Microsoft Certified: Identity and Access Administrator Associate - (SC-300) Exam Questions
Question 1 Single Choice
As the lead cloud administrator for GetCloudSkills, you have recently hired a new employee responsible for Azure AD support issues. The new employee should be able to reset passwords for all types of users, including those with user admin, global admin, or password admin roles. However, you must ensure that you follow the principle of least privilege when granting access. Which role should you grant to the new employee?
Question 2 Single Choice
You recently created a new Azure AD Tenant for your organization, GetCloudSkills. The default domain assigned to you is getcloudskills.onmicrosoft.com, but you want to use your own custom domain, getcloudskills.com. You have added the custom domain through the Azure portal, but now you need to validate that you are the owner of the custom domain through your registrar. What type of record do you need to add to your domain registrar?
Question 3 Multiple Choice
Azure Active Directory allows you to create two different types of groups. Choose the two groups that can be created.
Question 4 Single Choice
As an Azure Administrator for your organization, you are responsible for creating multiple security groups and assigning users to them based on specific profile attributes. The process should be automated so that new users are automatically added to the appropriate group when they join the organization. What type of group should you configure?
Question 5 Single Choice
Your organization has set up Azure AD Connect to facilitate its Hybrid cloud ventures and has synchronized all on-premises Active Directory users to Azure AD. In order to comply with organizational regulations, you need to make sure that you can apply password policies and restrict user sign-in hours. You require a cloud authentication method that requires minimal administrative effort. Which authentication method would you suggest?
Question 6 Single Choice
Your organization is interested in utilizing group-based licensing, which enables automatic assignment of different licenses to users based on their membership in security groups. As the cloud administrator, could you confirm which license is required for your users to be eligible for group-based licensing?
Question 7 Single Choice
As the cloud administrator for GetCloudSkills, you have been assigned the responsibility to implement multi-factor authentication for all of your users. To prepare for this, you need to ensure that all users are registered correctly for multi-factor authentication. Can you identify which one of the following options cannot be used as an authentication method?
Question 8 Single Choice
Your company is currently evaluating its operational procedures to identify areas where efficiencies can be optimized. One concern is the substantial time that Help Desk Administrators are spending on user issues. Can you suggest a service that can be implemented to lower the number of calls and tickets that Help Desk Administrators receive?
Question 9 Single Choice
You are interested in enhancing your organization's security posture after learning about security breaches and hacks that have affected other organizations through the news. You have been researching Azure Identity Protection and now you plan to assign a team to commence the implementation of this service. The team needs full access to Identity Protection but doesn't require the ability to reset passwords. To follow the principle of least privilege, what role should you grant this new team?
Question 10 Single Choice
Your organization is contemplating the possibility of allowing employees to work remotely and access the company's resources through their personal devices. However, to safeguard against potential data loss and ensure data security, your organization must ensure that only approved applications can access the company's data. What measures can be taken to meet this requirement?
