microsoft SC-300 Exam Questions
Questions for the SC-300 were updated on : Jul 20 ,2024
Page 1 out of 8. Viewing questions 1-15 out of 108
Question 1 Topic 1, Case Study 1Case Study Question View Case
You need to sync the ADatum users. The solution must meet the technical requirements.
What should you do?
- A. From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options.
- B. From PowerShell, run Set-ADSyncScheduler.
- C. From PowerShell, run Start-ADSyncSyncCycle.
- D. From the Microsoft Azure Active Directory Connect wizard, select Change user sign-in.
Answer:
A
Explanation:
You need to select Customize synchronization options to configure Azure AD Connect to sync the Adatum organizational
unit (OU).
Question 2 Topic 1, Case Study 1Case Study Question View Case
HOTSPOT
You need to meet the technical requirements for license management by the helpdesk administrators.
What should you create first, and which tool should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/roles/administrative-units https://docs.microsoft.com/en-
us/azure/active-directory/roles/admin-units-manage Implement an identity management solution
Question 3 Topic 2, Case Study 2Case Study Question View Case
HOTSPOT
You need to configure the assignment of Azure AD licenses to the Litware users. The solution must meet the licensing
requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Litware recently added a custom user attribute named LWLicenses to the litware.com Active Directory forest. Litware wants
to manage the assignment of Azure AD licenses by modifying the value of the LWLicenses attribute. Users who have the
appropriate value for LWLicenses must be added automatically to a Microsoft 365 group that has the appropriate licenses
assigned.
Question 4 Topic 2, Case Study 2Case Study Question View Case
You need to meet the authentication requirements for leaked credentials.
What should you do?
- A. Enable password hash synchronization in Azure AD Connect.
- B. Configure Azure AD Password Protection.
- C. Configure an authentication method policy in Azure AD.
- D. Enable federation with PingFederate in Azure AD Connect.
Answer:
A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity
Question 5 Topic 2, Case Study 2Case Study Question View Case
HOTSPOT
You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal https://docs.microsoft.com/en-
us/azure/active-directory/roles/permissions-reference Implement an identity management solution
Question 6 Topic 2, Case Study 2Case Study Question View Case
HOTSPOT
You need to create the LWGroup1 group to meet the management requirements.
How should you complete the dynamic membership rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Implement an identity management solution
Question 7 Topic 3, Case Study 3Case Study Question View Case
HOTSPOT
You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements
and the access requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/sharepoint/app-enforced-restrictions
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-
access-session
Question 8 Topic 3, Case Study 3Case Study Question View Case
HOTSPOT
You need to configure app registration in Azure AD to meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles Implement access management for apps
Question 9 Topic 4, Case Study 4Case Study Question View Case
You create a Log Analytics workspace.
You need to implement the technical requirements for auditing.
What should you configure in Azure AD?
- A. Company branding
- B. Diagnostics settings
- C. External Identities
- D. App registrations
Answer:
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-monitoring
Question 10 Topic 4, Case Study 4Case Study Question View Case
HOTSPOT
You need to implement the planned changes and technical requirements for the marketing department.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization
Question 11 Topic 4, Case Study 4Case Study Question View Case
You need to meet the planned changes for the User administrator role.
What should you do?
- A. Create an access review.
- B. Create an administrative unit.
- C. Modify Active assignments.
- D. Modify Role settings.
Answer:
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-add-role-to-
user?tabs=new
Question 12 Topic 5, Case Study 5Case Study Question View Case
You need to configure the detection of multi-staged attacks to meet the monitoring requirements.
What should you do?
- A. Customize the Azure Sentinel rule logic.
- B. Create a workbook.
- C. Add Azure Sentinel data connectors.
- D. Add an Azure Sentinel playbook.
Answer:
A
Question 13 Topic 5, Case Study 5Case Study Question View Case
You need to track application access assignments by using Identity Governance. The solution must meet the delegation
requirements.
What should you do first?
- A. Modify the User consent settings for the enterprise applications.
- B. Create a catalog.
- C. Create a program.
- D. Modify the Admin consent requests settings for the enterprise applications.
Answer:
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
Question 14 Topic 6, Mixed Questions
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant.
Users sign in to computers that run Windows 10 and are joined to the domain.
You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO). You need to configure the Windows
10 computers to support Azure AD Seamless SSO.
What should you do?
- A. Configure Sign-in options from the Settings app.
- B. Enable Enterprise State Roaming.
- C. Modify the Intranet Zone settings.
- D. Install the Azure AD Connect Authentication Agent.
Answer:
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start
Question 15 Topic 6, Mixed Questions
You have an Azure Active Directory (Azure AD) tenant that contains the following objects:
A device named Device1
Users named User1, User2, User3, User4, and User5
Groups named Group1, Group2, Group3, Group4, and Group5
The groups are configured as shown in the following table.
To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly?
- A. Group1 and Group4 only
- B. Group1, Group2, Group3, Group4, and Group5
- C. Group1 and Group2 only
- D. Group1 only
- E. Group1, Group2, Group4, and Group5 only
Answer:
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced