SC-300 Exam Question 76
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using Azure AD Connect.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
SC-300 Exam Question 77
You have an Azure AD tenant that uses Azure AD Identity Protection and contains the resources shown in the following table.
Azure Multi-Factor Authentication (MFA) is enabled for all users.
User1 triggers a medium severity alert that requires additional investigation.
You need to force User1 to reset his password the next time he signs in. the solution must minimize administrative effort.
What should you do?
Azure Multi-Factor Authentication (MFA) is enabled for all users.
User1 triggers a medium severity alert that requires additional investigation.
You need to force User1 to reset his password the next time he signs in. the solution must minimize administrative effort.
What should you do?
SC-300 Exam Question 78
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure Azure AD Password Protection.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure Azure AD Password Protection.
Does this meet the goal?
SC-300 Exam Question 79
You have a Microsoft 365 E5 subscription.
You purchase the app governance add-on license.
You need to enable app governance integration.
Which portal should you use?
You purchase the app governance add-on license.
You need to enable app governance integration.
Which portal should you use?
SC-300 Exam Question 80
You have an Azure AD tenant named contoso.com that contains a group named All Company and has the following Identity Governance settings:
* Block external users from signing in to this directory: Yes
* Remove external user Yes
* Number of days before removing external user from this directory: 30
On March 1, 2022, you create an access package named Package1 that has the following settings:
* Resource roles
o Name: All Company
o Type: Group and Team
o Role: Member
* Lifecycle
o Access package assignment expire: On date
o Assignment expiration date: April 1, 2022
On March 1, 2022, you assign Package1 to the guest users shown in the following table.
On March 2, 2022, you assign the Reports reader role to Guest1.
On April 1(2022, you invite a guest user named Guest3 to contoso.com.
On April 4, 2022, you add Guest3 to the All Company group.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
* Block external users from signing in to this directory: Yes
* Remove external user Yes
* Number of days before removing external user from this directory: 30
On March 1, 2022, you create an access package named Package1 that has the following settings:
* Resource roles
o Name: All Company
o Type: Group and Team
o Role: Member
* Lifecycle
o Access package assignment expire: On date
o Assignment expiration date: April 1, 2022
On March 1, 2022, you assign Package1 to the guest users shown in the following table.
On March 2, 2022, you assign the Reports reader role to Guest1.
On April 1(2022, you invite a guest user named Guest3 to contoso.com.
On April 4, 2022, you add Guest3 to the All Company group.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
