user's account is disabled?

  • A User can still access applications
  • B User's session remains active
  • C User cannot sign in until enabled
  • D User data is deleted immediately
Explanation Disabling an account prevents all sign-ins until re-enabled; other options do not accurately reflect the outcome of disabling an account.