Questions for the SC-300 were updated on : Oct 05 ,2024
You need to sync the ADatum users. The solution must meet the technical requirements.
What should you do?
A
Explanation:
You need to select Customize synchronization options to configure Azure AD Connect to sync the Adatum organizational
unit (OU).
HOTSPOT
You need to meet the technical requirements for license management by the helpdesk administrators.
What should you create first, and which tool should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/roles/administrative-units https://docs.microsoft.com/en-
us/azure/active-directory/roles/admin-units-manage Implement an identity management solution
HOTSPOT
You need to configure the assignment of Azure AD licenses to the Litware users. The solution must meet the licensing
requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Litware recently added a custom user attribute named LWLicenses to the litware.com Active Directory forest. Litware wants
to manage the assignment of Azure AD licenses by modifying the value of the LWLicenses attribute. Users who have the
appropriate value for LWLicenses must be added automatically to a Microsoft 365 group that has the appropriate licenses
assigned.
You need to meet the authentication requirements for leaked credentials.
What should you do?
A
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity
HOTSPOT
You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal https://docs.microsoft.com/en-
us/azure/active-directory/roles/permissions-reference Implement an identity management solution
HOTSPOT
You need to create the LWGroup1 group to meet the management requirements.
How should you complete the dynamic membership rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Implement an identity management solution
HOTSPOT
You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements
and the access requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Reference:
https://docs.microsoft.com/en-us/sharepoint/app-enforced-restrictions
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-
access-session
HOTSPOT
You need to configure app registration in Azure AD to meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles Implement access management for apps
You create a Log Analytics workspace.
You need to implement the technical requirements for auditing.
What should you configure in Azure AD?
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-monitoring
HOTSPOT
You need to implement the planned changes and technical requirements for the marketing department.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization
You need to meet the planned changes for the User administrator role.
What should you do?
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-add-role-to-
user?tabs=new
You need to configure the detection of multi-staged attacks to meet the monitoring requirements.
What should you do?
A
You need to track application access assignments by using Identity Governance. The solution must meet the delegation
requirements.
What should you do first?
B
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant.
Users sign in to computers that run Windows 10 and are joined to the domain.
You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO). You need to configure the Windows
10 computers to support Azure AD Seamless SSO.
What should you do?
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start
You have an Azure Active Directory (Azure AD) tenant that contains the following objects:
A device named Device1
Users named User1, User2, User3, User4, and User5
Groups named Group1, Group2, Group3, Group4, and Group5
The groups are configured as shown in the following table.
To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly?
C
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced