Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 61–70 of 147

Q61

Which Azure service allows for multi-factor authentication?

  • A Azure Active Directory
  • B Azure Blob Storage
  • C Azure SQL Database
  • D Azure Virtual Network
Explanation Azure Active Directory enables multi-factor authentication; the others do not provide this functionality.
Q62

A company needs to grant temporary access to a developer for an Azure resource. What should they use?

  • A Service Principal
  • B Azure Role Assignment
  • C Access Policy
  • D Managed Identity
Explanation Azure Role Assignment allows temporary access; Service Principal and Managed Identity are more for app authentication.
Q63

What happens when an Azure user exceeds their license limit?

  • A All user access is immediately revoked
  • B Usage continues without any restrictions
  • C New services cannot be provisioned
  • D Automatic upgrade to higher license tier
Explanation Exceeding license limits stops new service provisioning; current access remains unless user management actions are taken.
Q64

You are configuring Conditional Access policies for your organization. Which user condition can be used to require multi-factor authentication?

  • A User location
  • B User group
  • C User status
  • D User device approval
Explanation User group condition allows MFA requirements for specific groups; the others do not directly enforce MFA.
Q65

What happens when you enable 'external collaboration settings' in Azure AD?

  • A Users can invite external guests
  • B All domains are automatically trusted
  • C External users can't sign in
  • D Verified domains block guests
Explanation Enabling external collaboration allows users to invite guests, while the other options misinterpret the function.
Q66

A company needs to grant its application access to Azure resources without user intervention. Which authorization flow should they use?

  • A Authorization code flow
  • B Client credentials flow
  • C Implicit flow
  • D Resource owner password flow
Explanation Client credentials flow allows applications to access resources on their own behalf; the others require user involvement or interactive processes.
Q67

Which Azure service provides identity protection capabilities?

  • A Azure Active Directory Premium P2
  • B Azure Storage
  • C Azure Functions
  • D Azure Virtual Machines
Explanation Azure Active Directory Premium P2 offers identity protection features; the others do not concern identity management.
Q68

A company needs to allow users in different regions to access applications securely. What should they use?

  • A Azure Bastion
  • B Azure Front Door
  • C Azure Storage Accounts
  • D Azure Monitor
Explanation Azure Front Door provides secure global load balancing and application delivery; the others don't focus on secure regional access.
Q69

You are configuring Conditional Access policies in Azure AD. What happens when a policy is applied successfully?

  • A User must reset their password
  • B Access is granted based on conditions
  • C All users are signed out immediately
  • D User authentication fails regardless of conditions
Explanation A successful Conditional Access policy grants access based on specified conditions; the other options are unrelated outcomes of policy application.
Q70

Which service enables passwordless authentication in Azure?

  • A Azure AD Passwordless
  • B Azure Key Vault
  • C Azure Application Insights
  • D Azure DevOps
Explanation Azure AD Passwordless allows for secure, password-free sign-ins; others do not offer this functionality.