Microsoft Identity and Access Administrator 온라인 연습
최종 업데이트 시간: 2024년11월08일
당신은 온라인 연습 문제를 통해 Microsoft SC-300 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 SC-300 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 52개의 시험 문제와 답을 포함하십시오.
/ 3
Question No : 1
Your network contains an on-premises Active Directory domain that sync to an Azure Active Directory (Azure AD) tenant.
The tenant contains the shown in the following table.
All the users work remotely.
Azure AD Connect is configured in Azure as shown in the following exhibit.
Connectivity from the on-premises domain to the internet is lost.
Which user can sign in to Azure AD?
정답:
Question No : 2
You have a Microsoft 365 tenant.
The Sign-ins activity report shows that an external contractor signed in to the Exchange admin center.
You need to review access to the Exchange admin center at the end of each month and block sign-ins if
required.
What should you create?
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not Initiate.
Solution: From the Azure portal, you configure the Fraud alert settings for multi-factor authentication (MFA).
Does this meet the goal?
정답: Explanation:
The fraud alert feature lets users report fraudulent attempts to access their resources. When an unknown and suspicious MFA prompt is received, users can report the fraud attempt using the Microsoft Authenticator app or through their phone.
The following fraud alert configuration options are available:
✑ Automatically block users who report fraud.
✑ Code to report fraud during initial greeting.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings
Question No : 4
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not Initiate.
Solution: From the Azure portal, you configure the Block/unblock users settings for multi-factor authentication (MFA).
Does this meet the goal?
정답: Explanation:
You need to configure the fraud alert settings.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings
Question No : 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
You receive more than 100 email alerts each day for failed Azure AD user sign-in attempts.
You need to ensure that a new security administrator receives the alerts instead of you.
Solution: From Azure AD, you modify the Diagnostics settings.
Does this meet the goal?
정답:
Question No : 6
HOTSPOT
You have a Microsoft 365 tenant.
You configure a conditional access policy as shown in the Conditional Access policy exhibit. (Click the Conditional Access policy tab.)
You view the User administrator role settings as shown in the Role setting details exhibit. (Click the Role setting details tab.)
You view the User administrator role assignments as shown in the Rote assignments exhibit. (Click the Role assignments lab.)
For each of the following statement, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
정답:
Question No : 7
You have an Azure Active Directory (Azure AD) tenant.
You configure self-service password reset (SSPR) by using the following settings:
• Require users to register when signing in: Yes
• Number of methods required to reset: 1
What is a valid authentication method available to users?
정답:
Question No : 8
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using Azure AD Connect.
You need to prevent the synchronization of users who have the extensionAttribute15 attribute set to NoSync.
What should you do in Azure AD Connect?
You have a Microsoft 365 tenant.
The Azure Active Directory (Azure AD) tenant contains the groups shown in the following table.
In Azure AD. you add a new enterprise application named Appl.
Which groups can you assign to App1?
정답:
Question No : 10
You have an Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.
For which groups can you create an access review?
정답: Explanation:
You cannot create access reviews for device groups.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review
Question No : 11
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory domain.
The on-premises network contains a VPN server that authenticates to the on-premises Active Directory
domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).
You need to recommend a solution to provide Azure MFA for VPN connections.
What should you include in the recommendation?
정답:
Question No : 12
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant-
Users sign in to computers that run Windows 10 and are joined to the domain.
You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).
You need to configure the computers for Azure AD Seamless SSO.
What should you do?
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?
정답: Explanation:
In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN.
After an initial two-step verification of the user during enrollment, Windows Hello is set up on the user's device and Windows asks the user to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Windows Hello to authenticate users.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview
Question No : 14
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium Plan 2 license.
The tenant contains the users shown in the following table.
You have the Device Settings shown in the following exhibit.
User1 has the devices shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1: Yes
Users may join 5 devices to Azure AD.
Box 2: Yes
Box 3: No
An additional local device administrator has not been applied
Question No : 15
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that contains the following group:
✑ Name: Group1
✑ Members: User1, User2
✑ Owner: User3
On January 15, 2021, you create an access review as shown in the exhibit. (Click the Exhibit tab.)
Users answer the Review1 question as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
정답:
Explanation:
A screenshot of a computer
Description automatically generated with low confidence