Microsoft Identity and Access Administrator (SC-300)

FREE Microsoft Identity and Access Administrator Dumps Questions and Answers

Azure AD Identity Protection is turned on for the Azure Active Directory (Azure AD) tenant conto.so.com. Implementing a sign-in risk remediation policy is necessary without restricting access.
What should you do first?

Enforce Azure AD Password Protection.

Configure access reviews in Azure A

Configure self-service password reset (SSPR) for all users.

Implement multi-factor authentication (MFA) for all users.correct

Correct! Wrong!

To achieve the monitoring criteria, you must configure the detection of many staged attacks.
What should you do?

Create a workbook.

Customize the Azure Sentinel rule logic.

Add Azure Sentinel data connectors.

Add an Azure Sentinel playbook.

Correct! Wrong!

An Azure Active Directory (Azure AD) tenant with the name contoso.com is connected to the Active Directory forest contoso.com on your network using Azure AD Connect. Users who have the extensionAttribute15 property set to NoSync must not be synchronized.

What should you do in Azure AD Connect?

Configure a Full Import run profile.

Create an inbound synchronization rule for the Windows Azure Active Directory connector.

Configure an Export run profile.

Create an inbound synchronization rule for the Active Directory Domain Services connector.

Correct! Wrong!

‥ You have an Azure Active Directory (Azure AD) tenant.
‥ For the tenant, Users can register applications if set to No.
‥ A user named Admin1 must deploy a new cloud app named App1.
‥ You need to ensure that Admin1 can register App1 in Azure AD. The solution must use the principle of least privilege.

Which role should you assign to Admin1?

App Configuration Data Owner for Subscription1.

Cloud application administrator in Azure AD.

Managed Application Contributor for Subscription1.

Application developer in Azure AD.

Correct! Wrong!

Your Microsoft Exchange organization makes use of the contoso.com SMTP address space.
Several users use their contoso.com email address for self-service sign-up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services

Which PowerShell cmdlet should you run?

Set-MsolCompanySettings

Update-MsolfederateDomain

Set-Mso1DomaininFederationSettings

Set-MsolCompanySettingscorrect

Correct! Wrong!

For users who connect from the Boston office, you must establish the MFA settings. Both the access requirements and the authentication criteria must be satisfied by the solution.
What should you configure?

Trusted IPs that have a private IP address range

Trusted IPs that have a public IP address range

Named locations that have a public IP address range correct

Named locations that have a private IP address range

Correct! Wrong!

The authentication criteria for credentials that have been disclosed must be met.
What should you do?

Configure Azure AD Password Protection.

Enable federation with PingFederate in Azure AD Connect.

Configure an authentication method policy in Azure A

Enable password hash synchronization in Azure AD Connect.correct

Correct! Wrong!

FREE Microsoft Identity and Access Administrator Dumps Questions and Answers

Azure AD Identity Protection is turned on for the Azure Active Directory (Azure AD) tenant conto.so.com. Implementing a sign-in risk remediation policy is necessary without restricting access. What should you do first?

To achieve the monitoring criteria, you must configure the detection of many staged attacks. What should you do?

An Azure Active Directory (Azure AD) tenant with the name contoso.com is connected to the Active Directory forest contoso.com on your network using Azure AD Connect. Users who have the extensionAttribute15 property set to NoSync must not be synchronized. What should you do in Azure AD Connect?

For users who connect from the Boston office, you must establish the MFA settings. Both the access requirements and the authentication criteria must be satisfied by the solution. What should you configure?

The authentication criteria for credentials that have been disclosed must be met. What should you do?

Related Post

Azure AD Identity Protection is turned on for the Azure Active Directory (Azure AD) tenant conto.so.com. Implementing a sign-in risk remediation policy is necessary without restricting access.
What should you do first?

To achieve the monitoring criteria, you must configure the detection of many staged attacks.
What should you do?

An Azure Active Directory (Azure AD) tenant with the name contoso.com is connected to the Active Directory forest contoso.com on your network using Azure AD Connect. Users who have the extensionAttribute15 property set to NoSync must not be synchronized.

What should you do in Azure AD Connect?

For users who connect from the Boston office, you must establish the MFA settings. Both the access requirements and the authentication criteria must be satisfied by the solution.
What should you configure?

The authentication criteria for credentials that have been disclosed must be met.
What should you do?