Dumps4free
Discount Offer
Go Back on SC-300 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99



Pass exam with Dumps4free or we will provide you with three additional months of access for FREE.

SC-300 Practice Test


Page 23 out of 61 Pages

Topic 4: Misc. Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not initiate.
Solution: From the Azure portal, you configure the Notifications settings for multi-factor authentication (MFA).
Does this meet the goal?


A. Yes


B. No





B.   No

You have a Microsoft 365 subscription.
You plan to deploy an app named App1 that will have the following configurations:

  • Will be registered in Microsoft Entra
  • Will run as a service without user interaction
  • Will collect audit logs associated with user sign-ins
  • Will access resources by using the Microsoft Graph API
You need to ensure that App1 can access Microsoft Graph.
What should you use?


A. application permissions


B. delegated permissions


C. a custom role-based access control (RBAC) role


D. a built-in role-based access control (RBAC) role





B.   delegated permissions

You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1. SecAdmin1 is assigned the Security administrator role.
SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.
You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?


A. Authentication administrator


B. Helpdesk administrator


C. Privileged authentication administrator


D. Security operator





C.   Privileged authentication administrator

Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with a Microsoft Entra tenant. You need to ensure that user authentication always occurs by validating passwords against the AD DS domain. What should you configure, and what should you use? To answer, select the appropriate options in the answer area. NOTE: Each coned selection is worth one point.






You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
User1 has the devices shown in the following table.







Page 23 out of 61 Pages
Previous