Free Microsoft SC-300 Exam Questions
Try our Free Demo Practice Tests for Comprehensive SC-300 Exam Preparation
-
Microsoft SC-300 Exam Questions
-
Provided By: Microsoft
- Exam: Microsoft Identity and Access Administrator
- Certification: Identity and Access Administrator Associate
-
Total Questions: 314
-
Updated On: Mar 26, 2025
-
Rated: 4.9 |
-
Online Users: 628
-
Question 1
-
You have an Azure AD tenant that has multi-factor authentication (MFA) enforced and self-service password reset (SSPR) enabled.
You enable combined registration in interrupt mode.
You create a new user named User1.
Which two authentication methods can User1 use to complete the combined registration process? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Answer: C,E
-
You have an Azure AD tenant that has multi-factor authentication (MFA) enforced and self-service password reset (SSPR) enabled.
-
Question 2
-
You have an Azure Active Directory (Azure AD) tenant.
You configure self-service password reset (SSPR) by using the following settings:
• Require users to register when signing in: Yes
• Number of methods required to reset: 1
What is a valid authentication method available to users?
Answer: B
-
You have an Azure Active Directory (Azure AD) tenant.
-
Question 3
-
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using
Azure AD Connect.
You need to prevent the synchronization of users who have the extensionAttribute15 attribute set to NoSync.
What should you do in Azure AD Connect?
Answer: C
-
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using
-
Question 4
-
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure Azure AD Password Protection.
Does this meet the goal?
Answer: B
-
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
-
Question 5
-
You have an Azure subscription named Sub1 that uses Microsoft Entra Permissions Management. Sub1 contains a user named User1. User1 is granted multiple permissions across Sub1.
You need to replace all the permissions granted to User1 with read-only permissions. The solution must minimize administrative effort.
What should you do on the Remediation tab in Permissions Management?
Answer: C
-
You have an Azure subscription named Sub1 that uses Microsoft Entra Permissions Management. Sub1 contains a user named User1. User1 is granted multiple permissions across Sub1.