Use least-privilege access, automate access reviews,
and monitor risky sign-ins to strengthen security posture.
Question 1: What is the primary purpose of Microsoft Entra ID (formerly Azure Active Directory)?
- A. Device management
- B. Identity and access management ✅
- C. Data loss prevention
- D. Email security
Explanation: Microsoft Entra ID provides identity services such as authentication, authorization, and access control for users and applications.
Question 2: Which feature enforces additional verification during sign-in?
- A. Conditional Access
- B. Multi-Factor Authentication (MFA) ✅
- C. Privileged Identity Management
- D. Access Reviews
Explanation: MFA requires users to provide more than one form of verification, improving identity security.
Question 3: What is the main purpose of Conditional Access policies?
- A. Assign licenses automatically
- B. Control access based on conditions and signals ✅
- C. Encrypt email messages
- D. Monitor network traffic
Explanation: Conditional Access uses signals like user location, device compliance, and risk level to control access to resources.
Question 4: Which Microsoft Entra feature helps manage just-in-time privileged access?
- A. Access Reviews
- B. Conditional Access
- C. Privileged Identity Management (PIM) ✅
- D. Identity Protection
Explanation: PIM allows organizations to limit standing admin privileges by providing just-in-time access to privileged roles.
Question 5: What is the purpose of Access Reviews in Microsoft Entra ID?
- A. Detect risky sign-ins
- B. Review and remove unnecessary access ✅
- C. Reset user passwords
- D. Monitor sign-in logs
Explanation: Access Reviews help ensure users and guests only retain access they still need, supporting least privilege principles.
Download/Practice full SC-300 exam questions..