Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

SC-300: Implement an Authentication and Access Management solution Microsoft Quiz Answers

Get SC-300: Implement an Authentication and Access Management solution Microsoft Quiz Answers

Implement and administer your access management using Azure AD. Use MFA, Conditional Access, and identity protection to manager your identity solution. Aligned to SC-300 exam.

This learning path helps prepare you for Exam SC-300: Microsoft Identity and Access Administrator.

Prerequisites:

None

Enroll On Microsoft

Module 1: Secure Azure Active Directory users with Multi-Factor Authentication

Learn how to use multi-factor authentication with Azure AD to harden your user accounts.

Learning objectives:

In this module, you will:

  • Learn about Azure AD Multi-Factor Authentication (Azure AD MFA)
  • Create a plan to deploy Azure AD MFA
  • Turn on Azure AD MFA for users and specific apps

Prerequisites:

  • Basic knowledge of the Azure portal
  • Basic knowledge of Azure Active Directory

This module is part of these learning paths:

Quiz 1: Configure multi-factor authentication methods

Q1. Which of the following authentication methods is not available for MFA?

  • Text message
  • Microsoft Authenticator app
  • Security questions

Q2. Which of the following authentication methods cannot be disabled?

  • Text message
  • Password
  • Microsoft Authenticator app

Q3. True or False. You must activate multi-factor authentication for all users in the directory you enable it in.

  • True
  • False

Module 2: Manage user authentication

There are multiple options for authentication in Azure AD. Learn how to implement and manage the right authentications for users based on business needs.

Learning objectives:

By the end of this module, you will be able to:

  • Administer authentication methods (FIDO2 / Passwordless)
  • Implement an authentication solution based on Windows Hello for Business
  • Configure and deploy self-service password reset
  • Deploy and manage password protection
  • Implement and manage tenant restrictions

Prerequisites:

None

This module is part of these learning paths:

Quiz 1: Knowledge check

Q1. Which of these authentication methods offers the highest level of security?

  • SMS verification
  • Microsoft Authenticator App
  • Voice call verification

Q2. In The answer list, which is a security group used by Hybrid Windows Hello for Business when no Windows Server 2016 or later domain controllers are deployed?

  • KeyCredential Admins
  • Enterprise Key Admins
  • Windows Authorization Access Group

Q3. Which is the recommended mode to start with when deploying Azure AD Password Protection?

  • Audit mode
  • None
  • Enforced mode

Module 3: Plan, implement, and administer Conditional Access

Conditional Access gives a fine granularity of control over which users can do specific activities, access which resources, and how to ensure data and systems are safe.

Learning objectives:

By the end of this module, you will be able to:

  • Plan and implement security defaults.
  • Plan conditional access policies.
  • Implement conditional access policy controls and assignments (targeting, applications, and conditions).
  • Test and troubleshoot conditional access policies.
  • Implement application controls.
  • Implement session management.
  • Configure smart lockout thresholds.

Prerequisites:

None

This module is part of these learning paths:

Quiz 1: Knowledge check

Q1. What does Conditional Access do?

  • It’s the component that enforces multifactor authentication policies for access.
  • It analyzes signals such as user, device, and location to enforce organizational access policies.
  • It monitors and logs all access attempts.

Q2. When would you use Mobile Application Management (MAM) without enrollment to protect sensitive data in a work or school-related app?

  • Bring-your-own-device (BYOD) scenarios
  • Smart lockout policies
  • Session management controls

Q3. What is user sign-in frequency?

  • User sign-in frequency defines the time period before a user is asked to sign in again when attempting to access a resource.
  • User sign-in frequency defines the number of times a user signs in from a single device in a 24-hour period
  • User sign-in frequency defines the number of devices a single user is signed in to.

Module 4: Manage Azure AD Identity Protection

Protecting a user’s identity by monitoring their usage and sign-in patterns will ensure a secure cloud solution. Explore how to design and implement Azure AD Identity protection.

Learning objectives:

By the end of this module you will be able to:

  • Implement and manage a user risk policy
  • Implement and manage sign-in risk policies
  • Implement and manage MFA registration policy
  • Monitor, investigate, and remediate elevated risky users

Prerequisites:

None

This module is part of these learning paths:

Quiz 1: Knowledge check

Q1. Which task can a user with the Security Operator role perform?

  • Configure alerts
  • Confirm safe sign-in
  • Reset a password for a user

Q2. There are two risk policies that can be enabled in the directory. One is user risk policy. Which is the other risk policy?

  • Mobile device access risk policy
  • Sign-in risk policy
  • Hybrid identity sign-in risk policy

Q3. In Microsoft Graph, which three APIs expose information about risky users and sign-ins

  • riskDetection, riskyUsers, signIn
  • riskDetection, itemActivity, signIn
  • riskyUsers, signIn, IdentitySet

Module 5: Implement access management for Azure resources

Explore how to use built-in Azure roles, managed identities, and RBAC-policy to control access to Azure resources. Identity is the key to secure solutions.

Learning objectives:

By the end of this module, you will be able to:

  • Configure and use Azure roles within Azure AD
  • Configure and managed identity and assign it to Azure resources
  • Analyze the role permissions granted to or inherited by a user
  • Configure access to data in Azure Key Vault using RBAC-policy

Prerequisites:

None

This module is part of these learning paths:

Quiz 1: Knowledge check

Q1. What tool is available in Azure to give administrators the ability to provide comprehensive visibility into permissions assigned to all identities – users and workloads – actions, and resources across cloud infrastructures and identity providers? It detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Microsoft Azure, AWS, and GCP?

  • Azure Monitor
  • Microsoft Defender for Identity
  • Microsoft Entra Permissions Management.

Q2. You want to assign the Azure role – Contributor – to a specific user; what tools can you use to make this assignment?

  • Azure portal, PowerShell, and CLI
  • Azure portal only
  • Scripting only with PowerShell and CLI

Q3. You want to create a managed identity for your application. You want the identity to be created and deleted dynamically when the resource is started and stopped. What type of managed identity do you need to create?

  • User-assigned
  • System-assigned
  • Dynamic-assigned
Conclusion:

I hope this SC-300: Implement an Authentication and Access Management solution Microsoft Quiz Answers would be useful for you to learn something new from this problem. If it helped you then don’t forget to bookmark our site for more Coding Solutions.

This Problem is intended for audiences of all experiences who are interested in learning about Data Science in a business context; there are no prerequisites.

Keep Learning!

More Coding Solutions >>

Cognitive Class Answer

CodeChef Solution

Microsoft Learn

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *