ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 2 question 100 discussion

Actual exam question from Microsoft's SC-300
Question #: 100
Topic #: 2
[All SC-300 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription that contains two groups named Group1 and Group2. The subscription contains the users shown in the following table.



You create the following Conditional Access policies:

• Name: Policy1
• Users:
o Include: Group1
o Exclude: Group2
• Target resources:
o Include: All cloud apps
• Grant:
o Grant access: Require multi-factor authentication
• Session:
o Persistent browser session: Never persistent

• Name: Policy2
• Users:
o Include:
- Directory roles: Global Administrator
- Users and groups: User3
o Exclude: Group2
• Target resources:
o Include: All cloud apps
• Session:
o Sign-in frequency:
- Periodic authentication: 2 hours

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by nicolaslindt at Jan. 22, 2025, 12:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
perkp
3 months ago
N,N,N When you have the 'Stay signed in' setting enabled in the company branding pane, users are typically prompted with the 'Stay signed in?' option after they sign in. However, if you also have a Conditional Access policy set to 'Persistent browser session: Never persistent', this policy will override the 'Stay signed in' setting. In this case, users will not be prompted with the 'Stay signed in?' option when they sign in to the M365 portal. The Conditional Access policy ensures that browser sessions are never persistent, meaning users will need to sign in again after closing and reopening their browser
upvoted 4 times
rvln7
2 months ago
N Y Y Direct assignments take precedence over exclusions. Key Rule: ✅ If a user is included via a group and also a member of an excluded group, they are excluded. ❌ If a user is directly assigned, exclusions do not apply. If User3 and Global Administrator were both members of Group1 (included) and Group2 (excluded), then both would be excluded from the policy because their inclusion comes from group membership, and exclusions apply to users included via groups. Since they are directly assigned (User3 explicitly and Global Administrator via directory role), the exclusion does not apply, and they will still receive the policy.
upvoted 2 times
...
...
nicolaslindt
3 months, 1 week ago
for me it's N/N/N
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago