1. Home
  2. Microsoft
  3. SC-300

Microsoft Identity and Access Administrator

Exam Details

  • Exam Code
    :SC-300
  • Exam Name
    :Microsoft Identity and Access Administrator
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :305 Q&As
  • Last Updated
    :Mar 29, 2025

Microsoft Microsoft Certifications SC-300 Questions & Answers

  • Question 51:

    You have an Azure Active Directory (Azure AD) tenant.

    You configure self-service password reset (SSPR) by using the following settings:

    1.

    Require users to register when signing in: Yes

    2.

    Number of methods required to reset: 1

    What is a valid authentication method available to users?

    A. an email to an address outside your organization

    B. a smartcard

    C. an FID02 security token

    D. a Microsoft Teams chat

  • Question 52:

    You have an Azure Active Directory (Azure AD) tenant.

    You configure self-service password reset (SSPR) by using the following settings:

    1.

    Require users to register when signing in: Yes

    2.

    Number of methods required to reset: 1

    What is a valid authentication method available to users?

    A. home prions

    B. mobile app notification

    C. a mobile app code

    D. an email to an address in your organization

  • Question 53:

    You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

    The tenant has the authentication methods shown in the following table.

    Which users will sign in to cloud apps by matching a number shown in the app with a number shown on their phone?

    A. User1 only

    B. User2 only

    C. User3 only

    D. User1 and User2 only

    E. User2 and User3 only

  • Question 54:

    You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the conditional access policies shown in the following table.

    You need to evaluate which policies will be applied to User1 when User1 attempts to sign-in from various IP addresses. Which feature should you use?

    A. Access reviews

    B. Identity Secure Score

    C. The What If tool

    D. the Microsoft 365 network connectivity test tool

  • Question 55:

    You create a conditional access policy that blocks access when a user triggers a high-severity sign-in alert. You need to test the policy under the following conditions:

    1.

    A user signs in from another country.

    2.

    A user triggers a sign-in risk. What should you use to complete the test?

    A. the Conditional Access What If tool

    B. sign-ins logs in Azure Active Directory (Azure AD)

    C. the activity logs in Microsoft Defender for Cloud Apps

    D. access reviews in Azure Active Directory (Azure AD)

  • Question 56:

    You have an Azure subscription that contains an Azure SQL database named db1.

    You deploy an Azure App Service web app named App1 that provides product information to users that connect to App1 anonymously.

    You need to provide App1 with access to db1. The solution must meet the following requirements:

    1.

    Credentials must only be available to App1.

    2.

    Administrative effort must be minimized. Which type of credentials should you use?

    A. a system-assigned managed identity

    B. an Azure Active Directory (Azure AD) user account

    C. a SQL Server account

    D. a user-assigned managed identity

  • Question 57:

    You have an Azure AD tenant.

    You open the risk detections report.

    Which risk detection type is classified as a user risk?

    A. password spray

    B. anonymous IP address

    C. unfamiliar sign-in properties

    D. Azure AD threat intelligence

  • Question 58:

    You have a Microsoft 365 tenant.

    All users have mobile phones and Windows 10 laptops.

    The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptops to a wired network that has internet access.

    You plan to implement multi-factor authentication (MFA).

    Which MFA authentication method can the users use from the remote location?

    A. voice

    B. Windows Hello for Business

    C. email

    D. security questions

  • Question 59:

    You create a new Microsoft 365 E5 tenant.

    You need to ensure that when users connect to the Microsoft 365 portal from an anonymous IP address, they are prompted to use multi-factor authentication (MFA).

    What should you configure?

    A. a sign-in risk policy

    B. a user risk policy

    C. an MFA registration policy

  • Question 60:

    You have an Azure Active Directory (Azure AD) tenant that contains the users shown in, the following table.

    The User settings for enterprise applications have the following configurations:

    1.

    Users can consent to apps accessing company data on their behalf: No

    2.

    Users can consent to apps accessing company data for the groups they own: No

    3.

    Users can request admin consent to apps they are unable to consent to: Yes

    4.

    Who can review admin consent requests: Admin2, User2

    User1 attempts, to add an app that requires consent to access company data. Which user can provide consent?

    A. User1

    B. User2

    C. Admin1

    D. Admin2

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-300 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.