Free Microsoft SC-300 Exam Questions

Note: This question is part of a series of questions that present the same scenario. Each question inthe series contains a unique solution that might meet the stated goals. Some question sets mighthave more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it as a result, thesequestions will not appear in the review screen.You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHubaccount.You deploy an Azure subscription and enable Microsoft 365 Defender.You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defenderfor Cloud Apps.Solution: From the Microsoft 365 Defender portal, you add the Amazon Web Services app connector.Does this meet the goal? 

Note: This question is part of a series of questions that present the same scenario. Each question inthe series contains a unique solution that might meet the stated goals. Some question sets mighthave more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have an Active Directory forest that syncs to a Microsoft Entra tenant.You discover that when a user account is disabled in Active Directory, the disabled user can stillauthenticate to Microsoft Entra for up to 30 minutes.You need to ensure that when a user account is disabled in Active Directory, the user account isimmediately prevented from authenticating to Microsoft Entra.Solution: You configure Microsoft Entra Password Protection.Does this meet the goal?

You have an Azure subscription that contains a storage account named storage1 and a web app named WebApp1. WebApp1 uses a system-assigned managed identity. You need to ensure that WebApp1 can read and write files to storage1 by using the system-assigned managed identity. What should you configure for storage1 in the Azure portal?

Note: This question is part of a series of questions that present the same scenario. Each question inthe series contains a unique solution that might meet the stated goals. Some question sets mighthave more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have an Active Directory forest that syncs to a Microsoft Entra tenant.You discover that when a user account is disabled in Active Directory, the disabled user can stillauthenticate to Microsoft Entra for up to 30 minutes.You need to ensure that when a user account is disabled in Active Directory, the user account isimmediately prevented from authenticating to Microsoft Entra.Solution: You configure Microsoft Entra Password Protection.Does this meet the goal?

You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1.SecAdmin1 isassigned the Security administrator role.SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf ofnonadministrativeusers. The solution must use the principle of least privilege.Which role should you assign to SecAdmin1?