1. Home
  2. SC-300 Free Questions
Free Demo Questions

Test Online Free Microsoft SC-300 Exam Questions and Answers

Practice a live sample before buying full access. This page keeps the free SC-300 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.

Updated May 20, 2025 43 Questions 3 Pages
Get SC-300 Full Access
Page 1 of 3
Next Page
Question 1 Selectable Answer
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains an Azure AD enterprise application named App1.
A contractor uses the credentials of [email protected].
You need to ensure that you can provide the contractor with access to App1. The contractor must be able to authenticate as [email protected].
What should you do?

Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-quickstart-add-guest-users-portal
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureadmsinvitation?view=azureadps-2.0
Question 2 Written Answer
HOTSPOT
You have a Microsoft 365 tenant.
Sometimes, users use external, third-party applications that require limited access to the Microsoft 365 data of the respective user. The users register the applications in Azure Active Directory (Azure AD).
You need to receive an alert if a registered application gains read and write access to the users’ email.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:

Question 3 Selectable Answer
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?

Answer:
Explanation:
In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to a device and uses a biometric or PIN.
After an initial two-step verification of the user during enrollment, Windows Hello is set up on the user's device and Windows asks the user to set a gesture, which can be a biometric, such as a fingerprint, or a PIN. The user provides the gesture to verify their identity. Windows then uses Windows Hello to authenticate users.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-overview
Question 4 Written Answer
HOTSPOT
You need to implement on-premises application and SharePoint Online restrictions to meet the authentication requirements and the access requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:

Question 5 Selectable Answer
You have a Microsoft 365 tenant.
All users have mobile phones and laptops.
The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity.
While working from the remote locations, the users connect their laptop to a wired network that has internet access.
You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-authenticator-app#verification-code-from-mobile-app
Question 6 Written Answer
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant that contains three users named User1, User1, and User3,
You create a group named Group1. You add User2 and User3 to Group1.
You configure a role in Azure AD Privileged identity Management (PIM) as shown in the application administrator exhibit. (Click the application Administrator tab.)



Group1 is configured as the approver for the application administrator role.
You configure User2to be eligible for the application administrator role.
For User1, you add an assignment to the Application administrator role as shown in the Assignment exhibit. (Click Assignment tab)



For each of the following statement, select Yes if the statement is true, Otherwise, select No. NOTE: Each correct selection is worth one point.


Answer:

Question 7 Selectable Answer
You have an Azure Active Directory (Azure AD) tenant.
You need to review the Azure AD sign-ins log to investigate sign ins that occurred in the past.
For how long does Azure AD store events in the sign-in log?

Answer:
Question 8 Selectable Answer
You have a Microsoft 365 tenant.
The Sign-ins activity report shows that an external contractor signed in to the Exchange admin center.
You need to review access to the Exchange admin center at the end of each month and block sign-ins if
required.
What should you create?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
Question 9 Selectable Answer
You have an Azure Active Directory (Azure AD) tenant that contains the objects shown in the following table.



Which objects can you add as eligible in Azure Privileged identity Management (PIM) for an Azure AD role?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan
Question 10 Selectable Answer
You create a Log Analytics workspace.
You need to implement the technical requirements for auditing.
What should you configure in Azure AD?

Answer:
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-monitoring
Question 11 Selectable Answer
You create a new Microsoft 365 E5 tenant.
You need to ensure that when users connect to the Microsoft 365 portal from an anonymous IP address, they are prompted to use multi-factor authentication (MFA).
What should you configure?

Answer:
Question 12 Written Answer
HOTSPOT
You need to meet the technical requirements for the probability that user identities were compromised.
What should the users do first, and what should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:

Question 13 Selectable Answer
You need to sync the ADatum users. The solution must meet the technical requirements.
What should you do?

Answer:
Explanation:
You need to select Customize synchronization options to configure Azure AD Connect to
sync the Adatum
organizational unit (OU).
Question 14 Written Answer
HOTSPOT
You have a custom cloud app named App1 that is registered in Azure Active Directory (Azure AD).
App1 is configured as shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.


Answer:

Question 15 Written Answer
HOTSPOT
Your company has a Microsoft 365 tenant.
All users have computers that run Windows 10 and are joined to the Azure Active Directory (Azure AD) tenant.
The company subscribes to a third-party cloud service named Service1. Service1 supports Azure AD authentication and authorization based on OAuth. Service1 is published to the Azure AD gallery.
You need to recommend a solution to ensure that the users can connect to Service1 without being prompted for authentication. The solution must ensure that the users can access Service1 only from Azure AD-joined computers. The solution must minimize administrative effort.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Graphical user interface, text, application
Description automatically generated
Showing page 1 of 3
Next Page

All copyrights reserved 2026 PassQuestion NETWORK CO.,LIMITED. All Rights Reserved.

Passquestion doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passquestion content is sourced from the Internet.