Microsoft SC-300 Exam Practice Questions (P. 1)
- Full Access (408 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
You have an Azure Active Directory (Azure AD) tenant that contains the following objects:
✑ A device named Device1
✑ Users named User1, User2, User3, User4, and User5
✑ Groups named Group1, Group2, Group3, Group4, and Group5
The groups are configured as shown in the following table.

To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly?
✑ A device named Device1
✑ Users named User1, User2, User3, User4, and User5
✑ Groups named Group1, Group2, Group3, Group4, and Group5
The groups are configured as shown in the following table.

To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly?
- AGroup1 and Group4 only
- BGroup1, Group2, Group3, Group4, and Group5
- CGroup1 and Group2 only
- DGroup1 only
- EGroup1, Group2, Group4, and Group5 only
Correct Answer:
C
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced
C
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-group-advanced
send
light_mode
delete
Question #2
You have a Microsoft Exchange organization that uses an SMTP address space of contoso.com.
Several users use their contoso.com email address for self-service sign-up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.
Which PowerShell cmdlet should you run?
Several users use their contoso.com email address for self-service sign-up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the self-signed users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.
Which PowerShell cmdlet should you run?
- ASet-MsolCompanySettingsMost Voted
- BSet-MsolDomainFederationSettings
- CUpdate-MsolfederatedDomain
- DSet-MsolDomain
Correct Answer:
A
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-self-service-signup
A
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-self-service-signup
send
light_mode
delete
Question #3
You have a Microsoft 365 tenant that uses the domain named fabrikam.com. The Guest invite settings for Azure Active Directory (Azure AD) are configured as shown in the exhibit. (Click the Exhibit tab.)

A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table.

Which users will be emailed a passcode?

A user named [email protected] shares a Microsoft SharePoint Online document library to the users shown in the following table.

Which users will be emailed a passcode?
- AUser2 only
- BUser1 only
- CUser1 and User2 only
- DUser1, User2, and User3
Correct Answer:
A
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/one-time-passcode
A
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/one-time-passcode
send
light_mode
delete
Question #4
You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.
What should you use?
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.
What should you use?
- Athe Identity Governance blade in the Azure Active Directory admin center
- Bthe Set-AzureAdUser cmdlet
- Cthe Licenses blade in the Azure Active Directory admin centerMost Voted
- Dthe Set-WindowsProductKey cmdlet
Correct Answer:
C
You can unassign licenses from users on either the Active users page, or on the Licenses page. The method you use depends on whether you want to unassign product licenses from specific users or unassign users licenses from a specific product.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. the Licenses blade in the Azure Active Directory admin center
2. the Set-MsolUserLicense cmdlet
Other incorrect answer options you may see on the exam include the following:
✑ the Administrative units blade in the Azure Active Directory admin center
✑ the Groups blade in the Azure Active Directory admin center
✑ the Set-AzureAdGroup cmdlet
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/manage/remove-licenses-from-users?view=o365-worldwide
C
You can unassign licenses from users on either the Active users page, or on the Licenses page. The method you use depends on whether you want to unassign product licenses from specific users or unassign users licenses from a specific product.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. the Licenses blade in the Azure Active Directory admin center
2. the Set-MsolUserLicense cmdlet
Other incorrect answer options you may see on the exam include the following:
✑ the Administrative units blade in the Azure Active Directory admin center
✑ the Groups blade in the Azure Active Directory admin center
✑ the Set-AzureAdGroup cmdlet
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/manage/remove-licenses-from-users?view=o365-worldwide
send
light_mode
delete
Question #5
HOTSPOT -
You have a Microsoft 365 tenant named contoso.com.
Guest user access is enabled.
Users are invited to collaborate with contoso.com as shown in the following table.

From the External collaboration settings in the Azure Active Directory admin center, you configure the Collaboration restrictions settings as shown in the following exhibit.

From a Microsoft SharePoint Online site, a user invites [email protected] to the site.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

You have a Microsoft 365 tenant named contoso.com.
Guest user access is enabled.
Users are invited to collaborate with contoso.com as shown in the following table.

From the External collaboration settings in the Azure Active Directory admin center, you configure the Collaboration restrictions settings as shown in the following exhibit.

From a Microsoft SharePoint Online site, a user invites [email protected] to the site.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Box 1: Yes -
Invitations can only be sent to outlook.com. Therefore, User1 can accept the invitation and access the application.
Box 2. Yes -
Invitations can only be sent to outlook.com. However, User2 has already received and accepted an invitation so User2 can access the application.
Box 3. No -
Invitations can only be sent to outlook.com. Therefore, User3 will not receive an invitation.

Box 1: Yes -
Invitations can only be sent to outlook.com. Therefore, User1 can accept the invitation and access the application.
Box 2. Yes -
Invitations can only be sent to outlook.com. However, User2 has already received and accepted an invitation so User2 can access the application.
Box 3. No -
Invitations can only be sent to outlook.com. Therefore, User3 will not receive an invitation.
send
light_mode
delete
Question #6
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to bulk invite Azure AD business-to-business (B2B) collaboration users.
Which two parameters must you include when you create the bulk invite? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You plan to bulk invite Azure AD business-to-business (B2B) collaboration users.
Which two parameters must you include when you create the bulk invite? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- Aemail addressMost Voted
- Bredirection URLMost Voted
- Cusername
- Dshared key
- Epassword
Correct Answer:
AB
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/tutorial-bulk-invite
AB
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/tutorial-bulk-invite
send
light_mode
delete
Question #7
You have an Azure Active Directory (Azure AD) tenant that contains the objects shown in the following table.

Which objects can you add as members to Group3?

Which objects can you add as members to Group3?
- AUser2 and Group2 only
- BUser2, Group1, and Group2 only
- CUser1, User2, Group1 and Group2
- DUser1 and User2 only
- EUser2 onlyMost Voted
Correct Answer:
E
Reference:
https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groups-nesting/
E
Reference:
https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groups-nesting/
send
light_mode
delete
Question #8
DRAG DROP -
You have an on-premises Microsoft Exchange organization that uses an SMTP address space of contoso.com.
You discover that users use their email address for self-service sign-up to Microsoft 365 services.
You need to gain global administrator privileges to the Azure Active Directory (Azure AD) tenant that contains the self-signed users.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

You have an on-premises Microsoft Exchange organization that uses an SMTP address space of contoso.com.
You discover that users use their email address for self-service sign-up to Microsoft 365 services.
You need to gain global administrator privileges to the Azure Active Directory (Azure AD) tenant that contains the self-signed users.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Correct Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/domains-admin-takeover

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/domains-admin-takeover
send
light_mode
delete
Question #9
HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the groups shown in the following table.

In the tenant, you create the groups shown in the following table.

Which members can you add to GroupA and GroupB? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1 and the groups shown in the following table.

In the tenant, you create the groups shown in the following table.

Which members can you add to GroupA and GroupB? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Correct Answer:
Reference:
https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groups-nesting/

Reference:
https://bitsizedbytes.wordpress.com/2018/12/10/distribution-security-and-office-365-groups-nesting/
send
light_mode
delete
Question #10
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure password writeback.
Does this meet the goal?
- AYes
- BNoMost Voted
Correct Answer:
B
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
B
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
send
light_mode
delete
All Pages