ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 1 question 60 discussion

Actual exam question from Microsoft's SC-300
Question #: 60
Topic #: 1
[All SC-300 Questions]

HOTSPOT
-

Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with Azure AD and contains the users shown in the following table.



In Azure AD Connect, Domain/OU Filtering is configured as shown in the following exhibit.



Azure AD Connect is configured as shown in the following exhibit.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by niesz1 at Oct. 9, 2023, 6:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
niesz1
Highly Voted 1 year, 5 months ago
YES YES NO- User 2 is not synced to 365
upvoted 36 times
Das_Duck
5 months ago
I agree, YES - Password writeback requires an Entra ID P1 license and by default SSPR is enabled (Always assume default settings in these questions unless given otherwise.) YES NO - Since OU filtering is being enable and User 2 is in an OU not being synced they will not be added as a member but can still be added as a GUEST.
upvoted 4 times
...
...
Another_one
Highly Voted 1 year, 5 months ago
NO YES NO By default SSPR is enabled, but not configured. You have to configure SSPR for users to be able to use it.
upvoted 13 times
OrangeSG
1 year, 4 months ago
Password write-backup are enabled in the last screenshoot.
upvoted 6 times
...
omnomsnom
8 months, 2 weeks ago
Agree, plus SSPR and password writeback require Entra ID P1 license as well. Nothing is known about the license status or SSPR service config, so we can't say that User 1 can use SSPR.
upvoted 2 times
test123123
2 months ago
By default Self service password reset enabled is set to "None" for normal users in Entra ID - Password reset Blade. It is always enabled for admins. Ive checked on 3 different new tenants. So the answer should be: NO (Assume default value NONE) YES (Because auth is PTA) NO (User 2 not in the standard Users OU so is not synched from onprem AD to cloud)
upvoted 1 times
...
...
...
noa808a
Most Recent 17 hours, 58 minutes ago
For those lost in the comments like I am: YES YES YES: Currently at 1 vote YES YES NO: Currently at 5 votes NO YES NO: Currently at 4 votes
upvoted 1 times
...
YesPlease
3 weeks, 1 day ago
YES - They can use SSPR, but it will only update the cloud password and not the on-premises password. This is because HASH is turned OFF YES - Passthrough authentication is turned ON NO - User2 is not synced
upvoted 1 times
...
Frank9020
1 month, 2 weeks ago
1 - User1: No. Reason: Azure AD Connect is configured to disable password hash synchronization, and User1 is from OU1, which is synchronized. However, for self-service password reset (SSPR) to work, either password hash synchronization or pass-through authentication with SSPR enabled is required. Since password hash synchronization is disabled, User1 cannot use SSPR. 2 - User1: Yes. Reason: Azure AD Connect is configured with Pass-through authentication (PTA) and password hash synchronization is disabled. With PTA enabled, authentication requests for User1 will be forwarded to the on-premises Active Directory Domain Controller for verification. 3 - User2: No. Reason: In the Domain/OU Filtering settings, OU2 is not selected for synchronization, meaning User2 is not being synchronized to Azure AD. Since User2 does not exist in Azure AD, he cannot be added as a member to a SharePoint Online site.
upvoted 1 times
Sunth65
1 month, 1 week ago
NB! But pass-through authentication and Password writeback are enabled in this case !
upvoted 1 times
Frank9020
1 month, 1 week ago
Yes, you are right about that, but SSPR must be explicitly enabled in Azure AD for users to reset passwords, and if you read the question on top, this is a sync config in Azure AD. Password Writeback only allows changes to be written back to on-prem AD, but it does not enable the self-service reset functionality by itself. Without SSPR enabled, users would have no way to initiate a password reset via Azure AD. SSPR (Self-Service Password Reset) is a separate feature that must be enabled in Azure AD for users to reset their passwords if they forget them.
upvoted 1 times
...
...
...
Siraf
1 year, 2 months ago
It looks like all users are synced according to the check box at the bottom. So, even if OU2 is not synced, user2 will be synced. If this is the case, the correct answer will be Yes - Yes - Yes
upvoted 6 times
Fijii
2 weeks, 4 days ago
What you see "Users" is the default users OU, it does not mean "all the users" I think it's meant to trick people. User2 is in the OU2, not in the Users OU. Since OU2 is not synced, User2 will not be synced.
upvoted 1 times
...
penatuna
1 year, 1 month ago
Even if there is Users selected in Domain and OU filtering, User2 is not selected. You can test this in ADUC: If you make new user in OU, it does not appear in Users, only in OU.
upvoted 5 times
...
...
[Removed]
1 year, 3 months ago
YES - Pass writeback is enabled (and SSPR works with PTA, PHS and ADFS federated environments) YES - Because auth is PTA NO - User2 not synced
upvoted 7 times
...
Kali13
1 year, 3 months ago
NO : password hash synchronization is disabled YES : PTA is enabled NO : No Sync to AAD
upvoted 2 times
mohamedbenamor
7 months, 2 weeks ago
Password Write back requires PTA
upvoted 1 times
...
...
Nivos23
1 year, 4 months ago
In my opinion it is yes yes no
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago