SC-300 Azure AD Identity Protection

Question 1

Which Identity Protection policy automatically blocks or requires MFA for sign-ins that are detected as medium or high risk?

Accepted Answer

Sign-in risk policy

Answer

User risk policy

Answer

MFA registration policy

Answer

Conditional Access policy

Question 2

Which risk detection type in Azure AD Identity Protection flags sign-ins from IP addresses associated with anonymous proxies or Tor networks?

Accepted Answer

Anonymous IP address

Answer

Atypical travel

Answer

Leaked credentials

Answer

Malware linked IP address

Question 3

A user's account is flagged with a high user risk in Azure AD Identity Protection. Which remediation action can the user self-perform to resolve the risk?

Accepted Answer

Perform a secure password change via SSPR

Answer

Disable their own account

Answer

Delete their MFA registration

Answer

Contact Microsoft Support directly

Question 4

What minimum license is required to access Azure AD Identity Protection risk reports and configure risk policies?

Accepted Answer

Azure AD Premium P2

Answer

Azure AD Free

Answer

Azure AD Premium P1

Answer

Microsoft 365 Business Standard

Question 5

Which Identity Protection policy is used to enforce MFA registration for users who have not yet registered their authentication methods?

Accepted Answer

MFA registration policy

Answer

Sign-in risk policy

Answer

User risk policy

Answer

Conditional Access registration policy

Question 6

An administrator wants to dismiss all active risk detections for a specific user who was confirmed safe after investigation. Which action should they take in Identity Protection?

Accepted Answer

Dismiss user risk

Answer

Delete the user and recreate the account

Answer

Confirm the user as compromised

Answer

Disable the sign-in risk policy