ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 2 question 117 discussion

Actual exam question from Microsoft's SC-300
Question #: 117
Topic #: 2
[All SC-300 Questions]

You have a Microsoft Entra tenant.

You configure self-service password reset (SSPR) by using the following settings:

• Require users to register when signing in: Yes
• Number of methods required to reset: 1

What is a valid authentication method available to users?

  • A. a Windows Hello PIN
  • B. a smartcard
  • C. a mobile app notification
  • D. an email to an address outside your organization
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by mert123 at Dec. 24, 2024, 9:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Obi_Wan_Jacoby
2 months, 1 week ago
Selected Answer: C
I am going with C. I researched this quite a bit online using different articles and ran a lot thru copilot. The Email option for Self-Service Password Reset (SSPR) can be configured for either internal or external email addresses. However, using an internal email address is generally more secure and recommended. Comparison: Email vs. Mobile App Notification Email: Pros: Easy to set up and use; familiar to most users. Cons: Can be less secure due to potential phishing attacks; relies on users having access to their email. Mobile App Notification: Pros: More secure; uses push notifications through apps like Microsoft Authenticator; less susceptible to phishing. Cons: Requires users to have the app installed and configured. Recommendation: Mobile App Notification is generally better for security and reliability. It provides a stronger defense against phishing and ensures users can securely reset their passwords using a trusted app.
upvoted 2 times
Obi_Wan_Jacoby
2 months, 1 week ago
Also, the only option in SSPR reset for email is simply titled "Email", not external or internal as the question asks. The following authentication methods are available for SSPR: Mobile app notification Mobile app code Hardware OATH token Software OATH token Email Mobile phone Office phone (available only for tenants with paid subscriptions) Security questions
upvoted 1 times
...
...
YesPlease
3 months, 3 weeks ago
Selected Answer: C
Answer C) a mobile app notification You guys are reading this question all wrong. This is asking about SSPR "authentication" and although it is stating that you must register at least 1 method, it does not mean that it is the only method that is enabled. The following authentication methods are available for SSPR: - Mobile app notification (***this is valid if they setup more than one method to authenticate) - Mobile app code (***valid for one method registration only scenario) - Email (***Has to be to their company email address and not external) - Mobile phone - Office phone (available only for tenants with paid subscriptions) - Security questions https://learn.microsoft.com/en-us/entra/identity/authentication/concept-sspr-howitworks#authentication-methods
upvoted 1 times
csi_2025
3 months, 2 weeks ago
Nope you are wrong on two accounts: 1) You don't assume what could be configured but go by what is stated. MS doesn't do trick questions but has a problem with phrasing and wording of their questions 2) Email is obviously not the company email address. How would you be able to read the email to reset your account if you need access to the account that is currently blocked to read the email, obviously you have to send the email to a different email address. Answer is D.
upvoted 1 times
csi_2025
3 months, 2 weeks ago
Adding to that: 3) From your wording you are also wrong on the mobile app notification. You can only enable that when SSPR is set up to require users to use two methods to reset their password. The question states its one, and that only allows for app code but not notification.
upvoted 1 times
...
...
...
59e8fdb
3 months, 3 weeks ago
Selected Answer: D
Again the same question in the 1 last questions 3 questions are same with the same context completely different answers
upvoted 1 times
...
JFROG
5 months ago
Selected Answer: D
The catch in this question is the number of methods required: Check https://learn.microsoft.com/en-us/entra/identity/authentication/concept-sspr-howitworks. "Mobile app and SSPR When using a mobile app as a method for password reset, like Microsoft Authenticator, the following considerations apply if an organization hasn't migrated to the centralized Authentication methods policy: When administrators require one method be used to reset a password, verification code is the only option available. When administrators require two methods be used to reset a password, users are able to use notification OR verification code in addition to any other enabled methods." My choice will be D
upvoted 2 times
...
Sunth65
5 months, 2 weeks ago
Selected Answer: D
First priority is mobile app code, second priority is an email to an address outside your organization
upvoted 1 times
...
mert123
5 months, 3 weeks ago
Selected Answer: D
d is correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel