Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Microsoft
  3. SC-300

Microsoft SC-300 Exam (page: 13)
Microsoft Identity and Access Administrator
Updated on: 25-Dec-2025

Viewing Page 13 of 83
SC-300 PDF 421 Questions

You have an Azure AD tenant that contains a user named Admin1.
You need to ensure that Admin1 can perform only the following tasks:
• From the Microsoft 365 admin center, create and manage service requests.
• From the Microsoft 365 admin center, read and configure service health.
• From the Azure portal, create and manage support tickets.
The solution must minimize administrative effort.
What should you do?

  1. Create an administrative unit and add Admin1.
  2. Enable Azure AD Privileged Identity Management (PIM) for Admin1.
  3. Assign Admin1 the Helpdesk Administrator role.
  4. Create a custom role and assign the role to Admin1.

Answer(s): D



HOTSPOT (Drag and Drop is not supported)
Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure AD tenant.
You need to ensure that user authentication always occurs by validating passwords against the AD DS domain.
What should you configure, and what should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.)
A user named bsmith@fabrikam.com shares a Microsoft SharePoint Online document library to the users shown in the following table.
Which users will be emailed a passcode?

  1. User2 only
  2. User1 only
  3. User1 and User2 only
  4. User1, User2, and User3

Answer(s): B



You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft Office 365 Enterprise E5 licenses to a group that includes all users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.
What should you use?

  1. the Administrative units blade in the Azure Active Directory admin center
  2. the Set-MsolUserLicense cmdlet
  3. the Groups blade in the Azure Active Directory admin center
  4. the Set-WindowsProductKey cmdlet

Answer(s): B



You have two Microsoft Entra tenants named contoso.com and fabrikam.com. Contoso.com contains the identities shown in the following table.
You configure cross-tenant synchronization from contoso.com to fabrikam.com.
Which identities will sync with fabrikam.com?

  1. User1 only
  2. User1 and Group1 only
  3. User1 and Group2 only
  4. User1, Group1, and Group2

Answer(s): A



Viewing Page 13 of 83



Share your comments for Microsoft SC-300 exam with other users:

siva 5/17/2023 12:32:00 AM

very helpfull
Anonymous


Jorn 7/13/2023 5:05:00 AM

relevant questions
UNITED KINGDOM