Higher Test Marks with Free Online SC-300 Exam Practice

You have an Azure AD tenant.

You deploy a new enterprise application named App1.

When users attempt to provide App1 with access to the tenant, the attempt fails.

You need to ensure that the users can request admin consent for App1. The solution must follow the

principle of least privilege.

What should you do first?

You need to locate licenses to the

A. Datum users. The solution must need the technical requirements.

Which type of object should you create? 

Note: This question is part of a series of questions that present the same scenario. Each question in

the series contains a unique solution that might meet the stated goals. Some question sets might

have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have an Active Directory forest that syncs to a Microsoft Entra tenant.

You discover that when a user account is disabled in Active Directory, the disabled user can still

authenticate to Microsoft Entra for up to 30 minutes.

You need to ensure that when a user account is disabled in Active Directory, the user account is

immediately prevented from authenticating to Microsoft Entra.

Solution: You configure Microsoft Entra Password Protection.

Does this meet the goal?

You need to configure the detection of multi-staged attacks to meet the monitoring requirements. What should you do? 

You have an Azure subscription that contains a storage account named storage1 and a web app named WebApp1. WebApp1 uses a system-assigned managed identity. You need to ensure that WebApp1 can read and write files to storage1 by using the system-assigned managed identity. What should you configure for storage1 in the Azure portal?