Microsoft 365 Identity and Services MS-100 Dumps V12.02

We know, the content of MS-100 Microsoft 365 Identity and Services exam has been updated on September 24, 2020. Based on the new MS-100 exam content, we have updated MS-100 dumps V12.02 online to help you learn the exam well. Updated MS-100 exam dumps V12.02 contain 271 practice exam questions and answers. You can choose to study all these MS-100 practice exam Q&As before taking actual Microsoft 365 Identity and Services MS-100 exam.

You are highly recommended to read MS-100 free dumps V12.02 first.

1. Question Set 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You use the View service requests option in the Microsoft 365 admin center.

Does this meet the goal?

2. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You use Dashboard in Security & Compliance.

Does this meet the goal?

3. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You use Message center in the Microsoft 365 admin center.

Does this meet the goal?

4. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You review the Security & Compliance report in the Microsoft 365 admin center.

Does this meet the goal?

5. You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase.

You want the members of two groups named IT and Managers to be able to use the features shown in the following table.

The IT group contains 50 users. The Managers group contains 200 users.

You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs.

Which licenses should you recommend?

6. You have a Microsoft 365 tenant that contains Microsoft Exchange Online.

You plan to enable calendar sharing with a partner organization named adatum.com. The partner organization also has a Microsoft 365 tenant.

You need to ensure that the calendar of every user is available to the users in adatum.com immediately.

What should you do?

7. DRAG DROP

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You purchase a domain named contoso.com from a registrar and add all the required DNS records.

You create a user account named User1. User1 is configured to sign in as [email protected].

You need to configure User1 to sign in as [email protected].

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

8. Your company has an on-premises Microsoft Exchange Server 2016 organization and a Microsoft 365

Enterprise subscription.

You plan to migrate mailboxes and groups to Exchange Online.

You start a new migration batch.

Users report slow performance when they use the on-premises Exchange Server organization.

You discover that the migration is causing the slow performance.

You need to reduce the impact of the mailbox migration on the end-users.

What should you do?

9. You have a Microsoft 365 subscription.

You need to prevent phishing email messages from being delivered to your organization.

What should you do?

10. Your company has a Microsoft 365 subscription. All identities are managed in the cloud.

The company purchases a new domain name.

You need to ensure that all new mailboxes use the new domain as their primary email address.

What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

11. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

Group2 is a member of Group1.

You assign a Microsoft Office 365 Enterprise E3 license to Group1.

How many Office 365 E3 licenses are assigned?

12. You have a Microsoft 365 subscription.

A new corporate security policy states that you must automatically send DLP incident reports to the users in the legal department.

You need to schedule the email delivery of the reports. The solution must ensure that the reports are sent as frequently as possible.

How frequently can you schedule the delivery of the reports?

13. Your company has a Microsoft 365 subscription.

You need to identify all the users in the subscription who are licensed for Microsoft Office 365 through a group membership. The solution must include the name of the group used to assign the license.

What should you use?

14. Your company has a Microsoft 365 subscription.

You upload several archive PST files to Microsoft 365 by using the Security & Compliance admin center.

A month later, you attempt to run an import job for the PST files.

You discover that the PST files were deleted from Microsoft 365.

What is the most likely cause of the files being deleted? More than one answer choice may achieve the goal. Select the BEST answer.

15. Your company has a main office and 20 branch offices in North America and Europe. Each branch connects to the main office by using a WAN link. All the offices connect to the Internet and resolve external host names by using the main office connections.

You plan to deploy Microsoft 365 and to implement a direct Internet connection in each office.

You need to recommend a change to the infrastructure to provide the quickest possible access to Microsoft 365 services.

What is the best recommendation to achieve the goal? More than one answer choice may achieve the

goal. Select the BEST answer.

16. Your network contains an Active Directory forest named adatum.local. The forest contains 500 users and uses adatum.com as a UPN suffix.

You deploy a Microsoft 365 tenant.

You implement directory synchronization and sync only 50 support users.

You discover that five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com.

You need to ensure that all synchronized identities retain the UPN set in their on-premises user account.

What should you do?

17. HOTSPOT

Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

18. Your company has on-premises servers and a Microsoft Azure Active Directory (Azure AD) tenant.

Several months ago, the Azure AD Connect Health agent was installed on all the servers.

You review the health status of all the servers regularly.

Recently, you attempted to view the health status of a server named Server1 and discovered that the server is NOT listed on the Azure Active Directory Connect Servers list.

You suspect that another administrator removed Server1 from the list.

You need to ensure that you can view the health status of Server1.

What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

19. You have a Microsoft 365 subscription.

You suspect that several Microsoft Office 365 applications or services were recently updated.

You need to identify which applications or services were recently updated.

What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

20. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You use Monitoring and reports from the Compliance admin center.

Does this meet the goal?

21. DRAG DROP

Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. The on-premises domain contains a server named Server1 that runs Windows Server 2016 and 200 client computers that run Windows 10.

Your company purchases a Microsoft 365 subscription.

On Server1, you create a file share named Share1. You extract the Microsoft Office Deployment Tool (ODT) to Share1.

You need to deploy Microsoft 365 Apps for enterprise and the French language pack from Share1 to the Windows 10 computers.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

22. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).

You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).

You configure a pilot for co-management.

You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.

You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to an Active Directory group.

Does this meet the goal?

23. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).

You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).

You configure a pilot for co-management.

You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.

You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.

Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection.

Does this meet the goal?

24. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).

You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).

You configure a pilot for co-management.

You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.

You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You create a device configuration profile from the Intune admin center.

Does this meet the goal?

25. HOTSPOT

You have a Microsoft 365 subscription.

You create an alert policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information in the graphic. NOTE: Each correct selection is worth one point.

26. HOTSPOT

Your company is based in the United Kingdom (UK).

Users frequently handle data that contains Personally Identifiable Information (PII).

You create a data loss prevention (DLP) policy that applies to users inside and outside the company.

The policy is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based in the information presented in the information presented in the graphic. NOTE: Each correct selection is worth one point.

27. HOTSPOT

You have a Microsoft Azure Active Directory (Azure AD) tenant.

Your company implements Windows Information Protection (WIP).

You need to modify which users and applications are affected by WIP.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

28. You have a Microsoft 365 subscription.

You configure a data loss prevention (DLP) policy.

You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.

You need to prevent the users from bypassing the DLP policy.

What should you configure?

29. In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments.

Policy1 is configured as shown in the exhibit.

You need to ensure that internal users can email documents that contain US bank account numbers to external users who have an email suffix of contoso.com.

What should you configure?

30. Your company uses on-premises Windows Server File Classification Infrastructure 9FCI). Some documents on the on-premises file servers are classifies as Confidential.

You migrate the files from the on-premises file servers to Microsoft SharePoint Online.

You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.

What should you do first?

31. HOTSPOT

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

You have three applications App1, App2, App3. The Apps use files that have the same file extensions.

Your company uses Windows Information Protection (WIP).

WIP has the following configurations:

- Windows Information Protection mode: Silent

- Protected apps: App1

- Exempt apps: App2

From App1, you create a file named File1.

What is the effect of the configurations? To answer, select the appropriate options in the answer area.

32. Your company has 10 offices.

The network contains an Active Directory domain named contoso.com. The domain contains 500 client computers. Each office is configured as a separate subnet.

You discover that one of the offices has the following:

- Computers that have several preinstalled applications

- Computers that use nonstandard computer names

- Computers that have Windows 10 preinstalled

- Computers that are in a workgroup

You must configure the computers to meet the following corporate requirements:

- All the computers must be joined to the domain.

- All the computers must have computer names that use a prefix of CONTOSO.

- All the computers must only have approved corporate applications installed.

You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.

33. You have a Microsoft 365 subscription.

You recently configured a Microsoft SharePoint Online tenant in the subscription.

You plan to create an alert policy.

You need to ensure that an alert is generated only when malware is detected in more than five documents stored in SharePoint Online during a period of 10 minutes.

What should you do first?

34. From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit.

You need to reduce the likelihood that the sign-ins are identified as risky.

What should you do?

35. DRAG DROP

You have a Microsoft 365 subscription.

You have the devices shown in the following table.

You need to onboard the devices to Windows Defender Advanced Threat Protection (ATP). The solution must avoid installing software on the devices whenever possible.

Which onboarding method should you use for each operating system? To answer, drag the appropriate methods to the correct operating systems. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.

36. HOTSPOT

You have a Microsoft 365 subscription.

You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled devices enrolled on mobile device management (MDM).

What should you include in the device configuration profile? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

37. You have a Microsoft 365 tenant.

You have a line-of-business application named App1 that users access by using the My Apps portal.

After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.

You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.

What should you do?

38. Your network contains an on-premises Active Directory domain.

Your company has a security policy that prevents additional software from being installed on domain controllers.

You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP).

What should you do? More than once choice may achieve the goal. Select the BEST answer.

39. Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices.

You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States.

You plan to onboard all the devices to Windows Defender ATP data in Europe.

What should you do first?

40. You implement Microsoft Azure Advanced Threat Protection (Azure ATP).

You have an Azure ATP sensor configured as shown in the following exhibit.

How long after the Azure ATP cloud service is updated will the sensor update?

41. Your company has a Microsoft 365 E3 subscription.

All devices run Windows 10 Pro and are joined to Microsoft Azure Active Directory (Azure AD).

You need to change the edition of Windows 10 to Enterprise the next time users sign in to their computer.

The solution must minimize downtime for the users.

What should you use?

42. HOTSPOT

You have three devices enrolled in Microsoft Intune as shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

The device compliance policies have the assignment shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

43. HOTSPOT

Your company has a Microsoft 365 tenant.

You plan to allow users from the engineering department to enroll their mobile device in mobile device management (MDM).

The device type restrictions are configured as shown in the following table.

The device limit restrictions are configured as shown in the following table.

What is the effective configuration for the members of the Engineering group? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

44. Your network contains an Active Directory domain named contoso.com. The domain contains 1000 Windows 8.1 devices.

You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices.

You need to recommend a Windows 10 deployment method.

What should you recommend?

45. You use Microsoft System Center Configuration manager (Current Branch) to manage devices.

Your company uses the following types of devices:

- Windows 10

- Windows 8.1

- Android

- iOS

Which devices can be managed by using co-management?

46. HOTSPOT

You company has a Microsoft 365 subscription that contains the domains shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

47. Your company has 20 employees. Each employee has a mailbox hosted in Outlook.com.

The company purchases a Microsoft 365 subscription.

You plan to migrate all the mailboxes to Microsoft 365.

You need to recommend which type of migration to use for the mailboxes.

What should you recommend?

48. Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant.

The on-premises network contains a file server named Server1. Server1 has a share named Share1 that contains company documents.

Your company purchases a Microsoft 365 subscription.

You plan to migrate data from Share1 to Microsoft 365. Only data that was created or modified during the last three months will be migrated.

You need to identify all the files in Share1 that were modified or created during the last 90 days.

What should you use?

49. Your company has two offices. The offices are located in Seattle and New York.

The company uses a third-party email system.

You implement Microsoft 365.

You move all the users in the Seattle office to Exchange Online. You configure Microsoft 365 to successfully receive all the email messages sent to the Seattle office users.

All the users in the New York office continue to use the third-party email system.

The users use the email domains shown in the following table.

You need to ensure that all the email messages sent to the New York office users are delivered successfully. The solution must ensure that all the email messages for the users in both offices are routed through Microsoft 365.

You create the required DNS records and Send connectors.

What should you do next from Microsoft 365?

50. HOTSPOT

Your company has a Microsoft 365 subscription that contains the following domains:

Contoso.onmicrosoft.com

Contoso.com

You plan to add the following domains to Microsoft 365 and to use them with Exchange Online:

- Sub1.contoso.onmicrosoft.com

- Sub2.contoso.com

- Fabrikam.com

You need to identify the minimum number of DNS records that must be added for Exchange Online to receive inbound email messages for the three domains.

How many DNS records should you add? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

51. SIMULATION

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn ’ t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

[email protected]

Microsoft 365 Password: 3&YWyjse-6-d

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 10887751

You plan to create 1,000 users in your Microsoft 365 subscription.

You need to ensure that all the users can use the @contoso.com suffix in their username.

Another administrator will perform the required information to your DNS zone to complete the operation.

52. SIMULATION

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn ’ t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

[email protected]

Microsoft 365 Password: oL9z0=?Nq@ox

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 11098651

You need to prevent users in your organization from receiving an email notification when they save a document that contains credit card numbers.

To answer the question, sign in to the Microsoft 365 portal.

53. You have a Microsoft 365 subscription.

You add a domain named contoso.com.

When you attempt to verify the domain, you are prompted to send a verification email to [email protected].

You need to change the email address used to verify the domain.

What should you do?

54. Your company uses email, calendar, contact, and task services in Microsoft Outlook.com.

You purchase a Microsoft 365 subscription and plan to migrate all users from Outlook.com to Microsoft 365.

You need to identify which user data can be migrated to Microsoft 365.

Which type of data should you identify?

55. SIMULATION

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn ’ t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username: [email protected]

Microsoft 365 Password: m3t^We$Z7&xy

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 11440873

You need to prevent all the users in your organization from sending an out of office reply to external users.

To answer, sign in to the Microsoft 365 portal.

56. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.

User2 fails to authenticate to Azure AD when signing in as [email protected].

You need to ensure that User2 can access the resources in Azure AD.

Solution: From the Azure Active Directory admin center, you add fabrikam.com as a custom domain. You instruct User2 to sign in as [email protected].

Does this meet the goal?

57. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.

User2 fails to authenticate to Azure AD when signing in as [email protected].

You need to ensure that User2 can access the resources in Azure AD.

Solution: From the on-premises Active Directory domain, you assign User2 the Allow logon locally user right. You instruct User2 to sign in as [email protected].

Does this meet the goal?

58. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.

User2 fails to authenticate to Azure AD when signing in as [email protected].

You need to ensure that User2 can access the resources in Azure AD.

Solution: From the on-premises Active Directory domain, you set the UPN suffix for User2 to @contoso.com. You instruct User2 to sign in as [email protected].

Does this meet the goal?

59. HOTSPOT

Your network contains an on-premises Active Directory forest named contoso.com.

The forest contains the following domains:

- Contoso.com

- East.contoso.com

The forest contains the users shown in the following table.

The forest syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

60. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.

User2 fails to authenticate to Azure AD when signing in as [email protected].

You need to ensure that User2 can access the resources in Azure AD.

Solution: From the Azure Active Directory admin center, you assign User2 the Security reader role. You instruct User2 to sign in as [email protected].

Does this meet the goal?

61. HOTSPOT

You have a Microsoft 365 E5 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.

The tenant contains a Microsoft SharePoint Online site named Site1 and the accounts shown in the following table.

You have an on-premises server named Server1 that contains a folder named Folder1.

Folder1 contains the files shown in the following table.

The User1, User2, and Group1 accounts have the security identifiers (SIDs) shown in the following table.

You use the SharePoint Migration Tool to migrate Folder1 to Site1. You preserve the file share permissions and use the following user mapping file.

S-1-5-21-4534338-1127018997-2609994386-1304, [email protected], FALSE

S-1-5-21-4534338-1127018997-2609994386-1228, [email protected], FALSE

S-1-5-21-4534338-1127018997-2609994386-1106, GroupA, TRUE

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

62. You have a DNS zone named contoso.com that contains the following records.

You purchase a Microsoft 365 subscription.

You plan to migrate mailboxes to Microsoft Exchange Online.

You need to configure Sender Policy Framework (SPF) to support Exchange Online.

What should you do?

63. Testlet 2

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case . However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.

The offices have the users and devices shown in the following table.

Contoso recently purchased a Microsoft 365 E5 subscription.

Existing Environment

The network contains an Active directory forest named contoso.com and a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You recently configured the forest to sync to the Azure AD tenant.

You add and then verify adatum.com as an additional domain name.

All servers run Windows Server 2016.

All desktop computers and laptops run Windows 10 Enterprise and are joined to contoso.com.

All the mobile devices in the Montreal and Seattle offices run Android. All the mobile devices in the New York office run iOS.

Contoso has the users shown in the following table.

Contoso has the groups shown in the following table.

Microsoft Office 365 licenses are assigned only to Group2.

The network also contains external users from a vendor company who have Microsoft accounts that use a suffix of @outlook.com.

Requirements

Planned Changes

Contoso plans to provide email addresses for all the users in the following domains:

- East.adatum.com

- Contoso.adatum.com

- Humongousinsurance.com

Technical Requirements

Contoso identifies the following technical requirements:

- All new users must be assigned Office 365 licenses automatically.

- The principle of least privilege must be used whenever possible.

Security Requirements

Contoso identifies the following security requirements:

- Vendors must be able to authenticate by using their Microsoft account when accessing Contoso resources.

- User2 must be able to view reports and schedule the email delivery of security and compliance reports.

- The members of Group1 must be required to answer a security question before changing their password.

- User3 must be able to manage Office 365 connectors.

- User4 must be able to reset User3 password.

You need to add the custom domain names to Office 365 to support the planned changes as quickly as possible.

What should you create to verify the domain names successfully?

64. - Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.

Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements

Fabrikam identifies the following technical requirements:

- All users must be able to exchange email messages successfully during Project1 by using their current email address.

- Users must be able to authenticate to cloud services if Active Directory becomes unavailable.

- A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.

- Microsoft Office 365 ProPlus applications must be installed from a network share only.

- Disruptions to email access must be minimized.

Application Requirements

Fabrikam identifies the following application requirements:

- An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.

- The installation of feature updates for Office 365 ProPlus must be minimized.

Security Requirements

Fabrikam identifies the following security requirements:

- After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.

- The memberships of UserLicenses must be validated monthly. Unused user accounts must be removed from the group automatically.

- After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.

- The principle of least privilege must be used.

DRAG DROP

You need to prepare the environment for Project1.

You create the Microsoft 365 tenant.

Which three actions should you perform in sequence next? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

65. You are evaluating the required processes for Project1.

You need to recommend which DNS record must be created before adding a domain name for the project.

Which DNS record should you recommend?

66. You are evaluating the required processes for Project1.

You need to recommend which DNS record must be created before adding a domain name for the project.

Which DNS record should you recommend?

67. Your network contains a single Active Directory domain and two Microsoft Azure Active Directory (Azure AD) tenants.

You plan to implement directory synchronization for both Azure AD tenants. Each tenant will contain some of the Active Directory users.

You need to recommend a solution for the planned directory synchronization.

What should you include in the recommendation?

68. HOTSPOT

Your company has a hybrid deployment of Microsoft 365.

An on-premises user named User1 is synced to Microsoft Azure Active Directory (Azure AD).

Azure AD Connect is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

69. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains a user named User1.

You suspect that an imposter is signing in to Azure AD by using the credentials of User1.

You need to ensure that an administrator named Admin1 can view all the sign in details of User1 from the past 24 hours.

To which three roles should you add Admin1? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

70. HOTSPOT

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains five domain controllers.

Your company purchases Microsoft 365 and creates a Microsoft Azure Directory (Azure AD) tenant named contoso.onmicrosoft,com.

You plan to establish federation authentication between on-premises Active Directory and the Azure AD tenant by using Active Directory Federation Services (AD FS).

You need to establish the federation.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

71. You have a Microsoft 365 subscription.

You plan to enable Microsoft Azure Information Protection.

You need to ensure that only the members of a group named PilotUsers can protect content.

What should you do?

72. Your company has a Microsoft 365 subscription.

You need to identify which users performed the following privileged administration tasks:

- Deleted a folder from the second-stage Recycle Bin if Microsoft SharePoint

- Opened a mailbox of which the user was not the owner

- Reset a user password

What should you use?

73. You have a Microsoft 365 subscription. You have a user named User1.

You need to ensure that User1 can place a hold on all mailbox content.

What permission should you assign to User1?

74. HOTSPOT

You have a new Microsoft 365 subscription.

A user named User1 has a mailbox in Microsoft Exchange Online.

You need to log any changes to the mailbox folder permissions of User1.

Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

75. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

You sign up for Microsoft Store for Business.

The tenant contains the users shown in the following table.

Microsoft Store for Business has the following Shopping behavior settings:

- Allow users to shop is set to On.

- Make everyone a Basic Purchaser is set to Off.

You need to identify which users can install apps from the Microsoft for Business private store.

Which users should you identify?

76. You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

In the tenant, you create a user named User1.

You need to ensure that User1 can publish retention labels from the Security & Compliance admin center.

The solution must use the principle of least privilege.

To which role group should you add User1?

77. HOTSPOT

You have a Microsoft 365 subscription.

You are configuring permissions for Security & Compliance.

You need to ensure that the users can perform the tasks shown in the following table.

The solution must use the principle of least privilege.

To which role should you assign each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

78. Your company has a Microsoft 365 E5 subscription.

Users in the research department work with sensitive data.

You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.

What should you do from the Security & Compliance admin center?

79. HOTSPOT

You have a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

Your company uses Windows Defender Advanced Threat Protection (ATP).

Windows Defender ATP contains the roles shown in the following table.

Windows Defender ATP contains the device groups shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

80. A user receives the following message when attempting to sign in to https://myapps.microsoft.com:

"Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location, device, or app. Before you can continue, we need to verify your identity. Please contact your admin."

Which configuration prevents the users from signing in?


 

New Microsoft 365 Messaging MS-203 Exam Dumps
Updated AZ-400 Dumps V15.02 For Microsoft Azure DevOps Solutions Exam

Add a Comment

Your email address will not be published. Required fields are marked *