1. Home
  2. Microsoft
  3. SC-300

Microsoft Identity and Access Administrator

Exam Details

  • Exam Code
    :SC-300
  • Exam Name
    :Microsoft Identity and Access Administrator
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :305 Q&As
  • Last Updated
    :Mar 29, 2025

Microsoft Microsoft Certifications SC-300 Questions & Answers

  • Question 121:

    You have an Azure AD tenant that contains two users named User1 and User2. You plan to perform the following actions:

    1.

    Create a group named Group1.

    2.

    Add User1 and User2 to Group1.

    3.

    Assign Azure AD roles to Group1.

    You need to create Group1.

    Which two settings can you use? Each correct answer presents a complete solution.

    NOTE: Each correct selection is worth one point.

    A. Group type: Microsoft 365 - Membership type: Assigned

    B. Group type: Security - Membership type: Assigned

    C. Group type: Security - Membership type: Dynamic User

    D. Group type: Microsoft 365 - Membership type: Dynamic User

    E. Group type: Security - Membership type: Dynamic Device

  • Question 122:

    You have an Azure subscription that contains the custom roles shown in the following table.

    You need to create a custom Azure subscription role named Role3 by using the Azure portal. Role3 will use the baseline permissions of an existing role. Which roles can you clone to create Role3?

    A. Role2 only

    B. built-in Azure subscription roles only

    C. built-in Azure subscription roles and Role2 only

    D. built-in Azure subscription roles and built-in Azure AD roles only

    E. Role1, Role2 built-in Azure subscription roles, and built-in Azure AD roles

  • Question 123:

    You have a Microsoft 365 subscription that contains the following:

    1.

    An Azure Active Directory (Azure AD) tenant that has an Azure Active Directory Premium P2 license

    2.

    A Microsoft SharePoint Online site named Site1

    3.

    A Microsoft Teams team named Team1

    You need to create an entitlement management workflow to manage Site1 and Team1.

    What should you do first?

    A. Create an access package.

    B. Create a catalog.

    C. Create an administrative unit.

    D. Configure an app registration.

  • Question 124:

    You have an Azure Active Directory Premium P2 tenant.

    You create a Log Analytics workspace.

    You need to ensure that you can view Azure Active Directory (Azure AD) audit log information by using Azure Monitor.

    What should you do first?

    A. Run the Set-AzureADTenantDetail cmdlet.

    B. Create an Azure AD workbook.

    C. Modify the Diagnostics settings for Azure AD.

    D. Run the Get-AzureADAuditDirectoryLogs cmdlet.

  • Question 125:

    You have a Microsoft 365 E5 subscription.

    You need to create a Microsoft Defender for Cloud Apps session policy.

    What should you do first?

    A. From the Microsoft Defender for Cloud Apps portal, select User monitoring.

    B. From the Microsoft Defender for Cloud Apps portal, select App onboarding/maintenance

    C. From the Azure Active Directory admin center, create a Conditional Access policy.

    D. From the Microsoft Defender for Cloud Apps portal, create a continuous report.

  • Question 126:

    You have an Azure Active Directory (Azure AD) tenant.

    You open the risk detections report.

    Which risk detection type is classified as a user risk?

    A. password spray

    B. anonymous IP address

    C. malicious IP address

    D. leaked credentials

  • Question 127:

    You have an Azure Active Directory (Azure AD) tenant that contains cloud-based enterprise apps.

    You need to group related apps into categories in the My Apps portal.

    What should you create?

    A. tags

    B. collections

    C. naming policies

    D. dynamic groups

  • Question 128:

    You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains an Azure AD enterprise application named App1.

    A contractor uses the credentials of [email protected].

    You need to ensure that you can provide the contractor with access to App1. The contractor must be able to authenticate as [email protected].

    What should you do?

    A. Run the New-AzureADMSInvitation cmdlet.

    B. Configure the External collaboration settings.

    C. Add a WS-Fed identity provider.

    D. Implement Azure AD Connect.

  • Question 129:

    You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.

    From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users.

    You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.

    What should you use?

    A. the Administrative units blade in the Azure Active Directory admin center

    B. the Set-AzureAdUser cmdlet

    C. the Groups blade in the Azure Active Directory admin center

    D. the Set-MsolUserLicense cmdlet

  • Question 130:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.

    You receive more than 100 email alerts each day for failed Azure AD user sign-in attempts.

    You need to ensure that a new security administrator receives the alerts instead of you.

    Solution: From Azure AD, you modify the Diagnostics settings.

    Does this meet the goal?

    A. Yes

    B. No

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-300 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.