SC-300 Azure AD Identity Protection 2

Question 1

Which risk detection in Identity Protection is triggered when a user's credentials appear in a publicly disclosed data breach?

Accepted Answer

Leaked credentials

Answer

Unfamiliar sign-in properties

Answer

Atypical travel

Answer

Suspicious inbox forwarding

Question 2

What does the 'Atypical travel' risk detection in Azure AD Identity Protection indicate?

Accepted Answer

Two sign-ins occurred from geographically distant locations within an impossibly short timeframe

Answer

A user signed in from an anonymous IP address

Answer

A user signed in from a country not previously associated with their account

Answer

A sign-in was performed using a malware-infected device

Question 3

An administrator marks a risky user as 'Confirm user compromised' in Identity Protection. What immediate effect does this action have?

Accepted Answer

The user's risk level is set to high and the account may be blocked based on policy

Answer

The user's MFA registration is deleted

Answer

The user's password is immediately reset by the system

Answer

The user receives an email notification about the compromise

Question 4

Which report in Azure AD Identity Protection shows a list of all users who have active risk detections associated with their accounts?

Accepted Answer

Risky users report

Answer

Risky sign-ins report

Answer

Risk detections report

Answer

Identity Secure Score report

Question 5

In Identity Protection, which risk detection category is classified as 'real-time' rather than 'offline'?

Accepted Answer

Anonymous IP address

Answer

Leaked credentials

Answer

Atypical travel

Answer

Suspicious inbox manipulation rules

Question 6

A company wants to automatically force a password reset for any user whose risk level reaches 'High'. Which Identity Protection configuration achieves this?

Accepted Answer

Configure the user risk policy to require password change at high risk

Answer

Configure the sign-in risk policy to block high-risk sign-ins

Answer

Enable the MFA registration policy for all users

Answer

Create a Conditional Access policy requiring MFA for all apps