SC-300 Exam Details

  • Exam Code
    :SC-300
  • Exam Name
    :Microsoft Identity and Access Administrator
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :465 Q&As
  • Last Updated
    :Jul 09, 2026

Microsoft SC-300 Online Questions & Answers

  • Question 51:

    HOTSPOT

    You have an Azure subscription.

    Azure AD logs are sent to a Log Analytics workspace.

    You need to query the logs and graphically display the number of sign-ins per user.

    How should you complete the query? To answer, select the appropriate options in the answer area.

  • Question 52:

    Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant-Users sign in to computers that run Windows 10 and are joined to the domain.

    You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO).

    You need to configure the computers for Azure AD Seamless SSO.

    What should you do?

    A. Enable Enterprise State Roaming.
    B. Configure Sign-in options.
    C. Install the Azure AD Connect Authentication Agent.
    D. Modify the Intranet Zone settings.

  • Question 53:

    You have a Microsoft 365 E5 subscription that contains a web app named App1.

    Guest users are regularly granted access to App1.

    You need to ensure that the guest users that have NOT accessed App1 during the past 30 days have their access removed. The solution must minimize administrative effort.

    What should you configure?

    A. a Conditional Access policy
    B. a compliance policy
    C. a guest access review
    D. an access review for application access

  • Question 54:

    HOTSPOT

    Your network contains an on-premises Active Directory Domain Services (AD DS) domain. The domain contains 500 Windows 11 devices.

    You have a Microsoft 365 subscription that syncs with the domain.

    You create a Conditional Access policy named Policy1.

    You need to meet the following requirements:

    1. Apply Policy1 to all the Windows devices.

    2. Assess the compliance of the Windows devices with Policy1.

    What should you do for each requirement? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

  • Question 55:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 E5 subscription.

    You create a user named User1.

    You need to ensure that User1 can update the status of Identity Secure Score improvement actions.

    Solution: You assign the User Administrator role to User1.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 56:

    SIMULATION

    Use the following login credentials as needed:

    To enter your username, place your cursor in the Sign in box and click the username below.

    To enter your password, place your cursor in the Enter password box and click the password below.

    Microsoft 365 Username: [email protected]

    Microsoft 365 Password: 1122334455667788

    If the Microsoft 365 portal does not load successfully in the browser, press CTRL+K to reload the portal in a new browser tab.

    The following information is for technical support purposes only:

    Lab Instance: 99999999

    You need to implement a process to review guest users who have access to the Salesforce app. The review must meet the following requirements:

    1. The reviews must occur monthly.

    2. The manager of each guest user must review the access.

    3. If the reviews are NOT completed within five days, access must be removed.

    4. If the guest user does not have a manager, Megan Bowen must review the access.

    To complete this task, sign in to the appropriate admin center.

    A. See the explanation below
    B. PlaceHolder
    C. PlaceHolder
    D. PlaceHolder

  • Question 57:

    You have an Azure subscription that contains a user named User1 and an Azure Key Vault named Vault1.

    You need to ensure that User1 can read the metadata of certificates, keys, and secrets stored in Vault1.

    The solution must follow the principle of least privilege.

    Which role should you assign to User1?

    A. Key Vault Crypto User
    B. Key Vault Crypto Officer
    C. Key Vault Reader
    D. Key Vault Secrets User

  • Question 58:

    You have an Azure AD tenant

    You configure User consent settings to allow users to provide consent to apps from verified publishers.

    You need to ensure that the users can only provide consent to apps that require low impact permissions.

    What should you do?

    A. Create an access package.
    B. Configure permission classifications.
    C. Create an enterprise application collection.
    D. Create an access review.

  • Question 59:

    HOTSPOT

    You have an Azure subscription that contains a user named User1.

    You onboard Microsoft Entra Permissions Management.

    You need to perform the following tasks:

    1. Identify all the accounts that are assigned the Global Administrator role permanently.

    2. Review the Permission Creep Index (PCI) of User1.

    Which tab in Permissions Management should you use for each task? To answer, select the appropriate options in the answer area.

  • Question 60:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a Microsoft 365 tenant.

    All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services. Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.

    You need to block the users automatically when they report an MFA request that they did not initiate.

    Solution: From the Azure portal, you configure the Notifications settings for multi-factor authentication (MFA).

    Does this meet the goal?

    A. Yes
    B. No

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SC-300 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.