Your network contains an Active Directory domain named adatum.com that is synced to Microsoft Azure Active Directory (Azure AD).
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?

A. From Azure Cloud Shell, run the Get-AzureADUser and Set-AzureADUser cmdlets.

B. From Azure Cloud Shell, run the Get-ADUser and Set-ADUser cmdlets.

C. From Windows PowerShell on a domain controller, run the Get-ADUser and Set-ADUser cmdlets.

D. From Azure Cloud Shell, run the Get-MsolUser and Set-MSOluser cmdlets.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
✑ Contoso.com
✑ East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You create an Azure DNS zone for west.contoso.com. On the on-premises DNS servers, you create a conditional forwarder for west.contoso.com.
Does this meet the goal?

A. Yes

B. No

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Compliance
Management role.
Does this meet the goal?

A. Yes

B. No

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
 
You need to prevent users in your organization from receiving an email notification when they save a document that contains credit card numbers.
To answer the question, sign in to the Microsoft 365 portal.

HOTSPOT -
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.
 
You have the licenses shown in the following table.
 
Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
Your company has a web application named App1.
The company plans to publish App1 by using a URL of https://app1.contoso.com.
You need to register App1 to your Microsoft Office 365 tenant.

Your company has a hybrid deployment of Microsoft 365.
Users authenticate by using pass-through authentication. Several Microsoft Azure AD Connect Authentication Agents are deployed.
You need to verify whether all the Authentication Agents are used for authentication.
What should you do?

A. From the Azure portal, use the Troubleshoot option on the Pass-through authentication page.

B. From Performance Monitor, use the #PTA authentications counter.

C. From the Azure portal, use the Diagnostics settings on the Monitor blade.

D. From Performance Monitor, use the Kerberos authentications counter.

Your network contains an Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2016. Server1 has a share named
Share1.
You have a hybrid deployment of Microsoft 365.
You need to migrate the content in Share1 to Microsoft OneDrive.
What should you use?

A. Windows Server Migration Tools

B. Microsoft SharePoint Migration Tool

C. Storage Migration Service

You have an on-premises call center and a Microsoft 365 E5 tenant.
You plan to implement Microsoft Phone System Direct Routing and Microsoft Teams.
What should you include in the solution?

A. a Session Border Controller (SBC)

B. a local number port order request

C. Skype for Business Cloud Connector Edition

D. Azure AD Connect

Your company has a Microsoft Azure Active Directory (Azure AD) directory tenant named contoso.onmicrosoft.com.
All users have client computers that run Windows 10 Pro and are joined to Azure AD.
The company purchases a Microsoft 365 E3 subscription.
You need to upgrade all the computers to Windows 10 Enterprise. The solution must minimize administrative effort.
You assign licenses from the Microsoft 365 admin center.
What should you do next?

A. Add a custom domain name to the subscription.

B. Deploy Windows 10 Enterprise by using Windows Autopilot.

C. Create a provisioning package, and then deploy the package to all the computers.

D. Instruct all the users to log off of their computer, and then to log in again.

HOTSPOT -
You have a Microsoft SharePoint Online site and an on-premises file server.
The site contains the files shown in the following table.
 
The file server contains the files shown in the following table.
 
You migrate D:Folder1 and D:Folder2 to the Documents library by using the SharePoint Migration Tool as shown in the following exhibit.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You need to consider the underlined segment to establish whether it is accurate.
You have recently configured a conditional access policy to force mobile device users to use multi-factor authentication when accessing Microsoft SharePoint.
To check who used multi-factor authentication to authenticate, you view the Usage reports from Azure Active Directory admin center.
Select `No adjustment required` if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.

A. No adjustment required

B. user sign-ins

C. event logs

D. audit logs

HOTSPOT -
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains five domain controllers.
Your company purchases Microsoft 365 and creates a Microsoft Azure Directory (Azure AD) tenant named contoso.onmicrosoft,com.
You plan to establish federation authentication between on-premises Active Directory and the Azure AD tenant by using Active Directory Federation Services (AD
FS).
You need to establish the federation.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You have a data loss prevention (DLP) policy.
You need to increase the likelihood that the DLP policy will apply to data that contains medical terms from the International Classification of Diseases (ICD-9-CM).
The solution must minimize the number of false positives.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
Your network contains an on-premises Active Directory domain. The domain contains a server named Server1. Server1 has a share named Share1 that contains the files shown in the following table.
 
You have a hybrid deployment of Microsoft 365.
You create a Microsoft SharePoint site collection named Collection1.
You plan to migrate Share1 to a document library in Collection1.
You configure the SharePoint Migration Tool as shown in the exhibit. (Click the Exhibit tab.)
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have an on-premises web application that is published by using a URL of https://app.contoso.local.
You purchase a Microsoft 365 subscription.
Several external users must be able to connect to the web application.
You need to recommend a solution for external access to the application. The solution must support multi-factor authentication.
Which two actions should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From an on-premises server, install a connector, and then publish the app.

B. From the Azure Active Directory admin center, enable an Application Proxy.

C. From the Azure Active Directory admin center, create a conditional access policy.

D. From an on-premises server, install an Authentication Agent.

E. Republish the web application by using https://app.contoso.com.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You review the Product Feedback in the Microsoft 365 admin center.
Does this meet the goal?

A. Yes

B. No

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a hybrid deployment of Microsoft 365 that contains the objects shown in the following table.
 
Azure AD Connect has the following settings:
✑ Password Hash Sync: Enabled
✑ Password writeback: Enabled
✑ Group writeback: Enabled
You need to add User2 to Group 2.
Solution: From Azure PowerShell, you run the Set-AzureADGroup cmdlet.
Does this meet the goal?

A. Yes

B. No

You have recently created a Microsoft 365 subscription.
You have prepared an XML file for the upcoming Microsoft Office 365 ProPlus deployment.
The Channel attribute for the OfficeClientEdition attribute is set to Broad, while the Channel attribute for the Updates element is set to Targeted.
Which of the following the following are the months of the year that security updates will be installed?

A. January and July.

B. March and September

C. June and December

D. April and October

You have a Microsoft 365 subscription that uses Microsoft OneDrive.
You need to prevent users from syncing .exe and .mp3 files from their local device to OneDrive.
What should you do?

A. From the Microsoft 365 admin center, configure directory synchronization.

B. From the SharePoint admin center, configure the Site storage limits settings.

C. From the Microsoft 365 Apps admin center, create a policy.

D. From the SharePoint admin center, configure the Sync settings.

You have a Microsoft 365 E5 subscription that uses Microsoft Teams.
You need to provide Teams administrators with early access to Teams preview features.
What should you configure?

A. Release preferences in the Microsoft 365 admin center

B. Teams upgrade settings in the Microsoft Teams admin center

C. Office installation options in the Microsoft 365 admin center

D. Teams update policies in the Microsoft Teams admin center

HOTSPOT
-
You have a Microsoft 365 subscription that has a Conditional Access policy named Policy1. Policy1 is configured as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 tenant.
A partner company has an email domain named contoso.com.
You need to prevent out-of-office replies from being sent to contoso.com.
What should you create?

A. a rule

B. an organization relationship

C. a remote domain

D. a connector

You have a Microsoft 365 subscription.
You add a domain named contoso.com.
When you attempt to verify the domain, you are prompted to send a verification email to
admin@contoso.com
.
You need to change the email address used to verify the domain.
What should you do?

A. From the domain registrar, modify the contact information of the domain

B. Add a TXT record to the DNS zone of the domain

C. Modify the NS records for the domain

D. From the Microsoft 365 admin center, change the global administrator of the Microsoft 365 subscription

HOTSPOT -
You need to configure the Office 365 service status notifications and limit access to the service and feature updates. The solution must meet the technical requirements.
What should you configure in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You use the Service health option in the Microsoft 365 admin center.
Does this meet the goal?

A. Yes

B. No

You create a Microsoft 365 Enterprise subscription.
You assign licenses for all products to all users.
You need to prepare the environment to ensure that all Microsoft 365 Apps for enterprise installations occur from a network share. The solution must prevent the users from installing Microsoft 365 Apps for enterprise from the Internet.
You download the Office Deployment Tool (ODT).
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From your computer, run setup.exe /download downloadconfig.xml.

B. Create an XML download file.

C. From the Microsoft 365 admin center, deactivate the Office 365 licenses for all the users.

D. From each client computer, run setup.exe /configure installconfig.xml.

E. From the Microsoft 365 admin center, configure the Software download settings.

You have Microsoft 365 E5 subscription that contains the groups shown in the following exhibit.
 
You need to create an access review.
For which groups can you create the access review?

A. Group1 and Group2 only

B. Group3 and Group4 only

C. Group1, Group2, and Group3 only

D. Group1, Group2, Group3, and Group5 only

E. Group1, Group2, Group3, Group4, and Group5

You have a Microsoft 365 subscription.
You suspect that several Microsoft Office 365 applications or services were recently updated.
You need to identify which applications or services were recently updated.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. From the Microsoft 365 admin center, review the Message center blade.

B. From the Office 365 Admin mobile app, review the messages.

C. From the Microsoft 365 admin center, review the Products blade.

D. From the Microsoft 365 admin center, review the Service health blade.

You have a Microsoft 365 subscription that contains an enterprise application named App1.
App1 requires user consent to access user profile and email address information.
You need to ensure that when a user accesses App1, users are granted consent automatically without being prompted. The solution must NOT affect any other apps in the subscription.
What should you do?

A. From the Azure Active Directory admin center, configure permissions for App1.

B. From the Azure Active Directory admin center, configure the User consent settings.

C. From the Microsoft 365 admin center, disable user consent to apps.

D. From the Microsoft 365 admin center, enable privileged access.

HOTSPOT
-
You have a Microsoft 365 E5 subscription.
You have an Azure AD tenant named contoso.com that contains the following users:
•	Admin1
•	Admin2
•	User1
Contoso.com contains an administrative unit named AU1 that has no role assignments. User1 is a member of AU1.
You create an administrative unit named AU2 that does NOT have any members or role assignments.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

HOTSPOT -
Your network contains an Active Directory domain named contoso.com. The domain contains the file servers shown in the following table.
 
A file named File1.abc is stored on Server1. A file named File2.abc is stored on Server2. Three apps named App1, App2, and App3 all open files that have the
.abc file extension.
You implement Windows Information Protection (WIP) by using the following configurations:
✑ Exempt apps: App2
✑ Protected apps: App1
✑ Windows Information Protection mode: Block
✑ Network boundary: IPv4 range of 192.168.1.1-192.168.1.255
You need to identify the apps from which you can open File1.abc
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

Your company has 20 employees. Each employee has a mailbox hosted in Outlook.com.
The company purchases a Microsoft 365 subscription.
You plan to migrate all the mailboxes to Microsoft 365.
You need to recommend which type of migration to use for the mailboxes.
What should you recommend?

A. staged migration

B. cutover migration

C. minimal hybrid migration

D. IMAP migration

Your company has 10 offices.
The network contains an Active Directory domain named contoso.com. The domain contains 500 client computers. Each office is configured as a separate subnet.
You discover that one of the offices has the following:
✑ Computers that have several preinstalled applications
✑ Computers that use nonstandard computer names
✑ Computers that have Windows 10 preinstalled
✑ Computers that are in a workgroup
You must configure the computers to meet the following corporate requirements:
✑ All the computers must be joined to the domain.
✑ All the computers must have computer names that use a prefix of CONTOSO.
✑ All the computers must only have approved corporate applications installed.
You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.

A. a provisioning package

B. wipe and load refresh

C. Windows Autopilot

D. an in-place upgrade

Your on-premises network contains an Active Directory domain.
You have a Microsoft 365 subscription.
You need to sync the domain with the subscription. The solution must meet the following requirements:
•	On-premises Active Directory password complexity policies must be enforced.
•	Users must be able to use self-service password reset (SSPR) in Azure AD.
What should you use?

A. Azure AD Seamless Single Sign-On (Azure AD Seamless SSO)

B. pass-through authentication

C. password hash synchronization

D. Azure AD Identity Protection

Your network contains an Active Directory forest named contoso.local.
You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you successfully verify the contoso.com domain name.
You need to prepare the environment for the planned directory synchronization solution.
What should you do first?

A. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.

B. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix.

C. From the Microsoft 365 admin center, verify the contoso.local domain name.

D. From Active Directory Users and Computers, modify the UPN suffix for all users.

HOTSPOT -
Your company uses Gmail as a corporate email solution.
You purchase a Microsoft 365 subscription and plan to move all email data to Microsoft Exchange Online.
You plan to perform the migration by using the Exchange admin center.
You need to recommend which type of migration to use and which type of data to migrate.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a Microsoft 365 E5 subscription that has multiple Conditional Access policies.
You plan to deploy a dashboard that will display the impact of the policies on user sign-ins.
You need to enable the Conditional Access insights and reporting workbook.
What should you do first?

A. Create a Log Analytics workspace.

B. Create a workspace in Microsoft Power BI.

C. Enable Microsoft 365 usage analytics.

D. Enable audit logging in Microsoft 365.

HOTSPOT -
You company has a Microsoft 365 subscription that contains the domains shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
 

Your network contains an on-premises Active Directory domain named contoso.com.
For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.
You plan to sync contoso.com to an Azure Active Directory (Azure AD) tenant.
You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.
What should you include in the recommendation?

A. password synchronization

B. conditional access policies

C. pass-through authentication

D. Azure AD Identity Protection policies

Your company uses email, calendar, contact, and task services in Microsoft Outlook.com.
You purchase a Microsoft 365 subscription and plan to migrate all users from Outlook.com to Microsoft 365.
You need to identify which user data can be migrated to Microsoft 365.
Which type of data should you identify?

A. task

B. email

C. calendar

D. contacts

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a hybrid deployment of Microsoft 365 that contains the objects shown in the following table.
 
Azure AD Connect has the following settings:
✑ Password Hash Sync: Enabled
✑ Password writeback: Enabled
✑ Group writeback: Enabled
You need to add User2 to Group 2.
Solution: You use the Azure Active Directory admin center.
Does this meet the goal?

A. Yes

B. No

Your company's Microsoft Azure Active Directory (Azure AD) tenant includes four users that are configured with the Privileged role administrator, the User administrator, the Security administrator, and the Billing administrator roles respectively.
A security group has been included in the tenant for the purpose of managing administrative accounts.
Which of the four roles can be used to add a user with the Security administrator role to the security group?

A. The Privileged role administrator role.

B. The User administrator role.

C. The Security administrator role.

D. The Billing administrator role.

In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments.
Policy1 is configured as shown in the exhibit.
 
You need to ensure that internal users can email documents that contain US bank account numbers to external users who have an email suffix of contoso.com.
What should you configure?

A. an action

B. a group

C. a condition

D. an exception

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@admin.onmicrosoft.com
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 111111111 -
 
You need to ensure that when Lynne Robbins attempts to sign in to the Microsoft Office 365 portal, Lynne Robbins is prompted to authenticate by using multiple methods.
To answer, sign in to the Microsoft 365 portal.

You have a Microsoft 365 subscription that uses Microsoft Teams.
You plan to enable guest user access in Teams.
You need to limit the organization information of users in the subscription that can be viewed by the guest users.
What admin center should you use?

A. the Exchange

B. the Microsoft Teams

C. the Azure Active Directory

D. the Microsoft 365

You need to consider the underlined segment to establish whether it is accurate.
Your company has deployed a Microsoft 365 tenant and to implemented multi-factor authentication.
They have four offices, of which one houses the R&D department. You have been asked to make sure that multi-factor authentication is compulsory only for users in the office houses the R&D department.
You create a conditional access policy.
Select `No adjustment required` if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.

A. No adjustment required

B. password protection

C. DLP

D. label

Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant.
The on-premises network contains a file server named Server1. Server1 has a share named Share1 that contains company documents.
Your company purchases a Microsoft 365 subscription.
You plan to migrate data from Share1 to Microsoft 365. Only data that was created or modified during the last three months will be migrated.
You need to identify all the files in Share1 that were modified or created during the last 90 days.
What should you use?

A. Server Manager

B. Microsoft SharePoint Migration Tool

C. Resource Monitor

D. Usage reports from the Microsoft 365 admin center

Your company's Microsoft Azure Active Directory (Azure AD) tenant includes four users. Two of the users are configured with the Global administrator, Password administrator roles respectively. A third user has both the Security administrator and the Guest inviter roles configured. The fourth user has no roles configured.
Which of the following is the user that has the necessary permissions to alter the password protection policy? (Choose all that apply.)

A. The user with the Global administrator role.

B. The user with the Password administrator role.

C. The user with the Security administrator and Guest inviter roles.

D. The user with no roles.

You have a Microsoft 365 subscription.
You plan to use Productivity Score and need to ensure that it can obtain device and software metrics.
What should you do?

A. Enable privileged access.

B. Configure Support integration:

C. Enable Endpoint analytics.

D. Run the Microsoft 365 network connectivity test on each device.