ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 2 question 43 discussion

Actual exam question from Microsoft's SC-300
Question #: 43
Topic #: 2
[All SC-300 Questions]

You have an Azure Active Directory (Azure AD) tenant.

You configure self-service password reset (SSPR) by using the following settings:

• Require users to register when signing in: Yes
• Number of methods required to reset: 1

What is a valid authentication method available to users?

  • A. a smartcard
  • B. a mobile app code
  • C. a mobile app notification
  • D. an email to an address outside your organization
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Halwagy at Jan. 19, 2023, 6:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Guestie
Highly Voted 1 year, 5 months ago
There should be an option for multiple answers. When configuring SSPR for a single method to reset there are two options - Mobile app code AND Email
upvoted 11 times
armid
1 day, 22 hours ago
agree, otherwise Q28 Topic 2 would be invalidated by answer B if i see this i will go with D even though it is incomplete answer, hpefully the have fixed it since
upvoted 1 times
...
...
Matt19
Most Recent 1 month, 3 weeks ago
Selected Answer: D
D - You cannot have MS Authenticator app / Code selected when you have only 1 method to set for SSPR (greyed out now while you configure SSPR). One needs to select at least 2 methods for Authenticator app.
upvoted 1 times
...
Nyamnyam
9 months, 1 week ago
Oh well, same question in page 13 had a proper answer 'D'. What to say? If you selected mobile app as auth method AND only one method for verification, then indeed only CODE is possible. BUT what if the admin has selected Email, Mobile phone, and Security questions as only allowed auth methods?
upvoted 2 times
...
roman_cat
11 months, 4 weeks ago
D. an email address outside your organization. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks "The Authenticator app can't be selected as the only authentication method when only one method is required." READ: when only one method is required. A. Smart Card- not an option in SSPR B. Mobile app code- available in Microsoft authenticator. C. a mobile app notification - not available as an option for single method D. email outside the organization - available option (in fact default) in SSPR
upvoted 1 times
Shri96
10 months, 4 weeks ago
If require registration was set to No, I believe you'd be correct. As we have registration required, and only a single authentication method defined, the App Code registered becomes the default. Answer should be B in this case due to the "require registration" requirement.
upvoted 3 times
...
...
EmnCours
1 year ago
Selected Answer: B
Correct Answer: B
upvoted 1 times
...
dule27
1 year, 1 month ago
Selected Answer: B
B. a mobile app code
upvoted 1 times
...
JN_311
1 year, 2 months ago
Selected Answer: B
When administrators require one method be used to reset a password, verification code is the only option available. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks#mobile-app-and-sspr
upvoted 3 times
roman_cat
11 months, 4 weeks ago
question is asking for users, not administrators
upvoted 1 times
BigDogAG
4 months, 3 weeks ago
Yes but in this instance the admin is who put the requirements in place.
upvoted 1 times
...
...
...
kanew
1 year, 3 months ago
This isn't as straight forward as it seems and from what I can read it depends on whether the converged registration method(MFA & SSPR) is being used. If using the current SSPR registration then the answer would be be D as you can't use the App when only one method is required because it is not an available method on sign-up. "This requirement is because the current SSPR registration experience doesn't include the option to register the authenticator app. The option to register the authenticator app is included with the new combined registration experience." https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks#authentication-methods It's the other way around if the combined registration is used as email is only valid for SSPR and users won't be required to register it on sign up. It can be a secondary method. I can't tell from the question whether it's SSPR or combined registration. maybe someone else can? Guess I'll go with the consensus of B but ...?
upvoted 1 times
...
francescoc
1 year, 4 months ago
Selected Answer: B
B is Correct https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks
upvoted 1 times
...
divyakanth
1 year, 6 months ago
Selected Answer: B
correct explanation by wooyou
upvoted 1 times
...
Halwagy
1 year, 6 months ago
D also a valid option
upvoted 1 times
kevin_office
1 year, 6 months ago
yeah but D comes when B is not available
upvoted 2 times
...
wooyourdaddy
1 year, 6 months ago
It is only if 2 authentication methods are required. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks#mobile-app-and-sspr When using a mobile app as a method for password reset, like the Microsoft Authenticator app, the following considerations apply: - When administrators require one method be used to reset a password, verification code is the only option available. - When administrators require two methods be used to reset a password, users are able to use notification OR verification code in addition to any other enabled methods.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago