FEFreeExamDumps.in

SC-300 Practice Questions — Page 21

Question 201

Open question ↗

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account.

You deploy an Azure subscription and enable Microsoft 365 Defender.

You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps.

Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector.

Does this meet the goal?

  • A.Yes
  • B.No

Question 202

Open question ↗

Your company purchases a Microsoft 365 E5 subscription.

A user named User1 is assigned the Security Administrator role.

You need to ensure that User1 can create Microsoft Defender for Cloud Apps session policies.

What should you do first?

  • A.Create a Conditional Access policy and select Require app protection policy.
  • B.Create a Conditional Access policy and select Use Conditional Access App Control.
  • C.Assign the Cloud Application Administrator role to User1.
  • D.Assign the Cloud App Security Administrator role to User1.

Question 203

Open question ↗

You have an Azure subscription that contains a user named User1.

The App registration settings for the Azure AD tenant are configured as shown in the following exhibit.

User1 builds an ASP.NET web app named App1.

You need to ensure that User1 can register App1. The solution must use the principle of least privilege.

Which role should you assign to User1?

Question 203
  • A.Application Developer
  • B.Cloud App Security Administrator
  • C.Cloud Application Administrator
  • D.Application Administrator

Question 204

Open question ↗

You have a Microsoft Entra tenant that contains multiple storage accounts.

You plan to deploy multiple Azure App Service apps that will require access to the storage accounts.

You need to recommend an identity solution to provide the apps with access to the storage accounts. The solution must minimize administrative effort.

Which type of identity should you recommend, and what should you recommend using to control access to the storage accounts? To answer, select the appropriate options in the answer area.

Question 204

Question 205

Open question ↗

You have an Azure subscription that contains a storage account named storage1 and a web app named WebApp1. WebApp1 uses a system-assigned managed identity.

You need to ensure that WebApp1 can read and write files to storage1 by using the system-assigned managed identity.

What should you configure for storage1 in the Azure portal?

  • A.data protection
  • B.a shared access signature (SAS)
  • C.the Access control (IAM) settings
  • D.the File share settings
  • E.access keys

Question 206

Open question ↗

You have a Microsoft 365 E5 subscription.

You need to configure app consent for the subscription. The solution must meet the following requirements:

• Disable user consent to apps.

• Configure admin consent workflow for apps.

Which portal should you use for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 206

Question 207

Open question ↗

You have a Microsoft 365 subscription.

You plan to deploy an app named App1 that will have the following configurations:

• Will be registered in Microsoft Entra

• Will access the signed-in user's Microsoft Outlook calendar by using the Microsoft Graph API

You need to ensure that App1 can access Microsoft Graph.

What should you use?

  • A.application permissions
  • B.delegated permissions
  • C.a custom role-based access control (RBAC) role
  • D.a built-in role-based access control (RBAC) role

Question 208

Open question ↗

You have an Azure subscription that contains the resources shown in the following table.

You create a Microsoft Entra user named User1.

Which identities can you add to VM1 and App1? To answer, select the appropriate options in the answer area.

NOTE: Each correct answer is worth one point.

Question 208

Question 209

Open question ↗

SIMULATION

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:[email protected]

Microsoft 365 Password: =1122334455667788

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 99999999

You need to configure consent for applications that require access to data in the Microsoft 365 subscription. The solution must meet the following requirements:

If a user cannot provide consent to an application, the user must be able to request that an administrator review the consents requests.

Allan Deyoung must be able to review the consent requests of the users.

To complete this task, sign in to the appropriate admin center.

Question 210

Open question ↗

SIMULATION

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:[email protected]

Microsoft 365 Password: =1122334455667788

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 99999999

You need to ensure that when users in the sg-Operations group go to the My Apps portal, a tab named Operations appears that contains only the following applications:

• LinkedIn

• Box

To complete this task, sign in to the appropriate admin center.