1. Home
  2. Microsoft
  3. SC-300

Microsoft SC-300 Online Practice Questions and Exam Preparation

SC-300 Exam Details

  • Exam Code
    :SC-300
  • Exam Name
    :Microsoft Identity and Access Administrator
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :465 Q&As
  • Last Updated
    :May 29, 2026

Microsoft SC-300 Online Questions & Answers

  • Question 121:

    Your company requires that users request access before they can access corporate applications.

    You register a new enterprise application named MyApp1 in Azure Active Directory (Azure AD) and configure single sign-on (SSO) for MyApp1.

    Which settings should you configure next for MyApp1?

    A. Self-service
    B. Provisioning
    C. Application proxy
    D. Roles and administrators

  • Question 122:

    You have an Azure Active Directory (Azure AD) tenant that contains cloud-based enterprise apps.

    You need to group related apps into categories in the My Apps portal.

    What should you create?

    A. tags
    B. collections
    C. naming policies
    D. dynamic groups

  • Question 123:

    HOTSPOT

    You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.

    The users have the devices shown in the following table.

    You create the following two Conditional Access policies:

    Name: CAPolicy1

    Assignments

    Users or workload identities: Group 1

    Cloud apps or actions: Office 365 SharePoint Online Conditions

    Filter for devices: Exclude filtered devices from the policy

    Rule syntax: device.displayName -starts With "Device*"

    Access controls

    Grant: Block access

    Session: 0 controls selected

    Enable policy: On

    Name: CAPolicy2

    Assignments

    Users or workload identities: Group2

    Cloud apps or actions: Office 365 SharePoint Online Conditions: 0 conditions selected

    Access controls

    Grant: Grant access

    Require multifactor authentication Session:

    controls selected

    Enable policy: On

    All users confirm that they can successfully authenticate using MFA.

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

  • Question 124:

    You have a Microsoft Entra tenant.

    You need to ensure that users must request admin approval before granting permissions to apps.

    What should you configure?

    A. Conditional Access
    B. Admin consent workflow
    C. Access reviews
    D. Identity governance

  • Question 125:

    SIMULATION

    Use the following login credentials as needed:

    To enter your username, place your cursor in the Sign in box and click the username below.

    To enter your password, place your cursor in the Enter password box and click the password below.

    Microsoft 365 Username: [email protected]

    Microsoft 365 Password: 1122334455667788

    If the Microsoft 365 portal does not load successfully in the browser, press CTRL+K to reload the portal in a new browser tab.

    The following information is for technical support purposes only:

    Lab Instance: 99999999

    Your company is developing a new custom web app named App1.

    You need to register App1 with Microsoft Entra ID. Authenticated users must be redirected to the URI https://app1.contoso.com.

    To complete this task, sign in to the appropriate admin center.

    A. See the explanation below
    B. PlaceHolder
    C. PlaceHolder
    D. PlaceHolder

  • Question 126:

    You have a Microsoft Entra tenant.

    You configure self-service password reset (SSPR) by using the following settings:

    Require users to register when signing in: Yes Number of methods required to reset: 1

    What is a valid authentication method available to users?

    A. an email to an address outside your organization
    B. a mobile app notification
    C. a smartcard
    D. an email to an address in your organization

  • Question 127:

    You have a Microsoft 365 tenant.

    The Azure Active Directory (Azure AD) tenant syncs to an on-premises Active Directory domain.

    You plan to create an emergency-access administrative account named Emergency1.

    Emergency1 will be assigned the Global administrator role in Azure AD. Emergency1 will be used in the event of Azure AD functionality failures and on-premises infrastructure failures.

    You need to reduce the likelihood that Emergency1 will be prevented from signing in during an emergency.

    What should you do?

    A. Configure Azure Monitor to generate an alert if Emergency1 is modified or signs in.
    B. Require Azure AD Privileged Identity Management (PIM) activation of the Global administrator role for Emergency1.
    C. Configure a conditional access policy to restrict sign-in locations for Emergency1 to only the corporate network.
    D. Configure a conditional access policy to require multi-factor authentication (MFA) for Emergency1.

  • Question 128:

    HOTSPOT

    You have a Microsoft 365 tenant.

    Sometimes, users use external, third-party applications that require limited access to the Microsoft 365 data of the respective user. The users register the applications in Azure Active Directory (Azure AD).

    You need to receive an alert if a registered application gains read and write access to the users' email.

    What should you do? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 129:

    You have an Azure AD tenant synchronized with an on-premises Active Directory domain.

    You need to prevent specific users from being synchronized to Azure AD based on an attribute.

    What should you configure?

    A. Outbound synchronization rule
    B. Inbound synchronization rule
    C. Export run profile
    D. Staging mode

  • Question 130:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account.

    You deploy an Azure subscription and enable Microsoft 365 Defender

    You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps.

    Solution: From the Microsoft 365 Defender portal, you add the Microsoft Azure app connector.

    Does this meet the goal?

    A. Yes
    B. No

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-300 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.