SC-300 Questions Bank

To ensure that users in the Sg-Operations group see a tab named “Operations” containing only LinkedIn and Box applications in the My Apps portal, you can create a collection with these specific applications. Here’s how to do it:

• Sign in to the Microsoft Entra admin center:
• Navigate to App launchers:
• Create a new collection:
• Add applications to the collection:
• Assign the collection to the Sg-Operations group:
• Review and create the collection:

By following these steps, when users in the Sg-Operations group visit the My Apps portal, they will see a new tab named “Operations” that contains only the LinkedIn and Box applications1.

Please note that to create collections on the My Apps portal, you need a Microsoft Entra ID P1 or P2 license1.

To implement a process for reviewing guest users’ access to the Salesforce app with the specified requirements, you can use Microsoft Entra’s Identity Governance access reviews feature. Here’s a step-by-step guide:

• Assign the appropriate role:
• Navigate to Identity Governance:
• Create a new access review:
• Configure the review settings:
• Determine the reviewers:
• Automate the removal process:
• Monitor and enforce compliance:
• Communicate the process:

By following these steps, you can ensure that guest users’ access to the Salesforce app is reviewed monthly, with managers being responsible for the review, and access is removed if the review is not completed in time.

To create a group named “Audit” and ensure that its members can activate the Security Reader role, follow these steps:

• Open the Microsoft Entra admin center:
• Navigate to Groups:
• Create the security group:
• Edit settings:
• Assign roles:
• Review and finish:

By following these steps, you will have created the “Audit” group and enabled its members to activate the Security Reader role, which allows them to view security-related information without having permissions to change it. Remember to communicate the new group and role assignment to the relevant stakeholders in your organization.

To implement additional security checks for the Sg-Executive group members before they can access any company apps, you can use Conditional Access policies in Microsoft Entra. Here’s a step-by-step guide:

• Sign in to the Microsoft Entra admin center:
• Navigate to Conditional Access:
• Create a new policy:
• Assign the policy to the Sg-Executive group:
• Define the application control conditions:
• Set the device compliance requirement:
• Set the app protection policy requirement:
• Configure the access controls:
• Enable the policy:
• Review and save the policy:

By following these steps, you will ensure that the Sg-Executive group members can only access company apps if they meet one of the specified conditions, either by using a compliant device or a protected client app. This enhances the security posture of your organization by enforcing stricter access controls for executive-level users.