Microsoft SC-300 Exam Practice Test Instant Access

Question 1

You have a Microsoft 365 tenant.

You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant.

Users connect to the internet by using a hardware firewall at your company. The users authenticate to the firewall by using their Active Directory credentials.

You plan to manage access to external applications by using Azure AD.

You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.

What should you use to gather the information?

ACloud App Discovery in Microsoft Defender for Cloud Apps

Benterprise applications in Azure AD

Caccess reviews in Azure AD

DApplication Insights in Azure Monitor

Answer : A

Question 2

You have an Azure subscription that contains the custom roles shown in the following table.

You need to create a custom Azure subscription role named Role3 by using the Azure portal. Role3 will use the baseline permissions of an existing role. Which roles can you clone to create Role3?

ARole2 only

Bbuilt-in Azure subscription roles only

Cbuilt-in Azure subscription roles and Role2 only

Dbuilt-in Azure subscription roles and built-in Azure AD roles only

ERole1, Role2 built-in Azure subscription roles, and built-in Azure AD roles

Answer : D

Question 3

You have a Microsoft 365 subscription that contains the following:

* An Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium P2 license

* A Microsoft SharePoint Online site named Site1

* A Microsoft Teams team named Team1

You need to create an entitlement management workflow to manage Site1 and Team1. What should you do first?

ACreate an access package.

BCreate a catalog.

CCreate an administrative unit.

DConfigure an app registration.

Answer : A

Question 4

You have a Microsoft 365 E5 subscription.

You need to create a Microsoft Defender for Cloud Apps session policy.

What should you do first?

AFrom the Microsoft Defender for Cloud Apps portal, select User monitoring.

BFrom the Microsoft Defender for Cloud Apps portal, select App onboarding/maintenance

CFrom the Azure Active Directory admin center, create a Conditional Access policy.

DFrom the Microsoft Defender for Cloud Apps portal, create a continuous report.

Answer : A

Question 5

You have an Azure Active Directory Premium P2 tenant.

You create a Log Analytics workspace.

You need to ensure that you can view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.

What should you do first?

ARun the Set-AzureADTenantDetail cmdlet.

BCreate an Azure AD workbook.

CModify the Diagnostics settings for Azure AD.

DRun the Get-AzureADAuditDirectoryLogs cmdlet.

Answer : C

Question 6

You have an Azure Active Directory (Azure AD) tenant that contains cloud-based enterprise apps.

You need to group related apps into categories in the My Apps portal.

What should you create?

Atags

Bcollections

Cnaming policies

Ddynamic groups

Answer : B

Question 7

You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.

From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users.

You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.

What should you use?

Athe Administrative units blade in the Azure Active Directory admin center

Bthe Set-AzureAdUser cmdlet

Cthe Groups blade in the Azure Active Directory admin center

Dthe Sec-MsolUserLicense cmdlet

Answer : D

Microsoft SC-300 Microsoft Identity and Access Administrator Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7