FEFreeExamDumps.in

SC-300 Practice Questions — Page 19

Question 181

Open question ↗

You have a Microsoft 365 tenant.

The Azure Active Directory (Azure AD) tenant syncs to an on-premises Active Directory domain.

Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.

You plan to manage access to external applications by using Azure AD.

You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.

What should you use to gather the information?

  • A.Application Insights in Azure Monitor
  • B.access reviews in Azure AD
  • C.Cloud App Discovery in Microsoft Cloud App Security
  • D.enterprise applications in Azure AD

Question 182

Open question ↗

You have a Microsoft 365 tenant that contains a group named Group1 as shown in the Group1 exhibit. (Click the Group1 tab.)

You create an enterprise application named App1 as shown in the App1 Properties exhibit. (Click the App1 Properties tab.)

You configure self-service for App1 as shown in the App1 Self-service exhibit. (Click the App1 Self-service tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Question 182

Question 183

Open question ↗

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure AD Identity Protection enabled.

You need to implement a sign-in risk remediation policy without blocking user access.

What should you do first?

  • A.Configure access reviews in Azure AD.
  • B.Enforce Azure AD Password Protection.
  • C.Configure self-service password reset (SSPR) for all users.
  • D.Implement multi-factor authentication (MFA) for all users.

Question 184

Open question ↗

Your company has a Microsoft 365 tenant.

All users have computers that run Windows 10 and are joined to the Azure Active Directory (Azure AD) tenant.

The company subscribes to a third-party cloud service named Service1. Service1 supports Azure AD authentication and authorization based on OAuth. Service1 is published to the Azure AD gallery.

You need to recommend a solution to ensure that the users can connect to Service1 without being prompted for authentication. The solution must ensure that the users can access Service1 only from Azure AD-joined computers. The solution must minimize administrative effort.

What should you recommend for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question 184

Question 185

Open question ↗

Your company requires that users request access before they can access corporate applications.

You register a new enterprise application named MyApp1 in Azure Active Directory (Azure AD) and configure single sign-on (SSO) for MyApp1.

Which settings should you configure next for MyApp1?

  • A.Self-service
  • B.Provisioning
  • C.Application proxy
  • D.Roles and administrators

Question 186

Open question ↗

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com.

The company is developing a web service named App1.

You need to ensure that App1 can use Microsoft Graph to read directory data in contoso.com.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange then in the correct order.

Select and Place:

Question 186

Question 187

Open question ↗

The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.

In Azure AD, you add a new enterprise application named App1.

Which groups can you assign to App1?

Question 187
  • A.Group1 only
  • B.Group2 only
  • C.Group3 only
  • D.Group1 and Group4
  • E.Group1 and Group3

Question 188

Open question ↗

You have a Microsoft 365 subscription. The subscription contains users that use Microsoft Outlook 2016 and Outlook 2013 clients.

You need to implement tenant restrictions. The solution must minimize administrative effort.

What should you do first?

  • A.Configure the Outlook 2013 clients to use modern authentication.
  • B.Upgrade the Outlook 2013 clients to Outlook 2016.
  • C.From the Exchange admin center, configure Organization Sharing.
  • D.Upgrade all the Outlook clients to Outlook 2019.

Question 189

Open question ↗

You have a Microsoft 365 E5 subscription and an Azure subscription.

You plan to analyze Microsoft Entra sign-in logs by using Azure Monitor.

You need to configure diagnostic settings for Microsoft Entra.

Which destination should you configure for the sign-in logs?

  • A.an Azure event hub
  • B.an Azure SQL database
  • C.a Log Analytics workspace ✓
  • D.an Azure Storage account

Question 190

Open question ↗

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

You add an enterprise application named App1 to Azure AD and set User1 as the owner of App1. App1 requires admin consent to access Azure AD before the app can be used.

You configure the Admin consent requests settings as shown in the following exhibit.

Admin1, Admin2, Admin3, and User’ are added as reviewers.

Which users can review and approve the admin consent requests?

Question 190
  • A.Admin1 only
  • B.Admin1, Admin2 and Admin3 only
  • C.Admin1, Admin2, and User1 only
  • D.Admin1 and Admin2 only
  • E.Admin1, Admin2, Admin3, and User1