Curious about Actual Microsoft Identity and Access Administrator Associate (SC-300) Exam Questions?
Here are sample Microsoft Identity and Access Administrator (SC-300) Exam questions from real exam. You can get more Microsoft Identity and Access Administrator Associate (SC-300) Exam premium practice questions at TestInsights.
You have an Azure subscription that contains a virtual machine named VM1 and an Azure key vault named Vault1. VM1 has a system-assigned managed identity. You need to ensure that VM1 can retrieve the values of secrets stored in Vault 1. The solution must minimize administrative effort. What should you do first?
Correct : D
Start a Discussions
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You plan to increase app security for the subscription.
You need to identify which apps do NOT require user authentication
What should you do in the Microsoft 365 Defender portal?
Correct : A
Start a Discussions
Task 1
You need to deploy multi factor authentication (MFA). The solution must meet the following requirements:
* Require MFA registration only for members of the Sg-Finance group.
* Exclude Debra Berger from having to register for MFA.
* Implement the solution without using a Conditional Access policy.
Correct : A
To deploy Multi-Factor Authentication (MFA) for only the members of the Sg-Finance group, excluding Debra Berger, and without using a Conditional Access policy, you can follow these steps:
Open the Microsoft Entra admin center:
Sign in as a Security Administrator or Global Administrator.
Navigate to MFA settings:
Go toUsers>Active users.
On theActive userspage, selectMulti-factor authentication.
Manage user settings:
Find and select theSg-Financegroup.
Enable MFA for this group by setting therequirement statustoEnabled.
Exclude a user from MFA:
In theMulti-factor authenticationpage, search forDebra Berger.
Set her MFA status toDisabledto exclude her from MFA registration.
Verify the configuration:
Ensure that all members of the Sg-Finance group have MFA enabled except for Debra Berger.
Communicate the change:
Inform the Sg-Finance group members about the MFA requirement and provide instructions on how to register for MFA.
Monitor the setup:
Check the sign-in logs to confirm that MFA is being prompted for the Sg-Finance group members and not for Debra Berger.
Start a Discussions
Task 2
You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements:
* The reviews must occur monthly.
* The manager of each guest user must review the access.
* If the reviews are NOT completed within five days, access must be removed.
* If the guest user does not have a manager, Megan Bowen must review the access.
Correct : A
To implement a process for reviewing guest users' access to the Salesforce app with the specified requirements, you can use Microsoft Entra's Identity Governance access reviews feature. Here's a step-by-step guide:
Assign the appropriate role:
Navigate to Identity Governance:
Sign in to the Microsoft Entra admin center.
Go to Identity governance > Access reviews1.
Create a new access review:
Select New access review.
Choose the Salesforce app to review guest user access1.
Configure the review settings:
Set the frequency of the review to monthly.
Define the duration of the review period to 5 days1.
Determine the reviewers:
Assign the manager of each guest user as the reviewer.
If a guest user does not have a manager, assign Megan Bowen as the reviewer1.
Automate the removal process:
Monitor and enforce compliance:
Regularly check the access review results to ensure compliance with the review policy1.
Communicate the process:
Inform all stakeholders about the new review process and provide guidance on how to complete the reviews.
By following these steps, you can ensure that guest users' access to the Salesforce app is reviewed monthly, with managers being responsible for the review, and access is removed if the review is not completed in time.
Start a Discussions
Task 3
You need to add the Linkedln application as a resource to the Sales and Marketing access package. The solution must NOT remove any other resources from the access package.
Correct : A
To add the LinkedIn application as a resource to the Sales and Marketing access package without removing any other resources, you can follow these steps:
Sign in to the Microsoft Entra admin center:
Ensure you have the role of Global Administrator or Identity Governance Administrator.
Navigate to Entitlement Management:
Go toIdentity governance>Entitlement management>Access packages1.
Select the Sales and Marketing access package:
Find and select theSales and Marketingaccess package to modify it.
Add a new resource:
Within the access package details, selectResources.
Click on+ Add resource.
Search for and select theLinkedInapplication from the list of available resources.
Configure the resource role:
Assign the appropriate role for the LinkedIn application that users in the Sales and Marketing access package will have.
Review and update the access package:
Ensure that the LinkedIn application has been added as a resource.
Confirm that no other resources have been removed from the access package.
Save the changes:
After reviewing, save the changes to the access package.
Communicate the update:
Notify the relevant users about the addition of the LinkedIn application to their access package.
By following these steps, you will successfully add the LinkedIn application to the Sales and Marketing access package without affecting the other resources.
Start a Discussions
Total 290 questions