최신 SC-300 무료덤프 - Microsoft Identity and Access Administrator
You have an on-premises datacenter that contains the hosts shown in the following table.
You have an Azure Active Directory (Azure AD) tenant that syncs to the Active Directory forest. Multi-factor authentication (MFA) is enforced for Azure AD.
You need to ensure that you can publish App1 to Azure AD users.
What should you configure on Server and Firewall1? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
You have an Azure Active Directory (Azure AD) tenant that syncs to the Active Directory forest. Multi-factor authentication (MFA) is enforced for Azure AD.
You need to ensure that you can publish App1 to Azure AD users.
What should you configure on Server and Firewall1? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy
You have an Azure AD tenant contains the users shown in the following table.
In Azure AD Privileged Identity Management (PIM), you configure the Global Administrator role as shown in the following exhibit.
User 1 is eligible for the Global Administrator role.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
In Azure AD Privileged Identity Management (PIM), you configure the Global Administrator role as shown in the following exhibit.
User 1 is eligible for the Global Administrator role.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a Microsoft 365 tenant that has 5,000 users. One hundred of the users are executives. The executives have a dedicated support team.
You need to ensure that the support team can reset passwords and manage multi-factor authentication (MFA) settings for only the executives. The solution must use the principle of least privilege.
Which object type and Azure Active Directory (Azure AD) role should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to ensure that the support team can reset passwords and manage multi-factor authentication (MFA) settings for only the executives. The solution must use the principle of least privilege.
Which object type and Azure Active Directory (Azure AD) role should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have an Azure subscription named Sub1.
You purchase a Microsoft Entra Permissions Management license.
You need to onboard Permissions Management.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE; Each correct selection is worth one point.
You purchase a Microsoft Entra Permissions Management license.
You need to onboard Permissions Management.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE; Each correct selection is worth one point.
정답: B,E
You have a Microsoft Entra tenant that contains the users shown in the following table.
The tenant contains the identities shown in the following table.
Which users can create custom security attributes, and to which identities can the attributes be assigned? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
The tenant contains the identities shown in the following table.
Which users can create custom security attributes, and to which identities can the attributes be assigned? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a hybrid Microsoft 365 subscription that contains the users show in the following table.
You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to deploy an on-premises app1. App1 will be registered in Azure AD and will use Azure AD Application Proxy.
You need to delegate the installation of the Application Proxy connector and ensure that User1 can register App1 in Azure AD. The solution must use the principle of least privilege.
Which user should perform the installation, and which role should you assign to Users1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Your network contains an on-premises Active Directory domain named contoso.com that syncs with a Microsoft Entra tenant by using Microsoft Entra Connect. The domain contains the users shown in the following table.
From Active Directory Users and Computers, you add the following user
* Name: User3
* UPN: [email protected]
* Proxy addresses: smtp: [email protected], smtp: [email protected]
From Active Directory Users and Computers, you update the proxyAddresses attribute for each user as shown in the following table.
You trigger a manual synchronization.
Which sync status will Microsoft Entra Connect sync return for each user? To answer, drag the appropriate status to the correct users. Each status may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
From Active Directory Users and Computers, you add the following user
* Name: User3
* UPN: [email protected]
* Proxy addresses: smtp: [email protected], smtp: [email protected]
From Active Directory Users and Computers, you update the proxyAddresses attribute for each user as shown in the following table.
You trigger a manual synchronization.
Which sync status will Microsoft Entra Connect sync return for each user? To answer, drag the appropriate status to the correct users. Each status may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have an Azure AD tenant that contains multiple storage accounts.
You plan to deploy multiple Azure App Service apps that will require access to the storage accounts.
You need to recommend an identity solution to provide the apps with access to the storage accounts. The solution must minimize administrative effort.
Which type of identity should you recommend, and what should you recommend using to control access to the storage accounts? To answer, select the appropriate options in the answer area.
You plan to deploy multiple Azure App Service apps that will require access to the storage accounts.
You need to recommend an identity solution to provide the apps with access to the storage accounts. The solution must minimize administrative effort.
Which type of identity should you recommend, and what should you recommend using to control access to the storage accounts? To answer, select the appropriate options in the answer area.
정답:
Explanation:
You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1. SecAdmin1 is assigned the Security administrator role.
SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.
You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?
SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.
You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure AD tenant that contains a user named User1 and the conditional access policies shown in the following table.
You need to evaluate which policies will be applied User1 when User1 attempts to sign-in from various IP addresses.
Which feature should you use?
You need to evaluate which policies will be applied User1 when User1 attempts to sign-in from various IP addresses.
Which feature should you use?
정답: A
You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
You plan to implement Azure AD Identity Protection.
Which users can configure the user risk policy, and which users can view the risky users report? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
You plan to implement Azure AD Identity Protection.
Which users can configure the user risk policy, and which users can view the risky users report? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
You have an Azure AD tenant that contains the users shown in the following table.
The tenant has the authentication methods shown in the following table.
Which users will sign in to cloud apps by matching a number shown in the app with a number shown on their phone?
The tenant has the authentication methods shown in the following table.
Which users will sign in to cloud apps by matching a number shown in the app with a number shown on their phone?
정답: C
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You need to ensure that User1 can create new catalogs and add resources to the catalogs they own.
What should you do?
You need to ensure that User1 can create new catalogs and add resources to the catalogs they own.
What should you do?
정답: C
You have a Microsoft 365 E5 subscription that contains two users named User1 and User2.
You need to ensure that User1 can create access reviews for groups, and that User2 can review the history report for all the completed access reviews. The solution must use the principle of least privilege.
Which role should you assign to each user? To answer, drag the appropriate roles to the correct users. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.
You need to ensure that User1 can create access reviews for groups, and that User2 can review the history report for all the completed access reviews. The solution must use the principle of least privilege.
Which role should you assign to each user? To answer, drag the appropriate roles to the correct users. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have an Azure AD tenant and an Azure web app named App1.
You need to provide guest users with self-service sign-up for App1. The solution must meet the following requirements:
* Guest users must be able to sign up by using a one-time password.
* The users must provide their first name, last name, city, and email address during the sign-up process.
What should you configure in the Azure Active Directory admin center for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to provide guest users with self-service sign-up for App1. The solution must meet the following requirements:
* Guest users must be able to sign up by using a one-time password.
* The users must provide their first name, last name, city, and email address during the sign-up process.
What should you configure in the Azure Active Directory admin center for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have an Azure AD tenant that contains the users shown in the following table.
User2 reports that he can only configure multi-factor authenticating (MFA) to use the Microsoft Authenticator app.
You need to ensure that User2 can configure alternate MFA methods.
Which configuration is required, and which user should perform the configuration? To answer, select the appropriate options in the answer area.
User2 reports that he can only configure multi-factor authenticating (MFA) to use the Microsoft Authenticator app.
You need to ensure that User2 can configure alternate MFA methods.
Which configuration is required, and which user should perform the configuration? To answer, select the appropriate options in the answer area.
정답:
Explanation:
You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory domain.
The on-premises network contains a VPN server that authenticates to the on-premises Active Directory domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).
You need to recommend a solution to provide Azure MFA for VPN connections.
What should you include in the recommendation?
The on-premises network contains a VPN server that authenticates to the on-premises Active Directory domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).
You need to recommend a solution to provide Azure MFA for VPN connections.
What should you include in the recommendation?
정답: C