Pass the Microsoft Certified: Identity and Access Administrator Associate SC-300 Questions and answers with ExamsMirror

Your network contains an on-premises Active Directory Domain services (AD DS) domain that syncs with an Azure AD tenant. The AD DS domain contains the organizational units (OUs) shown in the following table.

You need to create a break-glass account named BreakGlass.

Where should you create BreakGlass, and which role should you assign to BreakGlass? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains a resource group named RG1 and four users named User1, User2, User3, and User4. You plan to assign the users the following roles for RG1:

• User1: Reader

• User2: Contributor

• User3: Storage Blob Data Reader

• User4: Virtual Machine Contributor

You are evaluating the use of attribute-based access control (ABAC). Which user's role will support the use of ABAC?

You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.

Yon receive more than 100 email alerts each day for tailed Azure Al) user sign-in attempts.

You need to ensure that a new security administrator receives the alerts instead of you.

Solution: From Azure monitor, you modify the action group.

Does this meet the goal?

You have Microsoft Entra tenant that contains a group named Group3 and an administrative unit named Department1.

Department has the users shown in the Users exhibit. (Click the Users tab.)

Department1 has the groups shown in the Groups exhibit (Click the Groups tab.)

The User Administrator role assignments are shown in the Assignments exhibit. (Click the Assignments tab.)

The members of Group2 are shown in the Group2 exhibit. (Click the Group2 tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have a Microsoft Entra tenant.

You need to configure continuous access evaluation for app sign-ins and assign the configuration to users that are assigned the Application Administrator role.

What should you configure?

You have an Azure Active Directory (Azure AD) tenant that contains an administrative unit named Department1.

Department1 has the users shown in the Users exhibit. (Click theUserstab.)

Department1 has the groups shown in the Groups exhibit. (Click theGroupstab.)

Department1 has the user administrator assignments shown in the Assignments exhibit. (Click theAssignmentstab.)

The members of Group2 are shown in the Group2 exhibit. (Click theGroup2tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE:Each correct selection is worth one point.

You have an Azure subscription.

From Entitlement management, you plan to create a catalog named Catalog1 that will contain a custom extension.

What should you create first and what should you use to distribute Catalog1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have a Microsoft Entra tenant.

You need to query risky user activity for the tenant.

How long will the logs of risky user activity be retained?

You have an Azure AD tenant that contains the users shown in the following table.

User2 reports that he can only configure multi-factor authenticating (MFA) to use the Microsoft Authenticator app.

You need to ensure that User2 can configure alternate MFA methods.

Which configuration is required, and which user should perform the configuration? To answer, select the appropriate options in the answer area.

You have a Microsoft 365 tenant.

Sometimes, users use external, third-party applications that require limited access to the Microsoft 365 data of the respective user. The users register the applications in Azure Active Directory (Azure AD).

You need to receive an alert if a registered application gains read and write access to the users’ email.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.