← Back to exam page

SC-300 Microsoft Identity and Access Administrator

Loading demo links...

Showing 7–9 of 13 questions

Question 7 (New Update)

You have an Azure AD tenant that contains two users named User1 and User2. You plan to perform the following actions:

• Create a group named Group 1.

• Add User1 and User 2 to Group1.

• Assign Azure AD roles to Group1.

You need to create Group1.

Which two settings can you use? Each correct answer presents a complete solution

NOTE: Each correct selection is worth one point

Select all that apply, then click Submit answer.

  • Group type: Microsoft 365 Membership type: Dynamic User

  • Group type: Security Membership type: Dynamic Device

  • Group type Security Membership type: Dynamic User

  • Group type Security Membership type: Assigned

  • Group type: Microsoft 365 Membership type: Assigned
Question 8 (New Update)

You have a Microsoft 365 tenant.

You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant.

Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.

You plan to manage access to external applications by using Azure AD.

You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.

What should you use to gather the information?

Select an option, then click Submit answer.

  • Cloud App Discovery in Microsoft Defender for Cloud Apps

  • enterprise applications in Azure AD

  • access reviews in Azure AD

  • Application Insights in Azure Monitor
Question 9 (Mixed Questions)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant.

All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.

Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

You need to block the users automatically when they report an MFA request that they did not initiate.

Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).

Does this meet the goal?

Select an option, then click Submit answer.

  • Yes

  • No