SC-300 Practice Test Questions

354 Questions


Topic 4: Misc. Questions

You have an Azure subscription that contains an Azure SQL database named db1.
You deploy an Azure App Service web app named App1 that provide product information to users that connect to App1 anonymously.
You need to provide App1 with Access to db1. The solution must meet the following requirements:

* Credentials must only be available to App1.
* Administrative effort must be minimized.

Which type of credentials should you use?


A. a user-assigned managed identity


B. an Azure AD user account


C. A SQL Server account


D. a system-assigned managed identity





D.   a system-assigned managed identity

You have an Azure AD tenant that contains the users shown in the following table.

You need to compare the role permissions of each user. The solution must minimize administrative effort.
What should you use?


A. the Microsoft 365 Defender portal


B. the Microsoft 365 admin center


C. the Microsoft Entra admin center


D. the Microsoft Purview compliance portal





D.   the Microsoft Purview compliance portal

You have an Azure subscription that contains a resource group named RG1 and four users named User1, User2, User3, and User4. You plan to assign the users the following roles for RG1:

• User1: Reader
• User2: Contributor
• User3: Storage Blob Data Reader
• User4: Virtual Machine Contributor

You are evaluating the use of attribute-based access control (ABAC). Which user's role will support the use of ABAC?


A. User1


B. User2


C. User3


D. User4





C.   User3

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the groups shown in the following table.






You have an Azure AD tenant that contains two users named User1 and User2. You plan to perform the following actions:

  • Create a group named Group 1.
  • Add User1 and User 2 to Group1.
  • Assign Azure AD roles to Group1.
  • You need to create Group1.
Which two settings can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point


A. Group type: Microsoft 365 Membership type: Dynamic User


B. Group type: Security Membership type: Dynamic Device


C. Group type Security Membership type: Dynamic User


D. Group type Security Membership type: Assigned


E. Group type: Microsoft 365 Membership type: Assigned





D.   Group type Security Membership type: Assigned

E.   Group type: Microsoft 365 Membership type: Assigned

You have an Azure subscription named Sub1 that contains a virtual machine named VM1. You need to enable Microsoft Entra login for VM1 and configure VM1 to access the resources in Sub1. Which type of identity should you assign to VM1?


A. system-assigned managed identity


B. Azure Automation account


C. Microsoft Entra user account


D. user-assigned managed identity





A.   system-assigned managed identity

You have an Azure subscription that contains the resources shown in the following table.






You have the Azure resources show in the following table.

To Which identities can you assign the Contributor role for RG1?


A. User1 only


B. User1 and Group1 only


C. User1 and VW1 only


D. User1, VM1, and App1 only


E. User1, Group1, Vm1, and App1





E.   User1, Group1, Vm1, and App1

You have an Azure AD tenant named Contoso that contains a terms of use (ToU) named Terms1 and an access package. Contoso users collaborate with an external organization named Fabrikam. Fabrikam users must accept Terms1 before being allowed to use the access package. You need to identify which users accepted or declined Terms1. What should you use?


A. provisioning logs


B. the Usage and Insights report


C. sign-in logs


D. audit logs





D.   audit logs

Your company has two divisions named Contoso East and Contoso West. The Microsoft 365 identity architecture tor both divisions is shown in the following exhibit.


A. Configure the exiting Azure AD Connect server in Contoso Cast to sync the Contoso East Active Directory forest to the Contoso West tenant.


B. Configure Azure AD Application Proxy in the Contoso West tenant.


C. Deploy a second Azure AD Connect server to Contoso East and configure the server to sync the Contoso East Active Directory forest to the Contoso West tenant.


D. Invite the Contoso East users as guests in the Contoso West tenant.





A.   Configure the exiting Azure AD Connect server in Contoso Cast to sync the Contoso East Active Directory forest to the Contoso West tenant.

A user named User1 receives an error message when attempting to access the Microsoft Defender for Cloud Apps portal. You need to identify the cause of the error. The solution must minimize administrative effort. What should you use?


A. Log Analytics


B. sign-in logs


C. audit logs


D. provisioning logs





B.   sign-in logs

You have an Azure subscription. The subscription contains 50 virtual machines that run Windows Server. You enable Microsoft Entra login for the virtual machines. Users report that they cannot sign in to the virtual machines by using their Microsoft Entra credentials. You need to ensure that the users can sign in to the virtual machines. What should you do first?


A. Ensure that the virtual machines can access https://enterpriseregistration.windows.net.


B. Revoke the primary refresh token.


C. From the Microsoft Entra admin center, delete the device registrations of the virtual machines


D. Enable SSH client support for OpenSSH.





A.   Ensure that the virtual machines can access https://enterpriseregistration.windows.net.


Page 13 out of 30 Pages
Previous