SC-300 Practice Questions — Page 22

You have an Azure subscription that is linked to a Microsoft Entra tenant. The tenant contains a registered app named App1.

You have a partner organization that has a Microsoft Entra tenant. The tenant contains a registered app named App2.

You need to ensure that App1 can access App2.

Which two types of credentials can App1 use? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Entra tenant that contains an app registration named App1. App1 has Microsoft Graph application permissions.

You need to configure the environment to support App1. The solution must meet the following requirements:

• App1 must be accessible only from the corporate network.

• The credentials for App1 must NOT be stored as plain text.

• Non-interactive scheduled tasks on Server1 must be able to authenticate to App1.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains two attribute sets named Set1 and Set2. The subscription contains the users shown in the following table.

You have the custom security attributes shown in the following table.

You assign User2 the Attribute Definition Administrator role for Set1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have an Azure Active Directory (Azure AD) tenant that contains Azure AD Privileged Identity Management (PIM) role settings for the User administrator role as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Hot Area:

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.

User1 has the devices shown in the following table.

On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings:

✑ Name: Terms1

✑ Display name: Contoso terms of use

✑ Require users to expand the terms of use: On

✑ Require users to consent on every device: On

✑ Expire consents: On

✑ Expire starting on: December 10, 2020

✑ Frequency: Monthly

On November 15, 2020, User1 accepts Terms1 on Device3.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Your company recently implemented Azure Active Directory (Azure AD) Privileged Identity Management (PIM).

While you review the roles in PIM, you discover that all 15 users in the IT department at the company have permanent security administrator rights.

You need to ensure that the IT department users only have access to the Security administrator role when required.

What should you configure for the Security administrator role assignment?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 tenant.

You have 100 IT administrators who are organized into 10 departments.

You create the access review shown in the exhibit. (Click the Exhibit tab.)

You discover that all access review requests are received by Megan Bowen.

You need to ensure that the manager of each department receives the access reviews of their respective department.

Solution: You modify the properties of the IT administrator user accounts.

Does this meet the goal?