Exam SC-300: Microsoft Identity and Access Administrator
| Exam Number: SC-300 | Length of test: 120 mins |
| Exam Name: Microsoft Identity and Access Administrator | Number of questions in the actual exam: 40-60 |
| Format: PDF, VPLUS | Passing Score: 700/1000 |
|
Total Questions: 290 $30 Premium PDF file 2 months updates Last updated: November-2024 |
Total Questions: 290 FREE Premium VPLUS file Last updated: November-2024 |
Download practice test questions
| Title | Size | Hits | Download |
|---|---|---|---|
| Microsoft.SC-300.vOct-2024.by.Unamo.125q | 5.71 MB | 45 | Download |
| Microsoft.SC-300.vOct-2024.by.Unamo.125q | 7.12 MB | 26 | Download |
| Microsoft.SC-300.vMay-2024.by.HerryQuan.119q | 9.87 MB | 113 | Download |
| Microsoft.SC-300.vFeb-2024.by.Isata.111q | 11.03 MB | 82 | Download |
| Microsoft.SC-300.vJan-2024.byLioanRun.100q | 7.95 MB | 67 | Download |
Study guide for Exam SC-300: Microsoft Identity and Access Administrator
Audience profile
As a Microsoft identity and access administrator, you design, implement, and operate an organization’s identity and access management by using Microsoft Entra. You configure and manage identities throughout their lifecycles for users, devices, Microsoft Azure resources, and applications. You are responsible for ensuring the application of Zero Trust principles for identity and access solutions.
As an identity and access administrator, you provide seamless experiences and self-service management capabilities for users. You plan and implement identity, authentication, and authorization to enable access across applications and resources. You’re also responsible for troubleshooting, monitoring, and reporting on identity and access.
You collaborate with many other roles in the organization to drive strategic identity projects, modernize identity solutions, implement hybrid identity solutions, and implement identity governance.
You should be familiar with Azure, Microsoft 365 services and workloads, and Active Directory Domain Services (AD DS). You should also be familiar with PowerShell and Kusto Query Language (KQL).
Skills at a glance
Implement and manage user identities (20–25%)
- Configure and manage a Microsoft Entra tenant
- Create, configure, and manage Microsoft Entra identities
- Implement and manage identities for external users and tenants
- Implement and manage hybrid identity
Implement authentication and access management (25–30%)
- Plan, implement, and manage Microsoft Entra user authentication
- Plan, implement, and manage Microsoft Entra Conditional Access
- Manage risk by using Microsoft Entra ID Protection
- Implement access management for Azure resources by using Azure roles
- Implement Global Secure Access
Plan and implement workload identities (20–25%)
- Plan and implement identities for applications and Azure workloads
- Plan, implement, and monitor the integration of enterprise applications
- Plan and implement app registrations
- Manage and monitor app access by using Microsoft Defender for Cloud Apps
Plan and automate identity governance (25–30%)
- Plan and implement entitlement management in Microsoft Entra
- Plan, implement, and manage access reviews in Microsoft Entra
- Plan and implement privileged access
- Monitor identity activity by using logs, workbooks, and reports
- Plan and implement Microsoft Entra Permissions Management
Some new questions:
Q
You have a Microsoft Entra tenant.
You need to configure continuous access evaluation for app sign-ins and assign the configuration to users that are assigned the Application Administrator role.
What should you configure?
A. a Conditional Access policy
B. the Admin consent settings
C. a sign-in risk policy
D. an access review
Q
You have a Microsoft Entra tenant.
You need to create a Conditional Access policy to manage administrative access to the tenant. The solution must ensure that administrators are authenticated by using a phishing-resistant multi-factor authentication (MFA) method.
Which three authentication methods should you include in the solution? Each correct answer presents a complete solution.
A. Windows Hello for Business
B. an FID02 security key
C. certificate-based authentication (multi-factor)
D. voice call
E. SMS
F. email OTP
G. certificate-based authentication (single-factor)
H. Microsoft Authenticator
Q
You have a Microsoft 365 E5 subscription.
You need to ensure that users are prompted to accept a custom terms of use (Toll) agreement when they sign in to the subscription.
What should you configure?
A. an access package
B. a Conditional Access policy
C. a lifecycle workflow
D. an authentication method
Q
DRAG DROP
You have an Azure subscription that contains the resources shown in the following table.
The subscription uses Privileged Identity Management (PIM).
You need to configure the following access controls by using PIM:
* Ensure that User1 can read and update Secret1.
* Ensure that User2 can read the contents of the secrets stored in Vault2.
The solution must follow the principle of least privilege.
Which authorization method should you use for each user?
………..