SC-300 Practice Questions — Page 28

Question 271

You have a Microsoft 365 subscription that is onboarded to Microsoft Entra Permissions Management.

You need to identify managed identities that are assigned permissions and remove any permissions that have been unused for 90 days. The solution must minimize administrative effort.

What should you do in the Entra Permissions Management portal?

A.Configure an Autopilot rule.
B.Schedule a Permissions analytics report.
C.From Microsoft Entra Insights, review Service principals with privileged role assignments.
D.Run an audit query.

Question 272

Open question ↗

You have a Microsoft 365 subscription.

You need to create a Conditional Access policy that will use a Global Secure Access security profile. The solution must ensure that users are prevented from accessing websites that include the word gambling in the URL.

What should you do first?

A.Create a web content filtering policy.
B.Create a named location.
C.Configure the Adaptive Access settings.
D.Create a network security group (NSG).

Question 273

Open question ↗

You have an Azure subscription that is linked to a Microsoft Entra tenant. The tenant contains the groups shown in the following table.

Which groups can you manage by using Privileged Identity Management (PIM)?

A.Group2 only
B.Group1 and Group2 only
C.Group2 and Group4 only
D.Group1, Group2, and Group3 only
E.Group1, Group2, Group3, and Group4

Question 274

Open question ↗

You have an Azure subscription that contains a group named Group1 and two users named User1 and User2. User1 is a member of Group1.

You register an enterprise application named App1.

You enable self-service application access for App1 and configure the following settings:

• Allow users to request access to this application: Yes

• To which group should assigned users be added: Group1

• Require approval before granting access to this application: Yes

• Who is allowed to approve access to this application: User2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question 275

Open question ↗

You have a Microsoft Entra tenant that contains three users named User1, User2, and User3.

You need to configure just-in-time (JIT) access to admin roles by using Privileged Identity Management (PIM). The solution must meet the following requirements:

• Ensure that User1 can use the User Administrator role without approval.

• Ensure that User2 can use the User Administrator role once User3 has approved the role request of User2.

What should you create first?

A.role assignments ✓
B.administrative units
C.security groups
D.Conditional Access policies

Question 276

Open question ↗

You need to sync the ADatum users. The solution must meet the technical requirements.

What should you do?

A.From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options.
B.From PowerShell, run Set-ADSyncScheduler.
C.From PowerShell, run Start-ADSyncSyncCycle.
D.From the Microsoft Azure Active Directory Connect wizard, select Change user sign-in.

Question 277

Open question ↗

You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements and the access requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question 278

Open question ↗

You need to configure app registration in Azure AD to meet the delegation requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Question 279

Open question ↗

How should the access be setup to the on-premises applications?

Hot Area:

Question 280

Open question ↗

You need to meet the planned changes for the User administrator role.

What should you do?

A.Create an access review.
B.Create an administrative unit.
C.Modify Active assignments.
D.Modify Role settings.