- Home
- Microsoft
- Microsoft Identity and Access Administrator
- Microsoft.SC-300.v2024-06-17.q106
- Question 68
Valid SC-300 Dumps shared by ExamDiscuss.com for Helping Passing SC-300 Exam! ExamDiscuss.com now offer the newest SC-300 exam dumps, the ExamDiscuss.com SC-300 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SC-300 dumps with Test Engine here:
Access SC-300 Dumps Premium Version
(340 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 68/106
You have an Azure Active Directory (Azure AD) tenant that contains a user named SecAdmin1. SecAdmin1 is assigned the Security administrator role.
SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.
You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?
SecAdmin1 reports that she cannot reset passwords from the Azure AD Identity Protection portal.
You need to ensure that SecAdmin1 can manage passwords and invalidate sessions on behalf of nonadministrative users. The solution must use the principle of least privilege.
Which role should you assign to SecAdmin1?
Correct Answer: C
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
- Question List (106q)
- Question 1: You have a Microsoft Entra tenant that has a Microsoft Entra...
- Question 2: You have an Azure AD tenant. You need to bulk create 25 new ...
- Question 3: You have a Microsoft 365 tenant. All users must use the Micr...
- Question 4: You have Microsoft Entra tenant that contains a group named ...
- Question 5: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 6: You have a Microsoft 365 tenant. You have an Active Director...
- Question 7: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 8: You have an Azure AD tenant named contoso.com that contains ...
- 1 commentQuestion 9: You have an Azure Active Directory Premium P2 tenant. You cr...
- 1 commentQuestion 10: You need to implement the planned changes for litware.com. W...
- Question 11: You have an Azure AD tenant contains the users shown in the ...
- Question 12: Your company has a Microsoft 365 tenant. All users have comp...
- 1 commentQuestion 13: Your company requires that users request access before they ...
- Question 14: You have a Microsoft 365 tenant. All users must use the Micr...
- Question 15: You have an Azure Active Directory (Azure AD) tenant that co...
- 1 commentQuestion 16: A user named User1 receives an error message when attempting...
- 1 commentQuestion 17: You need to resolve the recent security incident issues. Wha...
- Question 18: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 19: You have an Azure Active Directory (Azure AD) tenant that co...
- 1 commentQuestion 20: You have an Azure AD tenant that has multi-factor authentica...
- Question 21: You have a Microsoft 365 tenant. You need to ensure that you...
- Question 22: You need to implement the planned changes for Package1. Whic...
- Question 23: You need to configure app registration in Azure AD to meet t...
- Question 24: Your company has an Azure Active Directory (Azure AD) tenant...
- 1 commentQuestion 25: You have a Microsoft 365 tenant that has 5,000 users. One hu...
- Question 26: You have an Azure AD tenant that contains the users shown in...
- Question 27: You have an Azure Ad tenant that contains the users show in ...
- Question 28: Your network contains an on-premises Active Directory domain...
- Question 29: You have an Azure Active Directory (Azure AD) tenant named c...
- Question 30: You have a Microsoft 365 subscription that contains a Micros...
- 1 commentQuestion 31: You have an Azure AD tenant that uses Azure AD Identity Prot...
- Question 32: Note: This question is part of a series of questions that pr...
- Question 33: You need to create the LWGroup1 group to meet the management...
- Question 34: You have an Azure Active Directory (Azure AD) tenant. You cr...
- 1 commentQuestion 35: You have a Microsoft 365 E5 subscription that contains the u...
- Question 36: You have an Azure Active Directory (Azure AD) tenant that co...
- 1 commentQuestion 37: You have an Azure Active Directory (Azure AD) tenant that co...
- Question 38: You have a Microsoft 36S subscription. The subscription cont...
- 1 commentQuestion 39: You have a Microsoft 365 tenant. The Sign-ins activity repor...
- Question 40: You have an Azure subscription that contains a user named Us...
- Question 41: You have an Azure Active Directory (Azure AD) tenant that co...
- Question 42: You have a Microsoft 365 subscription that contains a Micros...
- 1 commentQuestion 43: You have an Azure AD tenant that contains the users shown in...
- Question 44: Your network contains an on-premises Active Directory domain...
- Question 45: You have an Azure subscription that is linked to a Microsoft...
- 1 commentQuestion 46: You have three Azure subscriptions that are linked to a sing...
- 1 commentQuestion 47: You have a Microsoft 365 tenant. All users have computers th...
- Question 48: You need to configure the MFA settings for users who connect...
- Question 49: You have an Azure Active Directory (Azure AD) tenant that ha...
- 1 commentQuestion 50: You need to support the planned changes and meet the technic...
- Question 51: Your network contains an Active Directory forest named conto...
- Question 52: You have an Azure AD tenant that contains a user named User1...
- 1 commentQuestion 53: You have an Azure AD tenant named contoso.com that contains ...
- 1 commentQuestion 54: You have a Microsoft 365 subscription that contains a user n...
- Question 55: You create a Log Analytics workspace. You need to implement ...
- Question 56: Note: This question is part of a series of questions that pr...
- Question 57: You have an Azure AD tenant that contains multiple storage a...
- Question 58: You have an Azure Active Directory (Azure AD) tenant named c...
- Question 59: You have a Microsoft 365 tenant. All users have mobile phone...
- Question 60: You have an Azure subscription that contains an Azure SQL da...
- Question 61: Note: This question is part of a series of questions that pr...
- Question 62: You configure a new Microsoft 365 tenant to use a default do...
- 1 commentQuestion 63: You have a Microsoft 365 tenant. You configure a conditional...
- Question 64: You need to configure the assignment of Azure AD licenses to...
- Question 65: Note: This question is part of a series of questions that pr...
- Question 66: You need to configure the detection of multi-staged attacks ...
- 1 commentQuestion 67: You need to implement password restrictions to meet the auth...
- 1 commentQuestion 68: You have an Azure Active Directory (Azure AD) tenant that co...
- Question 69: You have a Microsoft 365 tenant that uses the domain named f...
- 1 commentQuestion 70: You have an Azure AD tenant that contains an access package ...
- 1 commentQuestion 71: You have an Azure subscription. From Entitlement management,...
- 1 commentQuestion 72: A user named User1 attempts to sign in to the tenant by ente...
- 1 commentQuestion 73: You need implement the planned changes for application acces...
- 1 commentQuestion 74: You have an Azure AD tenant and an Azure web app named App1....
- 1 commentQuestion 75: You have an Azure Active Directory (Azure AD) tenant that co...
- Question 76: You have a Microsoft 365 tenant. All users have mobile phone...
- Question 77: You have a Microsoft 365 E5 tenant. You purchase a cloud app...
- 1 commentQuestion 78: You have an Azure AD tenant that contains a user named User1...
- 2 commentQuestion 79: You have a Microsoft 365 E5 subscription. You purchase the a...
- 1 commentQuestion 80: You have an Azure Active Directory (Azure AD) tenant that co...
- Question 81: You need to resolve the issue of the guest user invitations....
- Question 82: You need to track application access assignments by using Id...
- Question 83: You have an Azure AD tenant that contains a user named User1...
- 1 commentQuestion 84: You have an Azure AD tenant that contains the users shown in...
- 1 commentQuestion 85: You need to modify the settings of the User administrator ro...
- Question 86: You need to resolve the issue of the sales department users....
- Question 87: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 88: You have a Microsoft 365 E5 subscription. Users authorize th...
- 1 commentQuestion 89: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 90: You have an Azure AD tenant that contains a user named Admin...
- Question 91: Note: This question is part of a series of questions that pr...
- Question 92: You have an Azure Active Directory (Azure AD) tenant that ha...
- 1 commentQuestion 93: You have an Azure Active Directory (Azure AD) tenant named c...
- Question 94: You create the Azure Active Directory (Azure AD) users shown...
- Question 95: You implement the planned changes for SSPR. What occurs when...
- Question 96: You have an Azure Active Directory (Azure AD) tenant. You co...
- Question 97: You use Azure Monitor to analyze Azure Active Directory (Azu...
- Question 98: You need to sync the ADatum users. The solution must meet th...
- Question 99: You have accounts for the following cloud platforms: * Azure...
- Question 100: You need to meet the authentication requirements for leaked ...
- Question 101: You have an Azure subscription that contains the key vaults ...
- Question 102: You have a Microsoft 365 tenant and an Active Directory doma...
- Question 103: You have an Azure AD tenant that contains two users named Us...
- Question 104: You have an Azure AD tenant and a .NET web app named App1. Y...
- Question 105: You have an Azure Active Directory (Azure AD) tenant that co...
- 1 commentQuestion 106: You have an Azure AD tenant that contains the users shown in...
Recent Comments (The most recent comments are at the top.)
Answer must be B - Helpdesk Administrators.
From the docs:
Authentication administrator: can reset passwords for non-admins but can't invalidate sessions. https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#authentication-administrator
Helpdesk administrator: Users with this role can change passwords, invalidate refresh tokens, manage service requests, and monitor service health. Invalidating a refresh token forces the user to sign in again. https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#helpdesk-administrator
Privileged Authentication Administrator: can reset all passwords (admins & non-admins) but can't invalidate any sessions. https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#privileged-authentication-administrator
Security Operator: can't reset any passwords. https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-operator