Q1. DRAG DROP
You are the Office 365 administrator for your company.
Users report that their passwords expire too frequently, and they do not receive adequate notice of password expiration.
Account passwords must remain active for the longest duration allowed. Users must receive password expiration notifications as early as possible.
You need to configure the password expiration policy.
How should you set the policy on the password page of the Office 365 admin center? To answer, drag the appropriate duration to the correct location. Each duration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q2. A company has an Office 365 tenant that has an Enterprise E1 subscription. Users currently sign in with credentials that include the contoso.com domain suffix.
The company is acquired by Fabrikam. Users must now sign in with credentials that include the fabrikam.com domain suffix.
You need to ensure that all users sign in with the new domain name.
Which Windows PowerShell cmdlet should you run?
A. Set-MsolUser
B. Redo-MsolProvisionUser
C. Set-MsolUserLicense
D. Set-MsolUserPrincipalName
E. Convert-MsolFederatedUser
F. Set-MailUser
G. Set-LinkedUser
H. New-MsolUser
Answer: D
Explanation: The Set-MsolUserPrincipalName cmdlet is used to change the User Principal Name (user ID) of a user. This cmdlet can be used to move a user between a federated and standard domain, which will result in their authentication type changing to that of the target domain.
The following command renames user1@contoso.com to CCole@contoso.com.
Set-MsolUserPrincipalName -UserPrincipalName User1@contoso.com -NewUserPrincipalName CCole@contoso.com
Incorrect:
Not A: The Set-MsolUser cmdlet is used to update a user object. This cmdlet should be used for basic properties only.
Not B: The Redo-MsolProvisionUser cmdlet can be used to retry the provisioning of a user object in Azure Active Directory when a previous attempt to create the user object resulted in a validation error.
Not C: The Set-MsolUserLicense cmdlet can be used to adjust the licenses for a user.
Not E: The Convert-MsolFederatedUser cmdlet is used to update a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. A new password must be provided for the user.
Not F: Use the Set-MailUser cmdlet, used for on premises Exchange Server (not Office 365), to modify the mail-related attributes of an existing user in Active Directory.
Not G: Use the Set-LinkedUser cmdlet to modify the properties of an existing linked user account. The Outlook Live Directory Sync (OLSync) service account is a linked user.
Not H: The New-MsolUser cmdlet is used to create a new user in the Microsoft Azure Active Directory (Microsoft Azure AD). In
Reference: Set-MsolUserPrincipalName
https://msdn.microsoft.com/en-us/library/azure/dn194096.aspx
Q3. Contoso Ltd. uses Office 365 for collaboration. You are implementing Active Directory Federation Services (AD FS) for single sign-on (SSO) with Office 365 services. The environment contains an Active Directory domain and an AD FS federation server.
You need to ensure that the environment is prepared for the AD FS setup.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Configure Active Directory to use the domain contoso.com.
B. Configure Active Directory to use the domain contoso.local.
C. Create a server authentication certificate for the federation server by using fs.contoso.com as the subject name and subject alternative name.
D. Create a server authentication certificate for the federation server by using fs.contoso.local as the subject name and subject alternative name.
Answer: A,C
Q4. An organization deploys an Office 365 tenant.
User accounts must be synchronized to Office 365 by using the Windows Azure Active
Directory Sync tool.
You have the following password policies:
Passwords for the on-premises Active Directory Domain Services (AD DS) user accounts are at least six characters long.
Passwords for Office 365 user accounts are at least eight characters long.
You need to ensure that the user accounts will be synchronized. Which user accounts will be synchronized?
A. All user accounts
B. No user accounts
C. User accounts with a password length of at least 8 characters
D. User accounts with a password length of at least 14 characters
Answer: A
Explanation:
After deploying ADFS tenant password policies are handled by the local Active Directory Environment, and not Office 365 Azure. All users will be synchronized and will utilize the AD DS six character long password policy.
Reference: http://howdouc.blogspot.ca/2011/04/active-directory-federation-services.html
Q5. DRAG DROP
A graphic design agency has an Office 365 tenant. The agency uses only computers that run the Apple Macintosh operating system. Some users have Microsoft Entourage 2008 for Mac, and some have Microsoft Outlook for Mac.
All users report that they cannot access Exchange Online to check their email.
You need to run test connectivity for all users to identify the problem. You need to use the Microsoft Remote Connectivity Analyzer and the credentials of the users.
What should you do? To answer, drag the appropriate test to run to the correct email client. Each test may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q6. An organization plans to deploy Exchange Online.
You must support all Exchange Online features.
You need to create the required DNS entries.
Which two DNS entries should you create? Each correct answer presents part of the solution.
A. A
B. SRV
C. MX
D. CNAME
Answer: C,D
Explanation:
Reference: http://technet.microsoft.com/en-us/library/hh852557.aspx
Q7. You create an Office 365 tenant. You assign administrative roles to other users. You hire a new user named User2.
User2 must NOT be able to change passwords for other users.
You need to assign an administrative role to User2.
Which role should you assign?
A. Service administrator
B. Global administrator
C. Delegate administrator
D. Password administrator
Answer: A
Explanation:
Reference:
https://support.office.com/en-US/Article/Assigning-admin-roles-eac4d046-1afd-4f1a-85fc-8219c79e1504?ui=en-US&rs=en-US&ad=US#__choose_an_admin
Q8. A company deploys an Office 365 tenant.
You must provide an administrator with the ability to manage company information in Office
365.
You need to assign permissions to the administrator by following the principle of least privilege.
Which role should you assign?
A. Global administrator
B. Service administrator
C. Billing administrator
D. User management administrator
Answer: A
Explanation:
Reference: http://onlinehelp.microsoft.com/en-in/office365-enterprises/gg243432.aspx#bkmk_EditProfile
Q9. Your company has a subscription to Office 365 for midsize business and enterprises. The company uses Microsoft Lync Online.
You need to open ports on the network firewall to enable all of the features of Lync Online.
Which port or ports should you open? (Each correct answer presents part of the solution. Choose all that apply.)
A. inbound TCP 443
B. outbound TCP 5061
C. outbound UDP 3478
D. outbound TCP 443
E. outbound UDP 50000 to outbound UDP 59999
F. inbound TCP 8080
Answer: A,C,D,E
Explanation:
Reference: http://ahandyblog.wordpress.com/cloud-technologies/firewall-ports-for-office-
Q10. HOTSPOT
An organization prepares to migrate to Office 365. The organization has one domain controller named NYC-DC1 and one server named NYC-DS that is designated as the directory synchronization computer.
The organization has the following servers:
You plan to upgrade the servers to support directory synchronization.
You must upgrade each server to meet only the minimum requirements by using the least amount of administrative effort. You need to ensure that you can use the Windows Azure Active Directory Sync tool to
synchronize the local Active Directory with Office 365.
What should you do? Select the correct action from each list in the answer area.
Answer: