Microsoft Azure

Microsoft Identity and Access Administrator

SC-300
Popular

Pass the SC-300 exam to become a Microsoft Identity and Access Administrator.

147 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 147

Q71

A company needs to provide multi-factor authentication (MFA) for Azure AD users. What should they implement?

  • A Azure AD Conditional Access
  • B Azure Security Center
  • C Azure Subscriptions
  • D Azure Blob Storage
Explanation Azure AD Conditional Access can enforce MFA, while the others do not manage authentication requirements.
Q72

What happens when Azure AD Connect is misconfigured?

  • A All users are deleted.
  • B Synchronization fails or is stopped.
  • C User roles are automatically updated.
  • D Service runs optimally without issues.
Explanation A misconfiguration in Azure AD Connect leads to failures in syncing between directories; the other options do not accurately describe outcomes of misconfiguration.
Q73

Which service is used for identity protection in Azure?

  • A Azure AD Identity Protection
  • B Azure Security Center
  • C Azure Sentinel
  • D Azure Information Protection
Explanation Azure AD Identity Protection specifically addresses identity risks, while the others focus on different security aspects.
Q74

A company needs to implement Conditional Access policies based on user location. What should they configure?

  • A Multi-Factor Authentication
  • B Location-based conditions
  • C Dynamic Groups
  • D Roles and permissions
Explanation Conditional Access policies can leverage user location for access decisions, unlike the other options which serve different purposes.
Q75

What happens when a user is assigned multiple roles in Azure AD?

  • A Total permissions are aggregated
  • B Last role assigned wins
  • C Permissions are denied
  • D Only one role is active
Explanation Azure AD aggregates the permissions of all assigned roles, while the other options incorrectly suggest exclusive or conflicting outcomes.
Q76

Which Azure service provides identity protection for users?

  • A Azure Active Directory Identity Protection
  • B Azure Information Protection
  • C Azure Security Center
  • D Azure Monitor
Explanation Azure Active Directory Identity Protection specifically identifies and protects identities; the others focus on different aspects of security.
Q77

A company needs to manage user access to applications based on dynamic attributes. Which feature should they use?

  • A Conditional Access
  • B Dynamic Groups
  • C Role-Based Access Control
  • D Privileged Identity Management
Explanation Dynamic Groups automatically adjust membership based on attributes; the others do not provide dynamic membership changes.
Q78

What happens when you enable self-service password reset for users in Azure AD?

  • A Users must contact IT for reset
  • B Users can reset passwords themselves
  • C Only admins can reset passwords
  • D Passwords never expire for users
Explanation Enabling self-service password reset allows users to reset their passwords independently; the other options misstate the functionality.
Q79

What is Azure AD Conditional Access used for?

  • A Enforcing risk-based access policies
  • B Creating user accounts in bulk
  • C Managing on-premises servers
  • D Monitoring network traffic
Explanation Conditional Access enhances security by enforcing policies based on user, device, and location, unlike the other options.
Q80

A company needs to ensure users can't access corporate resources outside working hours. Which feature should they implement?

  • A Multi-Factor Authentication
  • B Conditional Access Policies
  • C Self-Service Password Reset
  • D Identity Protection
Explanation Conditional Access Policies can restrict access based on time, while the other options do not provide this function.