Online Access Free Microsoft.SC-300.v2023-06-17.q77 Practice Test (Page 2)

SC-300 Exam Question 1

You have a Microsoft 365 E5 subscription.
Users authorize third-party cloud apps to access their data.
You need to configure an alert that will be triggered when an app requires high permissions and is authorized by more than 20 users.
Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?

A.access policy

B.OAuth app policy

C.activity policy

D.anomaly detection policy

SC-300 Exam Question 2

You need to modify the settings of the User administrator role to meet the technical requirements. Which two actions should you perform for the role? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A.Set all assignments to Active

B.Set all assignments to Eligible

C.Select Require ticket information on activation.

D.Select Require justification on activation

E.Modify the Expire eligible assignments after setting.

SC-300 Exam Question 3

You have a Microsoft 365 E5 subscription. You need to perform the following tasks:
* Identify the locations and IP addresses used by Azure AD users to sign in
* Review the Azure AD security settings and identify improvement recommendations.
* Identify changes to Azure AD users or service principle.
What should you use for each task? To answer, drag the appropriate resources to the correct requirements. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

SC-300 Exam Question 4

You have an Azure Active Directory (Azure AD) tenant that has multi-factor authentication (MFA) enabled.
The account lockout settings are configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

SC-300 Exam Question 5

You need to meet the technical requirements for the probability that user identities were compromised.
What should the users do first, and what should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies
Topic 3, Overview
A Datum Environment
The on-premises network of A. Datum contains an Active Directory Domain Services (AD DS) forest named adatum.com.
The tenant contains the users shown in the following table.
Problem Statements
* Multiple users in the sales department have up to five devices. The sales department users report that sometimes they must contact the support department to join their devices to the Azure AD tenant because they have reached their device limit.
* A recent security incident reveals that several users leaked their credentials, a suspicious browser was used for a sign-in, and resources were accessed from an anonymous IP address,
* When you attempt to assign the Device Administrators role To IT_Group1, the group does NOT appear in the selection list.
* Anyone in the organization can invite guest users, including other guests and non-administrators.
* The helpdesk spends too much time resetting user passwords.
* Users currently use only passwords for authentication.
Requirements
A, Datum plans to implement the following changes;
* Configure self-service password reset {SSPR}.
* Configure multi-factor authentication (MFA) for all users.
* Configure an access review for an access package named Package1.
* Require admin approval for application access to organizational data.
* Sync the AD DS users and groupsoflitware.com with the Azure AD tenant.
* Ensure that only users that are assigned specific admin roles can invite guest users.
* Increase the maximum number of devices that can be joined or registered to Azure AD to 10.
Technical Requirements
* Users assigned the User administrator role must be able to request permission to use the role when needed for up to one year.
* Users must be prompted to register for MFA and provided with an option to bypass the registration for a grace period.
* Users must provide one authentication method to reset their password by using SSPR. Available methods must include:
* Email
* Phone
* Security questions
* The Microsoft Authenticator app
* Trust relationships must NOT be established between the adatum.com and litware.com AD DS domains.
* The principle of least privilege must be used.

Other Version: 1220Microsoft.SC-300.v2025-04-09.q285; 482Microsoft.SC-300.v2024-11-06.q111; 654Microsoft.SC-300.v2024-04-10.q163; 725Microsoft.SC-300.v2024-01-11.q113; 683Microsoft.SC-300.v2023-10-26.q85; 948Microsoft.SC-300.v2023-07-24.q93; 923Microsoft.SC-300.v2023-07-10.q76; 1057Microsoft.SC-300.v2023-05-31.q88; 796Microsoft.SC-300.v2023-03-24.q55; 823Microsoft.SC-300.v2023-01-30.q43; 2923Microsoft.SC-300.v2022-09-01.q123; 1455Microsoft.SC-300.v2022-07-04.q43; 108Microsoft.Test4cram.SC-300.v2022-05-12.by.zoe.115q.pdf; 2817Microsoft.SC-300.v2022-03-05.q115; 82Microsoft.Ipassleader.SC-300.v2021-09-28.by.dominic.77q.pdf; 2201Microsoft.SC-300.v2021-09-28.q71

Latest Upload: 107Salesforce.ADM-201.v2025-09-06.q260; 104Oracle.1Z0-1055-23.v2025-09-06.q48; 104Cisco.010-151.v2025-09-06.q130; 130PMI.PMI-PBA.v2025-09-05.q160; 139Salesforce.Advanced-Cross-Channel.v2025-09-04.q41; 134EC-COUNCIL.312-40.v2025-09-04.q87; 148Oracle.1Z1-591.v2025-09-03.q129; 130Oracle.1z0-1065-25.v2025-09-03.q26; 162Cisco.350-701.v2025-09-03.q218; 126Oracle.1Z0-1195-25.v2025-09-03.q20

SC-300 Exam Question 1

SC-300 Exam Question 2

SC-300 Exam Question 3

SC-300 Exam Question 4

SC-300 Exam Question 5

Download PDF File