Skip Navigation Links
 

Microsoft - MS-100: Microsoft 365 Identity and Services

Sample Questions

Question: 383
Measured Skill: Manage Access and Authentication (20-25%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to configure Microsoft Teams to support the technical requirements for collaborating with A. Datum.

What should you configure in the Microsoft Teams admin center?

AMeeting policies
B Messaging policies
C Guest access
D External access

Correct answer: C

Explanation:

The case study contains only the following information regarding the cooperation between Litware and A. Datum.

Litware collaborates with a third-party company named A. Datum Corporation.

When you need to communicate and collaborate with people outside your organization, Microsoft Teams has two options:

  • External access - A type of federation that allows users to find, call, and chat with people in other organizations. These people cannot be added to a team unless they are invited as guests.
  • Guest access - Guest access allows you to invite people from outside your organization to join a team. Invited people get a guest account in Azure Active Directory.

Note that Teams allows you to invite people outside your organization to meetings. This does not require external or guest access to be configured.

Reference: Use guest access and external access to collaborate with people outside your organization



Question: 384
Measured Skill: Plan Office 365 Workloads and Applications (10-15%)

You have Windows 10 devices that are managed by using Microsoft Endpoint Manager as shown in the following exhibit.



You create a Microsoft 365 Apps app as shown in the following exhibit. You assign the app to Group1.



On which devices will Microsoft 365 Apps be installed?

ADevice1, Device2, and Device4 only
B Device1, Device2, Device3, and Device4
C Device2 and Device4 only
D Device1 and Device2 only
E Device2 only

Correct answer: C

Explanation:

The 32-bit version of Microsoft 365 Apps can basically be installed on all four devices.

If there are .msi Office apps on the end-user device, you must use the Remove MSI feature to safely uninstall these apps. Otherwise, the Intune delivered Microsoft 365 apps will fail to install. Click-to-run and .msi versions of Microsoft Office cannot coexist on the same device.

Because the Microsoft 365 Apps app is configured not to remove other versions that already exist, Microsoft 365 Apps cannot be installed on Device1 and Device3.

Reference: Add Microsoft 365 apps to Windows 10/11 devices with Microsoft Intune



Question: 385
Measured Skill: Manage Access and Authentication (20-25%)

Your network contains an on-premises Active Directory domain named contoso.com.

For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.

You plan to sync contoso.com to an Azure Active Directory (Azure AD) tenant.

You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.

What should you include in the recommendation?

APassword hash synchronization
B Conditional access policies
C Pass-through authentication
D Azure AD Identity Protection policies

Correct answer: C

Explanation:

Azure Active Directory (Azure AD) does not support logon hour restrictions configured in Active Directory. To support logon hours, we need to choose an authentication method that uses the on-premises Active Directory for authentication. For this purpose we can choose either pass-through authentication or federated authentication.



Question: 386
Measured Skill: Plan Office 365 Workloads and Applications (10-15%)

You have a Microsoft 365 tenant that contains the users shown in the following table.



Microsoft Exchange Online has the mail flow rules shown in the following table.



Rule1 has the following settings:
  • Apply this rule if: The sender is 'user1@contoso.com'
  • Do the following: Redirect the message to 'user2@contoso.com'
  • Choose a mode for this rule: Enforce
  • Stop processing more rules: Disabled
Rule2 has the following settings:
  • Apply this rule if: The recipient is 'user2@contoso.com'
  • Do the following: Append the disclaimer 'Disclaimer1 message'; and fall back to action Ignore if the disclaimer can’t be inserted
  • Choose a mode for this rule: Enforce
  • Stop processing more rules: Enabled
Rule3 has the following settings:
  • Apply this rule if: The recipient is 'user2@contoso.com'
  • Do the following: Append the disclaimer 'Disclaimer2 message'; and fall back to action Ignore if the disclaimer can’t be inserted
  • Choose a mode for this rule: Enforce
  • Stop processing more rules: Disabled
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(Note: Each correct selection is worth one point.)

www.cert2brain.com

AIf User1 sends an email to User3, User3 receives the email: Yes
If User2 sends an email, a disclaimer is added to the email: Yes
If an email is sent to User2, two disclaimers are added to the email: Yes
B If User1 sends an email to User3, User3 receives the email: Yes
If User2 sends an email, a disclaimer is added to the email: Yes
If an email is sent to User2, two disclaimers are added to the email: No
C If User1 sends an email to User3, User3 receives the email: Yes
If User2 sends an email, a disclaimer is added to the email: No
If an email is sent to User2, two disclaimers are added to the email: Yes
D If User1 sends an email to User3, User3 receives the email: No
If User2 sends an email, a disclaimer is added to the email: Yes
If an email is sent to User2, two disclaimers are added to the email: Yes
E If User1 sends an email to User3, User3 receives the email: No
If User2 sends an email, a disclaimer is added to the email: No
If an email is sent to User2, two disclaimers are added to the email: Yes
F If User1 sends an email to User3, User3 receives the email: No
If User2 sends an email, a disclaimer is added to the email: No
If an email is sent to User2, two disclaimers are added to the email: No

Correct answer: F

Explanation:

If User1 sends an email to User3, Rule1 applies. Rule1 will redirect the email to User2. User3 will not receive the email.

If User2 sends an email, none of the rules apply. No disclaimer is added.

If an email is sent to User2, first Rule2 applies. Rule3 will not be applied, because Rule2 has the Stop processing more rules option enabled.



Question: 387
Measured Skill: Manage User Identity and Roles (35-40%)

You have a hybrid deployment of Azure Active Directory (Azure AD) that contains the users shown in the following table.



You need to identify which users can perform the following tasks:
  • View sync errors in Azure AD Connect Health.
  • Configure Azure AD Connect Health settings.
Which user should you identify for each task?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AView sync errors in Azure AD Connect Health: User1
Configure Azure AD Connect Health settings: User1
B View sync errors in Azure AD Connect Health: User1
Configure Azure AD Connect Health settings: User2
C View sync errors in Azure AD Connect Health: User2
Configure Azure AD Connect Health settings: User2
D View sync errors in Azure AD Connect Health: User2
Configure Azure AD Connect Health settings: User1
E View sync errors in Azure AD Connect Health: User3
Configure Azure AD Connect Health settings: User3
F View sync errors in Azure AD Connect Health: User1
Configure Azure AD Connect Health settings: User3

Correct answer: C

Explanation:

The Azure AD Connect Health Alerts for sync section provides you the list of active alerts. Each alert includes relevant information, resolution steps, and links to related documentation. By selecting an active or resolved alert you will see a new blade with additional information, as well as steps you can take to resolve the alert, and links to additional documentation. You can also view historical data on alerts that were resolved in the past.

To access this feature, Global Admin permission, or Service Support Administrator permission from Azure RBAC, is required.

Note: The Azure AD Connect sync account is used to run the synchronization service and access the SQL database. This account does not necessarily have permissions in Azure AD.

References:

Monitor Azure AD Connect sync with Azure AD Connect Health

Service Support Administrator

Azure AD Connect: Accounts and permissions





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2022 by cert2brain.com