Practice Test Free
  • QUESTIONS
  • COURSES
    • CCNA
    • Cisco Enterprise Core
    • VMware vSphere: Install, Configure, Manage
  • CERTIFICATES
No Result
View All Result
  • Login
  • Register
Quesions Library
  • Cisco
    • 200-301
    • 200-901
      • Multiple Choice
      • Drag Drop
    • 350-401
      • Multiple Choice
      • Drag Drop
    • 350-701
    • 300-410
      • Multiple Choice
      • Drag Drop
    • 300-415
      • Multiple Choice
      • Drag Drop
    • 300-425
    • Others
  • AWS
    • CLF-C02
    • SAA-C03
    • SAP-C02
    • ANS-C01
    • Others
  • Microsoft
    • AZ-104
    • AZ-204
    • AZ-305
    • AZ-900
    • AI-900
    • SC-900
    • Others
  • CompTIA
    • SY0-601
    • N10-008
    • 220-1101
    • 220-1102
    • Others
  • Google
    • Associate Cloud Engineer
    • Professional Cloud Architect
    • Professional Cloud DevOps Engineer
    • Others
  • ISACA
    • CISM
    • CRIS
    • Others
  • LPI
    • 101-500
    • 102-500
    • 201-450
    • 202-450
  • Fortinet
    • NSE4_FGT-7.2
  • VMware
  • >>
    • Juniper
    • EC-Council
      • 312-50v12
    • ISC
      • CISSP
    • PMI
      • PMP
    • Palo Alto Networks
    • RedHat
    • Oracle
    • GIAC
    • F5
    • ITILF
    • Salesforce
Contribute
Practice Test Free
  • QUESTIONS
  • COURSES
    • CCNA
    • Cisco Enterprise Core
    • VMware vSphere: Install, Configure, Manage
  • CERTIFICATES
No Result
View All Result
Practice Test Free
No Result
View All Result
Home Practice Test Free

MS-100 Practice Test Free

Table of Contents

Toggle
  • MS-100 Practice Test Free – 50 Real Exam Questions to Boost Your Confidence
  • Free Access Full MS-100 Practice Test Free Questions

MS-100 Practice Test Free – 50 Real Exam Questions to Boost Your Confidence

Preparing for the MS-100 exam? Start with our MS-100 Practice Test Free – a set of 50 high-quality, exam-style questions crafted to help you assess your knowledge and improve your chances of passing on the first try.

Taking a MS-100 practice test free is one of the smartest ways to:

  • Get familiar with the real exam format and question types
  • Evaluate your strengths and spot knowledge gaps
  • Gain the confidence you need to succeed on exam day

Below, you will find 50 free MS-100 practice questions to help you prepare for the exam. These questions are designed to reflect the real exam structure and difficulty level. You can click on each Question to explore the details.

Question 1

HOTSPOT
-
You have a Microsoft 365 E5 subscription.
You create a Conditional Access policy named Policy1 and assign Policy1 to all users.
You need to configure Policy 1 to enforce multi-factor authentication (MFA) if the user risk level is high.
Which two settings should you configure in Policy1? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
 Image

 









Suggested Answer:

Correct Answer Image


 








Question 2




You have a Microsoft 365 E5 subscription.
All users are assigned a license to Microsoft 365 Apps for enterprise.
The users report that they do not have the option to install Microsoft 365 apps on their device as shown in the following exhibit.
 Image
You need to ensure that the users can install Microsoft 365 apps from the Office 365 portal.
What should you do?


A. From the Microsoft 365 admin center, modify the user license settings.


B. From the Microsoft Endpoint Manager admin center, create a Microsoft 365 Apps app and assign the app to the devices.


C. From the Microsoft Endpoint Manager admin center, create a Microsoft 365 Apps app and assign the app to the users.


D. From the Microsoft 365 admin center, modify the Services settings.


 










Suggested Answer: D


 








Question 3




DRAG DROP -
You have several Microsoft SharePoint document libraries in your on-premises environment.
You have a Microsoft 365 tenant that has directory synchronization implemented.
You plan to move all the document libraries to SharePoint Online.
You need to recommend a migration strategy for the document libraries.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
 Image


 










Suggested Answer:

Correct Answer Image


The SharePoint Migration Tool lets you migrate content to SharePoint Online and OneDrive from the following locations:

SharePoint Server 2013 –

Reference Image

✑ SharePoint Server 2010

✑ Network and local file shares

The first step is to create new SharePoint sites in SharePoint online. These sites will host the document libraries which will host the migrated content.

The second step is to create the document libraries in the SharePoint sites to host the migrated content.

The final step is to use the SharePoint Migration Tool to migrate the content.

Reference: alt=”Reference Image” />

✑ SharePoint Server 2010

✑ Network and local file shares

The first step is to create new SharePoint sites in SharePoint online. These sites will host the document libraries which will host the migrated content.

The second step is to create the document libraries in the SharePoint sites to host the migrated content.

The final step is to use the SharePoint Migration Tool to migrate the content.

Reference:

https://docs.microsoft.com/en-us/sharepointmigration/how-to-use-the-sharepoint-migration-tool








Question 4




You plan to deploy Microsoft Teams to 2,500 users.
You need to estimate the internet bandwidth required for the deployment.
What should you use?


A. Advisor for Teams


B. Network planner


C. Skype for Business Server Remote Connectivity Test


D. Microsoft Remote Connectivity Analyzer


 










Suggested Answer: B


Reference:

https://docs.microsoft.com/en-us/microsoftteams/network-planner








Question 5




Your on-premises network contains an Active Directory domain.
You have a Microsoft 365 subscription.
You need to sync the domain with the subscription. The solution must meet the following requirements:
•	On-premises Active Directory password complexity policies must be enforced.
•	Users must be able to use self-service password reset (SSPR) in Azure AD.
What should you use?


A. Azure AD Seamless Single Sign-On (Azure AD Seamless SSO)


B. pass-through authentication


C. password hash synchronization


D. Azure AD Identity Protection


 










Suggested Answer: B


 








Question 6




HOTSPOT -
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You have three applications App1, App2, App3. The Apps use files that have the same file extensions.
Your company uses Windows Information Protection (WIP). WIP has the following configurations:
✑ Windows Information Protection mode: Silent
✑ Protected apps: App1
✑ Exempt apps: App2
From App1, you create a file named File1.
What is the effect of the configurations? To answer, select the appropriate options in the answer area.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Exempt apps: These apps are exempt from this policy and can access corporate data without restrictions.

Windows Information Protection mode: Silent: WIP runs silently, logging inappropriate data sharing, without stopping anything that would’ve been prompted for employee interaction while in Allow overrides mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still stopped.

Reference:

https://docs.microsoft.com/en-us/intune/apps/windows-information-protection-policy-create

https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure








Question 7




Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices.
You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States.
You plan to onboard all the devices to Windows Defender ATP data in Europe.
What should you do first?


A. Create a workspace


B. Offboard the test devices


C. Delete the workspace


D. Onboard a new device


 










Suggested Answer: B


When onboarding Windows Defender ATP for the first time, you can choose to store your data in Microsoft Azure datacenters in the European Union, the United

Kingdom, or the United States. Once configured, you cannot change the location where your data is stored.

The only way to change the location is to offboard the test devices then onboard them again with the new location.

Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy#do-i-have-the-flexibility-to-select-where-to-store-

my-data








Question 8




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has 3,000 users. All the users are assigned Microsoft 365 E3 licenses.
Some users are assigned licenses for all Microsoft 365 services. Other users are assigned licenses for only certain Microsoft 365 services.
You need to determine whether a user named User1 is licensed for Exchange Online only.
Solution: You run the Get-MsolUser cmdlet.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: B


The Get-MsolUser cmdlet will tell you if a user is licensed for Microsoft 365 but it does not tell you which licenses are assigned.

Reference:

https://docs.microsoft.com/en-us/powershell/module/msonline/get-msoluser?view=azureadps-1.0








Question 9




You have an on-premises Microsoft Exchange Server organization that contains 100 mailboxes.
You have a hybrid Microsoft 365 tenant.
You run the Hybrid Configuration wizard and migrate the mailboxes to the tenant.
You need to ensure that Microsoft 365 spam filtering is applied to incoming email.
What should you do?


A. Run the Hybrid Configuration wizard again.


B. Update the Sender Policy Framework (SPF) TXT record to point to the on-premises Exchange IP address.


C. Run the Azure Active Directory Connect wizard again.


D. Update the MX record to point to Exchange Online.


 










Suggested Answer: D


Reference:

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mailboxes-using-microsoft-365-or-office-365








Question 10




Your company has 10 offices.
The network contains an Active Directory domain named contoso.com. The domain contains 500 client computers. Each office is configured as a separate subnet.
You discover that one of the offices has the following:
✑ Computers that have several preinstalled applications
✑ Computers that use nonstandard computer names
✑ Computers that have Windows 10 preinstalled
✑ Computers that are in a workgroup
You must configure the computers to meet the following corporate requirements:
✑ All the computers must be joined to the domain.
✑ All the computers must have computer names that use a prefix of CONTOSO.
✑ All the computers must only have approved corporate applications installed.
You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.


A. a provisioning package


B. wipe and load refresh


C. Windows Autopilot


D. an in-place upgrade


 










Suggested Answer: A


By using a provisioning package, IT administrators can create a self-contained package that contains all of the configuration, settings, and apps that need to be applied to a device.

Incorrect Answers:

C: With Windows Autopilot the user can set up pre-configured devices without the need consult their IT administrator.

D: Use the In-Place Upgrade option when you want to keep all (or at least most) existing applications.

Reference:

https://docs.microsoft.com/en-us/windows/deployment/windows-10-deployment-scenarios

https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot








Question 11




You work for a company manages all their identities in the cloud.
After acquiring a new domain name, you are tasked with making sure that the primary email address of all new mailboxes uses the new domain.
Which of the following is the Microsoft Exchange Online PowerShell cmdlet that you should run?


A. Update-EmailAddressPolicy


B. Update-OfflineAddressBook


C. Set-AddressBookPolicy


D. Set-EmailAddressPolicy


 










Suggested Answer: D


References:

https://docs.microsoft.com/en-us/powershell/module/exchange/email-addresses-and-address-books/set-emailaddresspolicy?view=exchange-ps








Question 12




HOTSPOT -
Your company has a Microsoft 365 tenant named litwareinc.com.
The Guest access settings in Microsoft Teams are configured as shown in the following exhibit.
 Image
The External access settings in Microsoft Teams are configured as shown in the following exhibit.
 Image
The company has a third-party supplier named adventureworks.com. Users in litwareinc.com collaborate with the following users by using Microsoft Teams:
✑
User1@contoso.com
✑
User2@adventureworks.com
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


The answer to this question depends on whether User1 and User2 have been added as guests. The question does not say that they are guests so we would have to assume they’re not.

External Access is turned off. Even with the Contoso.com domain added as an allowed domain, the Off settings override this. If the external access settings were

‘On’, they would be on for only the Contoso.com domain.

Box 1: No –

If External Access was On, the answer to this would still be No. If User2 was a guest, the answer to this would be Yes.

Box 2: No –

If External Access was On, the answer to this would still be No. External Access does not enable Meet Now for the external user. If User1 was a guest, the answer to this would be Yes.

Box 3: No –

If External Access was On, the answer to this would still be No. External Access does not allow blocking. If User1 was a guest, the answer to this would be Yes.

Reference:

https://docs.microsoft.com/en-us/microsoftteams/set-up-guests

https://docs.microsoft.com/en-us/microsoftteams/communicate-with-users-from-other-organizations








Question 13




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
✑ Contoso.com
✑ East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to active mode.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: B


You can only have one the AD Connect per tenant and one is already located in the root domain. Instead, run the wizard and add the new child domain to sync.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies








Question 14




HOTSPOT -
You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.
 Image
From the Sign-ins blade of the Azure Active Directory admin center, for which users can User1 and User2 view the sign-ins? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Who can access the activity reports data?

✑ Users in the Security Administrator, Security Reader, Global Reader, and Report Reader roles

✑ Global Administrators

✑ Any user (non-admins) can access their own sign-ins

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins








Question 15




You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2.
Which authentication strategy should you implement for the pilot projects?


A. password hash synchronization and seamless SSO


B. pass-through authentication


C. password hash synchronization


D. pass-through authentication and seamless SSO


 










Suggested Answer: A


✑ Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.

✑ Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.

✑ After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.

✑ Fabrikam does NOT plan to implement identity federation.

✑ After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.

You need to enable password hash synchronization to enable the users to continue to authenticate to their mailbox and to SharePoint sites by using their UPN.

You need to enable SSO to enable all users to be signed in to on-premises and cloud-based applications automatically.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn








Question 16




You have a Microsoft 365 subscription.
You recently configured a Microsoft SharePoint Online tenant in the subscription.
You plan to create an alert policy.
You need to ensure that an alert is generated only when malware is detected in more than five documents stored in SharePoint Online during a period of 10 minutes.
What should you do first?


A. Enable Microsoft Office 365 Cloud App Security.


B. Deploy Windows Defender Advanced Threat Protection (Windows Defender ATP).


C. Enable Microsoft Office 365 Analytics.


 










Suggested Answer: B


An alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert, a list of users who trigger the alert if they perform the activity, and a threshold that defines how many times the activity has to occur before an alert is triggered.

In this question, we would use the ג€Malware detected in fileג€ activity in the alert settings then configure the threshold (5 detections) and the time window (10 minutes).

The ability to configure alert policies based on a threshold or based on unusual activity requires Advanced Threat Protection (ATP).

Reference:

https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies








Question 17




After your company acquires a Microsoft 365 subscription, they instruct you to move all email data from their corporate Gmail to Microsoft Exchange Online.
The migration will be done via the Exchange admin center.
Which of the following is TRUE with regards to the data included in the migration?


A. All data will be migrated.


B. Only email data will be migrated.


C. Email and task data will be migrated.


D. Email and contact data will be migrated.


 










Suggested Answer: B


References:

https://docs.microsoft.com/en-us/exchange/mailbox-migration/migrating-imap-mailboxes/migrate-g-suite-mailboxes








Question 18




HOTSPOT -
You have a Microsoft 365 Enterprise E5 subscription.
You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.
You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.
Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


In the Cloud Apps section, you need to select the name of the app (App1) that the policy will apply to.

In the Grant section under Access Controls, there is a checkbox named ג€Require Multi-factor Authenticationג€. That checkbox needs to be ticked.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices

https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Conditional-Access-now-in-the-new-Azure-portal/ba-p/250060








Question 19




HOTSPOT -
You have a Microsoft 365 subscription.
You use the Microsoft Office Deployment Tool to install Microsoft 365 Apps for enterprise.
You create a configuration file that contains the following settings.
 Image
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Box 1:

The C2R (click-to-run) version of Microsoft Visio only will be uninstalled from the computers.

To remove the MSI version of Microsoft Visio, you would need to specify the RemoveMSI parameter. The RemoveMSI parameter is not configured in the configuration file in this question. Therefore, only the C2R version will be installed.

Box 2:

If the Office share on Server1 is missing the Japanese language pack, Microsoft 365 Apps for enterprise will be installed in English only.

In the configuration file, English is the first in the list above Japanese. Therefore, English is the primary language and the installation will continue in English only.

Reference:

https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool








Question 20




HOTSPOT
-
You have a Microsoft 365 E5 subscription.
Currently, users cannot install Microsoft 365 Apps for enterprise from the Microsoft Office portal.
You need to perform the following tasks:
•	Enable the installation of Microsoft 365 Apps for enterprise from the Office portal.
•	Ensure that the users can auto-claim Microsoft Teams licenses.
Which two Org settings should you configure in the Microsoft 365 admin center? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
 Image


 










Suggested Answer:

Correct Answer Image


 








Question 21




A user receives the following message when attempting to sign in to https://myapps.microsoft.com:
"Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location, device, or app. Before you can continue, we need to verify your identity. Please contact your admin."
Which configuration prevents the users from signing in?


A. Security & Compliance supervision policies


B. Security & Compliance data loss prevention (DLP) policies


C. Microsoft Azure Active Directory (Azure AD) conditional access policies


D. Microsoft Azure Active Directory (Azure AD) Identity Protection policies


 










Suggested Answer: C


The user is being blocked due to a ‘risky sign-in’. This can be caused by the user logging in from a device that hasn’t been used to sign in before or from an unknown location.

Integration with Azure AD Identity Protection allows Conditional Access policies to identify risky sign-in behavior. Policies can then force users to perform password changes or multi-factor authentication to reduce their risk level or be blocked from access until an administrator takes manual action.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview








Question 22




Your company has a Microsoft 365 subscription.
You plan to move several archived PST files to Microsoft Exchange Online mailboxes.
You need to create an import job for the PST files.
Which three actions should you perform before you create the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.


A. Create a Microsoft Azure Storage account.


B. From the Microsoft 365 compliance center, retrieve the SAS key.


C. Run azcopy.exe to copy the PST files to Microsoft Azure Storage


D. From Exchange admin center, run a new migration batch.


E. Create a PST import mapping file.


 










Suggested Answer: BCE


The first step is to download and install the Azure AzCopy tool, which is the tool that you run in Step 2 to upload PST files to Office 365. You also copy the SAS

URL for your organization. This URL is a combination of the network URL for the Azure Storage location in the Microsoft cloud for your organization and a Shared

Access Signature (SAS) key. This key provides you with the necessary permissions to upload PST files to your Azure Storage location.

Now you’re ready to use the AzCopy.exe tool to upload PST files to Office 365. This tool uploads and stores them in an Azure Storage location in the Microsoft cloud.

After the PST files have been uploaded to the Azure Storage location for your Office 365 organization, the next step is to create a comma-separated value (CSV) file that specifies which user mailboxes the PST files will be imported to. You’ll submit this CSV file when you create a PST Import job.

Reference:

https://docs.microsoft.com/en-us/office365/securitycompliance/use-network-upload-to-import-pst-files








Question 23




You have a Microsoft 365 subscription.
You plan to implement a hybrid configuration that has the following requirements:
•	Minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources
•	Supports the use of Azure AD Identity Protection
You need to configure Azure AD Connect to support the planned changes implementation.
Which two options should you select? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.


A. Pass-through authentication


B. Password writeback


C. Enable single sign-on


D. Password Hash Synchronization


E. Directory extension attribute sync


 










Suggested Answer: AB


 








Question 24




You have a Microsoft 365 subscription that contains a user named User1.
User1 requires admin access to perform the following tasks:
•	Manage Microsoft Exchange Online settings.
•	Create Microsoft 365 groups.
You need to ensure that User1 only has admin access for eight hours and requires approval before the role assignment takes place.
What should you use?


A. Microsoft Entra Verified ID


B. Azure Active Directory (Azure AD) Identity Protection


C. Conditional Access


D. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)


 










Suggested Answer: D


 








Question 25




You have a Microsoft 365 tenant that contains Microsoft Exchange Online.
You plan to enable calendar sharing with a partner organization named adatum.com. The partner organization also has a Microsoft 365 tenant.
You need to ensure that the calendar of every user is available to the users in adatum.com immediately.
What should you do?


A. From the Exchange admin center, create a sharing policy.


B. From the Exchange admin center, create a new organization relationship.


C. From the Microsoft 365 admin center, modify the Organization profile settings.


D. From the Microsoft 365 admin center, configure external site sharing.


 










Suggested Answer: B


You need to set up an organization relationship to share calendar information with an external business partner. Office 365 admins can set up an organization relationship with another Office 365 organization or with an Exchange on-premises organization.

Reference:

https://docs.microsoft.com/en-us/exchange/sharing/organization-relationships/create-an-organization-relationship








Question 26




Your network contains two on-premises Active Directory forests named contoso.com and fabrikam.com. Fabrikam.com contains one domain and five domain controllers. Contoso.com contains the domains shown in the following table.
 Image
You need to sync all the users from both the forests to a single Azure Active Directory (Azure AD) tenant by using Azure AD Connect.
What is the minimum number of Azure AD Connect sync servers required?


A. 1


B. 2


C. 3


D. 4


 










Suggested Answer: A


You can have only one active Azure AD Connect server synchronizing accounts to a single Azure Active Directory (Azure AD) tenant. You can have ‘backup’

Azure AD Connect servers, but these must be running in ‘staging’ mode. Staging mode means the Azure AD Connect instance is not actively synchronizing users but is ready to be bought online if the active Azure AD Connect instance goes offline.

When you have multiple forests, all forests must be reachable by a single Azure AD Connect sync server. The server must be joined to a domain. If necessary, to reach all forests, you can place the server in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet).

References:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-forests-single-azure-ad-tenant








Question 27




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
✑ Contoso.com
✑ East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to staging mode.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: B


When Azure AD Connect is set to staging mode, this action makes the server active for import and synchronization, but it does not run any exports. A server in staging mode is not running password sync or password writeback, even if you selected these features during installation.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server








Question 28




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
 Image
You need to ensure that all the users in your organization are prompted to change their password every 180 days.
To answer the question, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to configure the Password Expiration Policy.

1. Sign in to the Microsoft 365 Admin Center.

2. In the left navigation pane, expand the Settings section then select the Settings option.

3. Click on Security and Privacy.

4. Select the Password Expiration Policy.

5. Ensure that the checkbox labelled ג€Set user passwords to expire after a number of daysג€ is ticked.

6. Enter 180 in the ג€Days before passwords expireג€ field.

7. Click the ‘Save changes’ button.








Question 29




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has 3,000 users. All the users are assigned Microsoft 365 E3 licenses.
Some users are assigned licenses for all Microsoft 365 services. Other users are assigned licenses for only certain Microsoft 365 services.
You need to determine whether a user named User1 is licensed for Exchange Online only.
Solution: You launch the Azure portal, and then review the Licenses blade.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: A


In the Licenses blade, click All Products then select the E3 License. This will display a list of all users assigned an E3 license. Select User1. You’ll see how many services are assigned in the Enabled Services column. Click on the number in the Enabled Services column for User1 and you’ll be taken to the licenses page for that user. Click on the number in the Enabled Services column for User1 again and a page will open which shows you exactly which services are enabled or disabled.

Alternatively, you can go into the user account properties directly then select Licenses. This will display the licenses blade for that user. You can then click on the number in the Enabled Services column for the user and a page will open which shows you exactly which services are enabled or disabled.








Question 30




You have Microsoft 365 E5 subscription that contains the groups shown in the following exhibit.
 Image
You need to create an access review.
For which groups can you create the access review?


A. Group1 and Group2 only


B. Group3 and Group4 only


C. Group1, Group2, and Group3 only


D. Group1, Group2, Group3, and Group5 only


E. Group1, Group2, Group3, Group4, and Group5


 










Suggested Answer: C


 








Question 31




You implement Microsoft Azure Advanced Threat Protection (Azure ATP).
You have an Azure ATP sensor configured as shown in the following exhibit.
Updates -
 Image
How long after the Azure ATP cloud service is updated will the sensor update?


A. 1 hour


B. 7 days


C. 48 hours


D. 12 hours


E. 72 hours


 










Suggested Answer: E


The exhibit shows that the sensor is configure for Delayed update.

Given the rapid speed of ongoing Azure ATP development and release updates, you may decide to define a subset group of your sensors as a delayed update ring, allowing for a gradual sensor update process. Azure ATP enables you to choose how your sensors are updated and set each sensor as a Delayed update candidate.

Sensors not selected for delayed update are updated automatically, each time the Azure ATP service is updated. Sensors set to Delayed update are updated on a delay of 72 hours, following the official release of each service update.

Reference:

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/sensor-update








Question 32




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
You plan to provide an external user named
fabrikamuser@fabrikam.com
with access to several resources in your Microsoft 365 tenant.
You need to ensure that the external user can be added to Office 365 groups.


 










Suggested Answer: See explanation below.


You need to create a guest account for the external user.

1. Go to the Azure Active Directory admin center.

2. Select Users.

3. Click the ‘New guest user’ link.

4. Select the ‘Invite user’ option.

5. Give the account a name and enter

fabrikamuser@fabrikam.com

in the email address field.

6. Click the ‘Invite’ button.

References:

https://docs.microsoft.com/en-us/azure/active-directory/b2b/b2b-quickstart-add-guest-users-portal








Question 33




HOTSPOT -
You have a Microsoft 365 subscription that contains the users shown in the following table.
 Image
You have the named locations shown in the following table.
 Image
You create a conditional access policy that has the following configurations:
✑ Users and groups:
- Include: Group1
- Exclude: Group2
✑ Cloud apps: Include all cloud apps
✑ Conditions:
- Include: Any location
- Exclude: Montreal
✑ Access control: Grant access, Require multi-factor authentication
User1 is on the multi-factor authentication (MFA) blocked users list.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


The Blocked User list is used to block specific users from being able to receive Multi-Factor Authentication requests. Any authentication attempts for blocked users are automatically denied. Users remain blocked for 90 days from the time that they are blocked.

Box 1: Yes –

133.107.10.20 is in the Montreal named location. The conditional access policy excludes Montreal so the policy does not apply. Therefore, User1 can access

Microsoft Office 365.

Box 2: No –

193.77.10.15 is in the Toronto named location. The conditional access policy applies to Group1 which User1 is a member of and all locations except for Montreal.

Therefore, the conditional access policy applies in this case. The policy requires MFA but User1 is on the MFA blocked list so he is unable to use MFA.

Therefore, User1 cannot access Microsoft 365.

Box 3: Yes –

User2 is in Group1 and Group2. The conditional access policy applies to Group1 but excludes Group2. Therefore, the conditional access policy does not apply in this case so User2 can access Microsoft Office 365.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings








Question 34




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
 Image
You need to create a SharePoint site named Project1. Users from your organization must be able to share content from the site to external users.
To answer, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to create a SharePoint site and configure the sharing settings.

1. Go to the SharePoint Admin Center.

2. In the left navigation pane, expand Sites then select ‘Active Sites’.

3. Click on the ‘+ Create’ link to add a new site.

4. Select ‘Other Options’ then ‘Team Site’ for the template.

5. Give the site the name ‘Project1’.

6. In the ‘Primary Administrator’ field, start typing ‘admin’ then select the

admin@LODSe878763.onmicrosoft.com

account when it appears.

7. Click Finish to create the site.

8. In the Active Sites list, select the Project1 site.

9. Click the Sharing link at the top of the sites list.

10. Under ‘External Sharing’, select ‘Anyone’.

11. Click Save to save the changes.








Question 35




You have a Microsoft 365 tenant.
You have a line-of-business application named App1 that users access by using the My Apps portal.
After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.
You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.
What should you do?


A. From Microsoft Cloud App Security, modify the impossible travel alert policy.


B. From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.


C. From the Azure Active Directory admin center, modify the conditional access policy.


D. From Microsoft Cloud App Security, create an app discovery policy.


 










Suggested Answer: A


Impossible travel detection identifies two user activities (is a single or multiple sessions) originating from geographically distant locations within a time period shorter than the time it would have taken the user to travel from the first location to the second.

We need to modify the policy so that it applies to App1 only.

Reference:

https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy








Question 36




Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a Microsoft Exchange Server 2019 organization.
You plan to sync the domain to Azure Active Directory (Azure AD) and to enable device writeback and group writeback.
You need to identify which group types will sync from Azure AD.
Which two group types should you identify? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.


A. a Microsoft 365 group that uses the Assigned membership type


B. a security group that uses the Dynamic Device membership type


C. a Microsoft 365 group that uses the Dynamic User membership type


D. a security group that uses the Assigned membership type


E. a security group that uses the Dynamic User membership type


 










Suggested Answer: AC


 








Question 37




Your network contains an Active Directory forest named contoso.local.
You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you successfully verify the contoso.com domain name.
You need to prepare the environment for the planned directory synchronization solution.
What should you do first?


A. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.


B. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix.


C. From the Microsoft 365 admin center, verify the contoso.local domain name.


D. From Active Directory Users and Computers, modify the UPN suffix for all users.


 










Suggested Answer: B


The on-premise Active Directory domain is named contoso.local. Therefore, all the domain users accounts will have a UPN suffix of contoso.local by default.

To enable directory synchronization that will use password hash synchronization, you need to configure the domain user accounts to have the same UPN suffix as the verified domain (contoso.com in this case). Before you can change the UPN suffix of the domain user accounts to contoso.com, you need to add contoso.com as a UPN suffix in the domain.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-userprincipalname








Question 38




HOTSPOT -
Your company has a Microsoft 365 subscription that contains the users shown in the following table.
 Image
External collaboration settings have default configuration.
You need to identify which users can perform the following administrative tasks:
✑ Modify the password protection policy.
✑ Create guest user accounts.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


Only a Global Admin can modify the password protection policy.

A Global Admin or a user with the Guest Inviter role can create guest accounts.

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-operations








Question 39




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.
You need to be notified if the SharePoint policy is modified in the future.
Solution: From the SharePoint site, you create an alert.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: B


You need to create a threat management policy in the Security & Compliance admin center.








Question 40




After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.
 Image
The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.
 Image
User2 fails to authenticate to Azure AD when signing in as
user2@fabrikam.com
.
You need to ensure that User2 can access the resources in Azure AD.
Solution: From the Azure Active Directory admin center, you add fabrikam.com as a custom domain. You instruct User2 to sign in as
user2@fabrikam.com
.
Does this meet the goal?


A. Yes


B. No


 










Suggested Answer: A


The on-premises Active Directory domain is named contoso.com. To enable users to sign on using a different UPN (different domain), you need to add the domain to Microsoft 365 as a custom domain.








Question 41




HOTSPOT -
Your network contains an on-premises Active Directory domain named contoso.com.
Your company purchases a Microsoft 365 subscription and establishes a hybrid deployment of Azure Active Directory (Azure AD) by using password hash synchronization. Password writeback is disabled in Azure AD Connect.
You create a new user named User10 on-premises and a new user named User20 in Azure AD.
You need to identify where an administrator can reset the password of each new user.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 Image


 










Suggested Answer:

Correct Answer Image


If a user account is created in the on-premise Active Directory and synchronized to Azure Active Directory, you can reset the password of the user account in the on-premise Active Directory only.

If a user account is created in Azure Active Directory, you can reset the password of the user account in the Azure Active Directory only.








Question 42




You have a Microsoft 365 E5 subscription that uses Microsoft Teams.
You need to deploy the Microsoft Power Platform Center of Excellence (CoE) solution to a Microsoft Dataverse for Teams environment.
What should you do first?


A. From the Teams client add PowerApps.


B. From the Teams client import the CoE solution.


C. Create a new team.


D. Create a canvas app.


 










Suggested Answer: D


 








Question 43




Your network contains an Active Directory domain.
You have an Azure Active Directory (Azure AD) tenant that has Security defaults enabled.
Azure AD Connect is configured for directory synchronization. Password hash synchronization and pass-through authentication are disabled.
You need to enable Azure AD Identity Protection to detect leaked credentials.
What should you do first?


A. From the Azure Active Directory admin center, disable Security defaults.


B. From Azure AD Connect, enable pass-through authentication.


C. From the Azure Active Directory admin center, configure verifiable credentials.


D. From Azure AD Connect, enable password hash synchronization.


 










Suggested Answer: D


 








Question 44




You have a Microsoft 365 subscription.
A new corporate security policy states that you must automatically send DLP incident reports to the users in the legal department.
You need to schedule the email delivery of the reports. The solution must ensure that the reports are sent as frequently as possible.
How frequently can you schedule the delivery of the reports?


A. hourly


B. monthly


C. weekly


D. daily


 










Suggested Answer: C


From the Dashboard in the Security and Compliance center, you can view various reports including the DLP Incidents report. From there you can configure a schedule to email the reports. In the schedule configuration, there are two choices for the frequency: Weekly or Monthly. Therefore, to ensure that the reports are sent as frequently as possible, you need to select Weekly.

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/create-a-schedule-for-a-report








Question 45




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
A user named Johanna Lorenz recently left the company. A new employee named Ben Smith will handle the tasks of Johanna Lorenz.
You need to create a user named Ben Smith. Ben Smith must be able to sign in to http://myapps.microsoft.com and open Microsoft Word Online.


 










Suggested Answer: See explanation below.


You need to create a user account and assign a license to the account. You then

To create the user account and mailbox:

1. In the Microsoft 365 admin center, go to User management, and select Add user.

2. Enter the name Ben Smith in the First Name and Last Name fields.

3. Enter Ben.Smith in the username field and click Next.

4. Assign a Microsoft 365 license to the account.

5. Click Next.

6. Click Next again.

7. Click ‘Finish adding’.








Question 46




Your company has an on-premises Microsoft Exchange Server 2016 organization and a Microsoft 365 Enterprise E5 subscription.
You plan to migrate mailboxes and groups to Exchange Online.
You start a new migration batch.
Users report slow performance when they use the on-premises Exchange Server organization.
You discover that the migration is causing the slow performance.
You need to reduce the impact of the mailbox migration on the end-users.
What should you do?


A. Create a mail flow rule.


B. Configure back pressure.


C. Modify the migration endpoint settings.


D. Create a throttling policy.


 










Suggested Answer: C


The migration is causing the slow performance. This suggests that the on-premise Exchange server is struggling under the load of copying the mailboxes to

Exchange Online. You can reduce the load on the on-premise server by reducing the maximum number of concurrent mailbox migrations. Migrating just a few mailboxes at a time will have less of a performance impact than migrating many mailboxes concurrently.

Reference:

https://support.microsoft.com/en-gb/help/2797784/how-to-manage-the-maximum-concurrent-migration-batches-in-exchange-onl








Question 47




Your company has an Azure Active Directory (Azure AD) tenant named contoso.com that contains 10,000 users.
The company has a Microsoft 365 subscription.
You enable Azure Multi-Factor Authentication (MFA) for all the users in contoso.com.
You run the following query.
search "SigninLogs" | where ResultDescription == "User did not pass the MFA challenge."
The query returns blank results.
You need to ensure that the query returns the expected results.
What should you do?


A. From the Azure Active Directory admin center, configure the diagnostics settings to archive logs to an Azure Storage account.


B. From the Security & Compliance admin center, turn on auditing.


C. From the Security & Compliance admin center, enable Office 365 Analytics.


D. From the Azure Active Directory admin center, configure the diagnostics settings to send logs to an Azure Log Analytics workspace.


 










Suggested Answer: D


You can now send audit logs to Azure Log Analytics. This gives you much easier reporting on audit events and the ability to perform queries such as the one in this question.

References:

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-integrate-activity-logs-with-log-analytics








Question 48




Your company has a Microsoft Azure Active Directory (Azure AD) tenant with multi-factor authentication enabled.
You have also configured the Allow users to submit fraud alerts, and the Block user when fraud is reported settings to ON.
A tenant user has submitted a fraud alert for his account.
Which of the following is the length of time that the user's account will automatically be blocked for?


A. 24 hours


B. 90 days


C. 1 month


D. 1 week


 










Suggested Answer: B


References:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert








Question 49




SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
 Image
You need to prevent all the users in your organization from sending an out of office reply to external users.
To answer, sign in to the Microsoft 365 portal.


 










Suggested Answer: See explanation below.


You need to modify the default remote domain. When you add a remote domain, you specify the domain name and the settings apply to that domain. The default remote domain applies to all other domains. Therefore, we need to disable Out of Office replies for external users in the settings of the default remote domain.

1. Go to the Exchange Admin Center.

2. Click Mail Flow in the left navigation pane.

3. Click on Remote Domains.

4. Select the default remote domain and click the Edit icon (pencil icon).

5. In the ‘Out of Office automatic reply types’ section, select ‘None’.

6. Click Save to save to changes to the default remote domain.








Question 50




You have a Microsoft 365 E5 subscription.
You need to ensure that users are prompted for multi-factor authentication (MFA) when they attempt to access Microsoft SharePoint Online resources. Users must NOT be prompted for MFA when they attempt to access other Microsoft 365 services.
What should you do?


A. From the Microsoft Endpoint Manager admin center, create an app protection policy.


B. From the multi-factor authentication page, configure the users settings.


C. From the Azure Active Directory admin center, create a conditional access policy.


D. From the Cloud App Security admin center, create an app access policy.


 










Suggested Answer: C


Multi-factor authentication (MFA) is configured through conditional access policies.

Reference:

https://docs.microsoft.com/en-us/appcenter/general/configuring-aad-conditional-access






Free Access Full MS-100 Practice Test Free Questions


If you’re looking for more MS-100 practice test free questions, click here to access the full MS-100 practice test.


We regularly update this page with new practice questions, so be sure to check back frequently.


Good luck with your MS-100 certification journey!

                                
	                            
                                                            



                        

	                    

                

                    Share18Tweet11
                    

                    
                

                
                

            

	                    
                        

            
            Previous Post
            
MLS-C01 Practice Test Free

        
    
            
            Next Post
            
MS-101 Practice Test Free

        
    
    

        Next Post

                    

                

                                        
                        
                    
                

                

                    
                        MS-101 Practice Test Free                    
                

            

                    

                

                                        
                        
                    
                

                

                    
                        MS-102 Practice Test Free                    
                

            

                    

                

                                        
                        
                    
                

                

                    
                        MS-203 Practice Test Free                    
                

            

                
        
    


	

		
Leave a Reply Cancel reply
Your email address will not be published. Required fields are marked *
 
 


 


 


 


 


	

	

                                    

            

            


    

                

                    
Recommended

                    
                

                

                
                

                

                

                    
                    

                

                

                    

                        Network+ Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        Comptia Security+ Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        A+ Certification Practice Test
                    

                    
                

            

                

                    
                    

                

                

                    

                        Aws Cloud Practitioner Exam Questions
                    

                    
                

            

                

                    
                    

                

                

                    

                        Aws Cloud Practitioner Practice Exam
                    

                    
                

            

                

                    
                    

                

                

                    

                        Comptia A+ Practice Test
                    

                    
                

            

            

                

                

                    

                        
                    

                    

                        

                            

                        

                    

                    

                        

                    

                

            

            

            

                

                
                
            

                
                
            
        


        

            
        


    



                

            


            


            
        


        

    

        

            
        

        

            

                

            

        

        

            

        

    



    

        

            

    

        

            

                

                    

                        

                            
  • About
    • 

  • DMCA
    • 

  • Privacy & Policy
    • 

  • Contact
    • 

                        

                        

                            

                                                            

                        

                    


                    
                    

                        

                            
 PracticeTestFree.com materials do not contain actual questions and answers from Cisco's Certification Exams. PracticeTestFree.com doesn't offer Real Microsoft Exam Questions. PracticeTestFree.com doesn't offer Real Amazon Exam Questions.
 

                        

                        


                            			

				  			

			
                        

                    


                                        
                

            

        

    


        


        

        	
        

    


    


    
    

    

        

    

        

    

        
    
                    
  •  Login
    • 
                    
  •  Sign Up
    • 
                    
                
	





    
    

    
    





    

    

    

        No Result    

    

         View All Result    



    
  • Quesions

      
	
    • Cisco
      • 
	
    • AWS
      • 
	
    • Microsoft
      • 
	
    • CompTIA
      • 
	
    • Google
      • 
	
    • ISACA
      • 
	
    • ECCouncil
      • 
	
    • F5
      • 
	
    • GIAC
      • 
	
    • ISC
      • 
	
    • Juniper
      • 
	
    • LPI
      • 
	
    • Oracle
      • 
	
    • Palo Alto Networks
      • 
	
    • PMI
      • 
	
    • RedHat
      • 
	
    • Salesforce
      • 
	
    • VMware
      • 

    

    • 

  • Courses

      
	
    • CCNA
      • 
	
    • ENCOR
      • 
	
    • VMware vSphere
      • 

    

    • 

  • Certificates
    • 

    

    

            


    





    

        

            
Welcome Back!
            
Login to your account below


            
            

            

                
            

            

                
            

            

                
                
            

			

			

                
                
                
            

            

                Forgotten Password?
                                 Sign Up
                            

        

    







    

        

            
Create New Account!
            
Fill the forms below to register


            
            


            

                
            

            

                
            

			

            

                
                
                
            

                        

                All fields are required.
                 Log In
            

        

    







    

        

            
Retrieve your password

            
Please enter your username or email address to reset your password.


            
            


            

                
            

			

            

                
                
                
            

            

                 Log In
            

        

    



                

                

                    

                        

                        

                        

                    

                    

                        

                            

                            
                            
                            
                            
                            

                                

                                    

                                        

                                    

                                

                            

                        

                        

                            

                        

                        
                        
                        

                            

                        

                    

                

            



                        

                            
              
                                

                            

                                
      
                            
 
                        
      
                      

























































		
		


		

		

		

				
Insert/edit link

		
		

			

				
Enter the destination URL

				

					
				

				

					
				

				

					
				

			

			
Or link to existing content

			

				

					
				

				

					
    
					
    
						
					
    
				
    
				
    
					
    
						No search term specified. Showing recent items.
						
							Search or use up and down arrow keys to select an item.