MS-100 Exam - Microsoft 365 Identity and Services

NEW QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements. Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 2
Your company has a hybrid deployment of Microsoft 365.
An on-premises user named User1 is synced to Microsoft Azure Active Directory (Azure AD). Azure AD Connect is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 3
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Compliance Management role.
Does this meet the goal?

• A. Yes
• B. NO

Answer: A

NEW QUESTION 4
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation: The users are assigned SharePoint licenses directly. Their group memberships have no effect on licenses directly assigned to the user accounts.

NEW QUESTION 5
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains a user named User1.
You suspect that an imposter is signing in to Azure AD by using the credentials of User1.
You need to ensure that an administrator named Admin1 can view all the sign in details of User 1 from the
past 24 hours.
To which three roles should you add Admin1? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A. Security administrator
• B. Password administrator
• C. User administrator
• D. Compliance administrator

Answer: ABC

NEW QUESTION 6
Your company has 10,000 users who access all applications from an on-premises data center. You plan to create a Microsoft 365 subscription and to migrate data to the cloud.
You plan to implement directory synchronization.
User account and group accounts must sync to Microsoft Azure Directory (Azure AD) successfully. You discover that several user accounts fail to sync to Azure AD.
You need to identify which user accounts failed to sync. You must resolve the issue as quickly as possible. What should you do?

• A. From Active Directory Administrative Center, search for all the users, and then modify the properties of the user accounts.
• B. Run idfix.exe, and then click Complete.
• C. From Windows PowerShell, run the Start-AdSyncSyncCycle –PolicyType Delta command.
• D. Run idfix.exe, and then click Edit.

Answer: D

NEW QUESTION 7
Your company has an on-premises Microsoft Exchange Server 2013 organization. The company has 100 users.
The company purchases Microsoft 365 and plans to move its entire.- infrastructure to the cloud.
The company does NOT plan to sync the on-premises Active Directory domain to Microsoft Azure Active Directory (Azure AD).
You need to recommend which type of migration to use to move all email messages, contacts, and calendar items to Exchange Online.
What should you recommend?

• A. cutover migration
• B. IMAP migration
• C. remote move migration
• D. staged migration

Answer: A

Explanation: References:
https://docs.microsoft.com/en-us/exchange/mailbox-migration/cutover-migration-to-office-365

NEW QUESTION 8
Your company has a Microsoft 365 subscription that has multi-factor authentication configured for all users. Users on the network report that they are prompted for multi-factor authentication multiple times a day.
You need to reduce the number of times the users are prompted for multi-factor authentication on their
company-owned devices. What should you do?

• A. Enable the multi-factor authentication trusted IPs setting, and then verify each device as a trusted device.
• B. Enable the remember multi-factor authentication setting, and then verify each device as a trusted device.
• C. Enable the multi-factor authentication trusted IPs setting, and then join all client computers to Microsoft Azure Active Directory (Azure AD).
• D. Enable the remember multi-factor authentication setting, and then join all client computers to Microsoft Azure Active Directory (Azure AD).

Answer: B

Explanation: References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings

NEW QUESTION 9
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You purchase a domain named contoso.com from a registrar and add all the required DNS records.
You create a user account named User1. User1 is configured to sign in as user1@contoso.onmicrosoft.com. You need to configure User1 to sign in as user1@contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

NEW QUESTION 10
Which role should you assign to User1?

• A. Security Administrator
• B. Records Management
• C. Security Reader
• D. Hygiene Management

Answer: C

NEW QUESTION 11
You have a Microsoft 365 Enterprise subscription.
You have a conditional access policy to force multi factor .mthentication when accessing Microsoft SharePoint from a mobile device
You need to view which users authenticated by using multi factor authentication. What should you do?

• A. From the Microsoft 36S admin center, view the Security Compliance reports.
• B. From the Azure Active Directory admin center, view the user sign-ins.
• C. From the Microsoft 365 admin center, view the Usage reports.
• D. From the Azure Active Directory admin center, view the audit logs.

Answer: B

Explanation: References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

NEW QUESTION 12
Your company recently purchased a Microsoft 365 subscription.
You enable Microsoft Azure Multi-Factor Authentication (Ml A) for all 500 users in the Azure Active Directory (Azure AD) tenant.
You need to generate a report that lists all the users who completed the Azure MFA registration process. What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

• A. From Azure Cloud Shell, run the Get-AzureADUser cmdlet.
• B. From Azure Cloud Shell, run the Get-MsolUser cmdlet
• C. From the Azure Active Directory admin center, use the MFA Server blade.
• D. From the Azure Active Directory admin center, use the Risky sign-ins blade.

Answer: B

Explanation: References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

NEW QUESTION 13
Your company has 500 client computers that run Windows 10.
You plan to deploy Microsoft Office 365 ProPlus to all the computers. You create the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION 14
You have a Microsoft 365 subscription.
You view the service advisories shown in the following exhibit.

You need to ensure that users who administer Microsoft SharePoint Online can view the advisories to investigate health issues.
Which role should you assign to the users?

• A. SharePoint administrator
• B. Message Center reader
• C. Reports reader
• D. Service administrator

Answer: D

Explanation: References:
https://docs.microsoft.com/en-us/office365/admin/add-users/about-admin-roles?view=o365-worldwide

NEW QUESTION 15
You have a Microsoft 365 subscription.
You need to prevent phishing email messages from being delivered to your organization. What should you do?

• A. From the Exchange admin center, create an anti-malware policy.
• B. From Security & Compliance, create a DLP policy.
• C. From Security & Compliance, create a new threat management policy.
• D. From the Exchange admin center, create a spam filter policy.

Answer: C

Explanation: References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies

NEW QUESTION 16
You need to meet the security requirement for the vendors. What should you do?

• A. From the Azure portal, add an identity provider.
• B. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the –UserPrincipalName parameter.
• C. From the Azure portal, create guest accounts.
• D. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the –UserType parameter.

Answer: C