Updated MS-100 Practice Test DumpsBase – Choose MS-100 Dumps V18.02 To Prepare Well

1. Topic 1, Contoso, Ltd

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answer and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview

Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.

The offices have the users and devices shown in the following table.

Contoso recently purchased a Microsoft 365 E5 subscription.

Existing Environment

The network contains an Active directory forest named contoso.com and a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You recently configured the forest to sync to the Azure AD tenant.

You add and then verify adatum.com as an additional domain name.

All servers run Windows Server 2016.

All desktop computers and laptops run Windows 10 Enterprise and are joined to contoso.com.

All the mobile devices in the Montreal and Seattle offices run Android. All the mobile devices in the New York office run iOS.

Contoso has the users shown in the following table.

Contoso has the groups shown in the following table.

Microsoft Office 365 licenses are assigned only to Group2.

The network also contains external users from a vendor company who have Microsoft accounts that use a suffix of @outlook.com.

Requirements

Planned Changes

Contoso plans to provide email addresses for all the users in the following domains:

✑ East.adatum.com

✑ Contoso.adatum.com

✑ Humongousinsurance.com

Technical Requirements

Contoso identifies the following technical requirements:

✑ All new users must be assigned Office 365 licenses automatically.

✑ The principle of least privilege must be used whenever possible.

Security Requirements

Contoso identifies the following security requirements:

✑ Vendors must be able to authenticate by using their Microsoft account when accessing Contoso resources.

✑ User2 must be able to view reports and schedule the email delivery of security and compliance reports.

✑ The members of Group1 must be required to answer a security question before changing their password.

✑ User3 must be able to manage Office 365 connectors.

✑ User4 must be able to reset User3 password.

You need to meet the security requirement for Group1.

What should you do?

2. HOTSPOT

You need to meet the security requirements for User3. The solution must meet the technical requirements.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

3. You need to meet the security requirement for the vendors.

What should you do?

4. You need to assign User2 the required roles to meet the security requirements and the technical requirements.

To which two roles should you assign User2? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

5. You need to meet the security requirement for the vendors.

What should you do?

6. To which Azure AD role should you add User4 to meet the security requirement?

7. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As m result, these questions will not appear in the review screen.

You need to assign User2 the required roles to meet the security requirement.

Solution: From the Office 36S admin center, you assign User2 the Records Management role. From the Exchange 3dmm center, you assign User2 the Help Desk role.

Does that meet the goal?

8. HOTSPOT

You need to meet the technical requirements for the user licenses.

Which two properties should you configure for each user? To answer, select the appropriate properties in the answer area. NOTE: Each correct selection is worth one point.

9. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to assign User2 the required roles to meet the security requirements.

Solution: From the Office 365 admin center, you assign User2 the Security Reader role.

From the Exchange admin center, you assign User2 the Compliance Management role.

Does this meet the goal?

10. Note This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Somequestion sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to assign User2 the required roles to meet the security requirements.

Solution: From the Office 365 admin center, you assign User2 the Security Administrator role. From the Exchange admin center, you add User2 to the View-Only Management role.

Does this meet the goal?

11. You need to Add the custom domain name* to Office 36S K> support the planned changes as quickly as possible.

What should you create to verify the domain names successfully?

12. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to assign User2 the required roles to meet the security requirements.

Solution: From the Office 365 admin center, you assign User2 the Security Reader role.

From the Exchange admin center, you assign User2 the Help Desk role.

Does this meet the goal?

13. Topic 2, Fabrikam, Inc

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answer and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview

Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.

Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment

Active Directory Environment

The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication.

Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.

All users authenticate to on-premises applications by signing in to their device by using a UPN format of [email protected].

Fabrikam does NOT plan to implement identity federation.

Network Infrastructure

Each office has a high-speed connection to the Internet.

Each office contains two domain controllers. All domain controllers are configured as a DNS server.

The public zone for fabrikam.com is managed by an external DNS server.

All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.

All shared company documents are stored on a Microsoft SharePoint Server farm.

Requirements

Planned Changes

Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.

Fabrikam plans to implement two pilot projects:

✑ Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.

✑ Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.

Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements

Fabrikam identifies the following technical requirements:

✑ All users must be able to exchange email messages successfully during Project1 by using their current email address.

✑ Users must be able to authenticate to cloud services if Active Directory becomes unavailable.

✑ A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.

✑ Microsoft Office 365 ProPlus applications must be installed from a network share only.

✑ Disruptions to email address must be minimized.

Application Requirements

Fabrikam identifies the following application requirements:

✑ An on-premises web application named App1 must allow users to complete their expense reports online.

✑ The installation of feature updates for Office 365 ProPlus must be minimized.

Security Requirements

Fabrikam identifies the following security requirements:

✑ After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.

✑ The memberships of UserLicenses must be validated monthly. Unused user accounts must be removed from the group automatically.

✑ After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.

✑ The principle of least privilege must be used.

HOTSPOT

You create the Microsoft 365 tenant.

You implement Azure AD Connect as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

14. Which migration solution should you recommend for Project1?

15. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest.

You deploy Microsoft 365.

You plan to implement directory synchronization.

You need to recommend a security solution for the synchronized identities.

The solution must meet the following requirements:

* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.

* User passwords must be 10 characters or more.

Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.

Does this meet the goal?

16. Which migration solution should you recommend for Project1?

17. DRAG DROP

You need to prepare the environment for Project1.

You create the Microsoft 365 tenant.

Which three actions should you perform in sequence next? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

18. HOTSPOT

You need to create the UserLicenses group. The solution must meet the security requirements.

Which group type and control method should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

19. You are evaluating the required processes for Project1.

You need to recommend which DNS record must be created before you begin the project.

Which DNS record should you recommend?

20. You need to meet the application requirement for App1.

Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

21. You need to recommend which DNS record must be created before adding a domain name for the project.

You need to recommend which DNS record must be created before you begin the project.

Which DNS record should you recommend?

22. Which migration solution should you recommend for Project1?

23. Which role should you assign to User1?

24. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You use Monitoring and reports from the Compliance admin center.

Does this meet the goal?

25. HOTSPOT

You need to meet the application requirements for the Office 365 ProPlus applications.

You create an XML files that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

26. You need to ensure that all the sales department users can authenticate successfullyduring Project1and Project2.

Which authentication strategy should you implement for the pilot projects?

27. Topic 3, Litware inc

Case study

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.

Overview

General Overview

Litware, Inc. is a consulting company that has a main office in Montreal and a branch office in Seattle.

Litware collaborates with a third-party company named ADatum Corporation.

Environment

On-Premises Environment

The network of Litware contains an Active Directory domain named litware.com.

The domain contains three organizational units (OUs) named LitwareAdmins, Montreal Users, and Seattle Users and the users shown in the following table.

The domain contains 2,000 Windows 10 Pro devices and 100 servers that run Windows Server 2019.

Cloud environment

Litware has a pilot Microsoft 365 subscription that includes Microsoft Office 365 Enterprise E3 licenses and Azure Active Directory Premium Plan 2 licenses.

The subscription contains a verified DNS domain named litware.com.

Azure AD Connect is installed and has the following configurations:

✑ Password hash synchronization is enabled.

✑ Synchronization is enabled for the LitwareAdmins OU only.

Users are assigned the roles shown in the following table.

Self-service password reset (SSPR) is enabled.

The Azure Active Directory (Azure AD) tenant has Security defaults enabled.

Requirements

Planned Changes

Litware identifies the following issues:

✑ Admin1 cannot create conditional access policies.

✑ Admin4 receives an error when attempting to use SSPR.

✑ Users access new Office 365 service and feature updates before the updates are reviewed by Admin2.

Technical Requirements

Litware plans to implement the following changes:

✑ Implement Microsoft Intune.

✑ Implement Microsoft Teams.

✑ Implement Microsoft Defender for Office 365.

✑ Ensure that users can install Office 365 apps on their device.

✑ Convert all the Windows 10 Pro devices to Windows 10 Enterprise E5.

✑ Configure Azure AD Connect to sync the Montreal Users OU and the Seattle Users OU.

HOTSPOT

You need to ensure that Admin4 can use SSPR.

Which tool should you use, and which action should you perform? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

28. HOTSPOT

You need to configure the Office 365 service status notifications and limit access to the service and feature updates. The solution must meet the technical requirements.

What should you configure in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

29. HOTSPOT

You are evaluating the use of multi-factor authentication (MFA).

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

30. You need to configure Microsoft Teams to support the technical requirements tor collaborating with

A. Datum What should you configure in the Microsoft Teams admin center?

A. meeting policies

B. external access

C. guest access

D. messaging policies

31. You need to ensure that Litware has the appropriate licence to support the planned changes. The solution must minimize costs.

Which license type should you use?

32. You need to configure Azure AD Connect to support the planned changes for the Montreal Users and Seattle Use's OUs.

What should you do?

33. HOTSPOT

You need to ensure that the Microsoft 365 incidents and advisories are reviewed monthly.

Which users can review the incidents and advisories, and which blade should the users use? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one pant

34. You need to configure just in time access to meet the technical requirements.

What should you use?

35. Topic 4, NEW Case Study

Case Study

Overview

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the question. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, n...... that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to ret........ to the question.

Existing Environment

Microsoft 365

Contoso identifies the following business goals:

* Utilize core functionality of apps whenever possible.

* Reduce app development costs.

* Minimize training costs for end users.

Microsoft SharePoint/Microsoft Exchange

Contoso has a Microsoft 365 subscription that uses a domain named contoso.com. Each user is assigned a Microsoft 365 Enterprise E5 licence.

Problem Statement

Contoso moves all email accounts to Microsoft 365.

Contoso migrates the SharePoint Server 2013 intranet sites of the research department to SharePoint Online.

Requirements

Business Goals

Contoso identifies the following issues:

* Users in the sales department report that prepanng quotations is time-consuming as it requires manually copying and pasting data from multiple sources.

* Users in the HR department must use multiple apps to manage the hiring process.

* The solution to claim expenses requires multiple manual steps.

Planned Changes

Contoso identifies the following business goals:

* Utilize core functionality of apps whenever possible.

* Reduce app development costs.

* Minimize training costs for end users.

Technical Requirements

Contoso plans to implement the following changes;

* Redesign the SharePoint Online sites of the research department to provide users with an expenence that is consistent with the Microsoft 365 portal. The research department has a third-party project management solution that uses the Microsoft identity platform in Azure AD.

* Create an email workflow solution for expense claims. Users will submit their expense claims and the system will email an approval request to their manager.

* Implement a bring your own device (BYOD) model that supports Windows 10, macOS, and Android devices.

* Develop a custom Microsoft 365 app named SalesApp for the sales department.

* Develop a custom Microsoft 365 app named HRApp for the HR department

Security Requirement

Contoso identifies the following technical requirements for app development:

* The expense claims solution must provide managers with claim information and the ability to manage the claim by using Microsoft Outlook. Outlook on the web, or Outlook for iOS and Android.

* HRApp must include a bot named HRBot that will answer HR questions. Users must be able to access the bot by ©mentioning HRBot in a Microsoft Teams channel or private chat.

* HRApp must enable users to query a third-party HR system by using a tab from within a Microsoft Teams channel.

* HRApp must include a messaging extension that enables users to search jobs by job title or job ID.

* SalesApp must be integrated with Microsoft Word and must combine images and text from multiple sources to create a quotation as a DOCX file.

* The distribution of SalesApp must be automatic and require minimal user interaction.

* Solutions for SharePoint Online and Microsoft Office must follow the current Office user interface (Ul) design.

* Development tools and solutions must support Windows and non-Windows devices.

* Development effort must be minimized.

HRApp Manifest

All solutions must support the Microsoft identity platform in Azure AD.

Intranet components must not share access tokens.

You need to recommend which API object the SharePoint Framework (SPFx) intranet components will use to access the research department s project management solution.

What should you recommend?

36. You need to recommend a model for the expense claims solution.

What should you recommend?

37. You need to provide users with access to SalesApp. The solution must meet the technical requirements.

What should you include in the solution?

38. HOTSPOT

You need to recommend the development environment and tools for the development of SalesApp.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

39. HOTSPOT

You need to recommend the development environment and tools for the redesign of the research department’s SharePoint Online sites.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

40. DRAG DROP

You need to configure HRApp to enable users to search for specific jobs by using chat in Microsoft Teams.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

41. HOTSPOT

You need to modify the HRApp manifest to provide a tab that supports querying the third-party HR system.

Which section of the manifest should you modify, and which value should you set as thescope? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

42. You need to recommend which type of Office Add-in must be used for SalesApp.

What should you recommend?

43. You need to ensure that users can initiate private conversations with HRBot. The solution must meet the technical requirements for HRApp.

How should you configure the HRApp manifest?

44. Topic 5, Misc. Questions

HOTSPOT

You have a Microsoft 365 subscription that contains the users shown in the following table.

The subscription contains the groups shown in the following table.

You deploy an app as shown in the following exhibit

For each of the following statements, select Yes if the statement is true. Otherwise select No.

45. You have a Microsoft 365 subscription.

All users have their email stored in Microsoft Exchange Online

In the mailbox of a user named User, you need to preserve a copy of all the email messages that contain the word ProjectX.

What should you do first?

46. CORRECT TEXT

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earncredit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

[email protected]

Microsoft 365 Password: 3&YWyjse-6-d

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 10887751

You plan to provide an external user named [email protected] with access to several resources in your Microsoft 365 tenant.

You need to ensure that the external user can be added to Office 365 groups.

47. HOTSPOT

You need to develop a leave request app that will use Microsoft Outlook and adaptive cards. The leave requests of an employee will be sent as an actionable message to the employee’s managers. When one of the managers performs an action on the actionable message, the other managers must see only the updated message and the action performed by the manager.

How should you complete the adaptive card JSON? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

48. You plan to develop a diem-side JavaScript web app that will be registered to the Microsoft identity platform and use Microsoft Authentication Library (MSAL) v2.0.

Which type of authorization flow should you use?

49. You have a DNS zone named contoso.com that contains the following records.

You purchase a Microsoft 365 subscription.

You plan to migrate mailboxes to Microsoft Exchange Online.

You need to configure Sender Policy Framework (SPF) to support Exchange Online.

What should you do?

50. You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

An external user has a Microsoft account that uses an email address of [email protected].

An administrator named Admin1 attempts to create a user account for the external user and receives the error message shown in the following exhibit.

You need to ensure that Admin1 can add the user.

What should you do from the Azure Active Directory admin center?

51. You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.

You plan to provide access to an on-premises app named App1 by using Azure AD Application Proxy. App1 will be managed by User4.

You need to identify which user can install the Application Proxy connector.

Which user should you identify?

52. HOTSPOT

You have a Microsoft 365 Enterprise E5 subscription.

You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.

You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.

Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.

53. CORRECT TEXT

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:

[email protected]

Microsoft 365 Password: 3&YWyjse-6-d

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 10887751

A user named Johanna Lorenz recently left the company. A new employee named Ben Smith will handle the tasks of Johanna Lorenz.

You need to create a user named Ben Smith. Ben Smith must be able to sign in to http://myapps.microsoft.com and open Microsoft Word Online.

54. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a hybrid deployment of Microsoft 365 that contains the objects shown in the following table.

Azure AD Connect has the following settings:

✑ Password Hash Sync: Enabled

✑ Password writeback: Enabled

✑ Group writeback: Enabled

You need to add User2 to Group 2.

Solution: You use the Azure Active Directory admin center.

Does this meet the goal?

55. You have a Microsoft 365 tenant that contains a Microsoft Power Platform environment.

You need to ensure that only specific users can create new environments.

What should you do in the Power Platform admin center?

56. HOTSPOT

You have a Microsoft 365 tenant that contains 300 users.

The users have Domestic and International Calling Plan licenses.

What is the maximum user phone numbers and toll-free service phone numbers can you acquire? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

57. HOTSPOT

You have a Microsoft 365 subscription.

You have a group named Support. Users in the Support group frequently send email messages to external users.

The manager of the Support group wants to randomly review messages that contain attachments.

You need to provide the manager with the ability to review messages that contain attachments sent from the Support group users to external users. The manager must have access to only 10 percent of the messages.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

58. You have an on-premises Microsoft Exchange Server organization that contains 500 mailboxes and a third-party email archive solution.

You have a Microsoft 365 tenant that contains a user named User1.

You plan to use the User1 account to perform a PST import of the archive mailboxes to the tenant.

Which two roles does User1 require to perform the import? The solution must use the principle of least privilege. Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

59. Your network contains an Active Directory domain named contoso.com.

All users authenticate by using a third-party authentication solution.

You purchase Microsoft 365 and plan to implement several Microsoft 365 services.

You need to recommend an identity strategy that meets the following requirements:

✑ Provides seamless SSO

✑ Minimizes the number of additional servers required to support the solution

✑ Stores the passwords of all the users in Microsoft Azure Active Directory (Azure AD)

✑ Ensures that all the users authenticate to Microsoft 365 by using their on-premises user account

You are evaluating the implementation of federation.

Which two requirements are met by using federation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

60. You have a Microsoft 365 subscription.

You need to be notified to your personal email address when a Microsoft Exchange Online service issue occurs.

What should you do?

61. Your company has on-premises servers and a Microsoft Azure Active Directory (Azure AD) tenant.

Several months ago, the Azure AD Connect Health agent was installed on all the servers.

You review the health status of all the servers regularly.

Recently, you attempted to view the health status of a server named Server1 and

discovered that the server is NOT listed on the Azure Active Directory Connect Servers list.

You suspect that another administrator removed Server1 from the list.

You need to ensure that you can view the health status of Server1.

What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

62. HOTSPOT

You have a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

You enable self-service password reset for all users. You set Number of methods required to reset to 1, and you set Methods available to users to Security questions only.

What information must be configured for each user before the user can perform a self-service password reset? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

63. You publish an enterprise application named App1 that process financial data.

You need to ensure that access to App1 is revoked for users who no longer require view the processed financial data.

What should you configure?

64. You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenantnamed contoso.com.

In the tenant, you create a user named User1.

You need to ensure that User1 can publish retention labels from the Security & Compliance admin center. The solution must use the principle of least privilege.

To which role group should you add User1?

65. HOTSPOT

Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

66. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.

Your network contains an on-premises Active Directory domain named contoso.com.

The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

User2 fails to authenticate to Azure AD when signing in as [email protected].

You need to ensure that User2 can access the resources in Azure AD.

Solution: From the on-premises Active Directory domain, you set the UPN suffix for User2 to @contoso.com. You instruct User2 to sign in as [email protected].

Does this meet the goal?

67. HOTSPOT

Your network contains an Active Directory domain and a Microsoft Azure Active Directory (Azure AD) tenant.

You implement directory synchronization for all 10.000 users in the organization.

You automate the creation of 100 new user accounts.

You need to ensure that the new user accounts synchronize to Azure AD as quickly as possible

Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct select ion is worth one point.

68. You have a Microsoft 365 subscription.

You register two applications named App1 and App2 to Azure Active Directory (Azure AD).

You need to ensure that users who connect to App1 require multi-factor authentication (MFA). MFA is required only for App1.

What should you do?

69. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest.

You deploy Microsoft 365.

You plan to implement directory synchronization.

You need to recommend a security solution for the synchronized identities.

The solution must meet the following requirements:

✑ Users must be able to authenticate successfully to Microsoft 365 services if Active

Directory becomes unavailable.

✑ Users passwords must be 10 characters or more.

Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant.

Does this meet the goal?

70. Your network contains an Active Directory domain and a Microsoft Azure Active Directory (Azure AD) tenant.

The network uses a firewall that contains a list of allowed outbound domains.

You began to implement directory synchronization.

You discover that the firewall configuration contains only the following domain names in the list of allowed domains:

• *.microsof.com

• *.office.com

Directory synchronization fails.

You need to ensure that directory synchronization completes successfully.

What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

71. Your network contains an Active Directory domain named contoso.com.

You have a Microsoft 365 subscription.

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You implement directory synchronization.

The developers at your company plan to build an app named App1. App1 will connect to the Microsoft GraphAPI to provide access to several Microsoft Office 365 services.

You need to provide the URI for the authorization endpoint that App1 must use.

What should you provide?

72. HOTSPOT

You have a Microsoft 365 subscription.

You create an alert policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information in the graphic. NOTE: Each correct selection is worth one point.

73. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.

You have a Microsoft 365 subscription.

You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users areconnected to your on-premises network.

Solution: From the Device Management admin center, you a trusted location and compliance policy.

Does this meet the goal?

74. HOTSPOT

You have a Microsoft 365 subscription.

You use the Microsoft Office Deployment tool to install Office 365 ProPlus.

You create a configuration file that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

75. HOTSPOT

You are developing an interactive invoicing application mat will be used by end users.

The application will have the following features:

• Save invoices generated by a user to the user s OneDrive for Business.

• Email daily automated reminders.

You need to identify which permissions to grant for the application features. The solution must use the principle of least privilege.

Which permission type should you grant for each feature? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

76. Your on-premises network contains an Active Directory domain.

You have a Microsoft 365 E5 subscription.

You plan to implement a hybrid configuration that has the following requirements:

• Minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources

• Supports the use of Azure Active Directory (Azure AD) Identity Protection

You need to configure Azure AD Connect to support the planned implementation.

Which two options should you select? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

77. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

Group2 is a member of Group1.

You assign a Microsoft Office 365 Enterprise E3 license to Group1.

You need to identity how many Office 365 E3 licenses are assigned.

What should you identify?

78. You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant namedcontoso.com.

Corporate policy states that user passwords must not include the word Contoso.

What should you do to implement the corporate policy?

79. You have a hybrid deployment of Microsoft 365 and an Azure Active Directory (Azure AD) tenant.

The tenant contains the users shown in the following table.

Password protection in Azure AD is configured as shown in the following exhibit.

Which users will be prevented from using the word “Contoso” as part of their password?

80. You have a Microsoft 365 E5 subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com.

You purchase 100 Microsoft 365 Business Voice add-on licenses.

You need to ensure that the members of a group named Voice are assigned a Microsoft 365 Business Voice add-on license automatically.

What should you do?