Microsoft SC-300 Microsoft Identity and Access Administrator Exam Practice Test

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1. You need to be notified if a user downloads more than 50 files in one minute from Site1.

Which type of policy should you create in the Microsoft Defender for Cloud Apps portal?

You create a conditional access policy that blocks access when a user triggers a high-seventy sign-in alert. You need to test the policy under the following conditions;

* A user signs in from another country.

* A user triggers a sign-in risk.

What should you use to complete the test?

You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1. SecAdmin1 is

assigned the Security administrator role.

SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.

You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative

users. The solution must use the principle of least privilege.

Which role should you assign to SecAdmin1?

You have an Azure Active Directory (Azure AD) tenant that uses conditional access policies.

You plan to use third-party security information and event management (SIEM) to analyze conditional access usage.

You need to download the Azure AD log that contains conditional access policy data.

What should you export from Azure AD?

You have the Azure resources show in the following table.

To Which identities can you assign the Contributor role for RG1?

You need to meet the planned changes and technical requirements for App1.

What should you implement?

You have a Microsoft 365 E5 subscription.

You need to be able to create a Microsoft Defender for Cloud Apps session policy.

What should you do first?