This page was exported from Actual Test Materials [ http://blog.actualtests4sure.com ] Export date:Fri Nov 15 20:30:15 2024 / +0000 GMT ___________________________________________________ Title: MS-100 Questions Pass on Your First Attempt Dumps for Microsoft 365 Certified [Q47-Q62] --------------------------------------------------- MS-100 Questions Pass on Your First Attempt Dumps for Microsoft 365 Certified MS-100 Practice Test Pdf Exam Material NO.47 From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.)You need to reduce the likelihood that the sign-ins are identified as risky.What should you do?  From the Security & Compliance admin center, add the users to the Security Readers role group.  From the Conditional access blade in the Azure Active Directory admin center, create named locations.  From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.  From the Security & Compliance admin center, create a classification label. References:https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-conditionNO.48 Your company has a hybrid deployment of Azure Active Directory (Azure AD).You purchase a Microsoft 365 subscription.Your company has a hybrid deployment of Azure Active Directory (Azure AD).You purchase a Microsoft 365 subscription.You plan to migrate the Home folder of each user to Microsoft 365 during several weeks. Each user has a device that runs Windows 10.You need to recommend a solution to migrate the Home folder of five administrative users as quickly as possible.Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Each user has a device that runs Windows 10.You need to recommend a solution to migrate the Home folder of five administrative users as quickly as possible.Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – Copy the OneDrive Administrative Templates to your computer.2 – From Group Policy Managenent Editor, configure the OneDrive settings.3 – Instruct the users to run gpupdate.exe/force at a command prompt on each device.Reference:https://practical365.com/clients/onedrive/migrate-home-drives-to-onedrive-for-business/NO.49 Your company has 500 client computers that run Windows 10.You plan to deploy Microsoft Office 365 ProPlus to all the computers.You create the following XML file for the planned deployment.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point. ExplanationBox 1:When the installation is complete, all users will be prompted to install several updates.In the configuration file, the Updates Enabled element is set to True. This means that Office will check for updates after the installation.The Channel element set to Broad means that all semi-annual channel updates will be installed.Box 2:Office 365 ProPlus will be installed only on the computers that run a 64-bit version of Windows 10.The OfficeClientEdition element defines whether the 32-bit or 64-bit edition of Office 365 ProPlus is downloaded or installed. In the configuration file, it is set to ’64’. The 64-bit version will only install on a64-bit client computer.Reference:https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-toolNO.50 You have a Microsoft Azure Active Directory (Azure AD) tenant.Your company implements Windows Information Protection (WIP).You need to modify which users and applications are affected by WIP.What should you do? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azureNO.51 You need to meet the security requirement for Group1.What should you do?  Configure all users to sign in by using multi-factor authentication.  Modify the properties of Group1.  Assign Group1 a management role.  Modify the Password reset properties of the Azure AD tenant. If SSPR (Self Service Password Reset) is enabled, you must select at least one of the following options for the authentication methods. Sometimes you hear these options referred to as “gates.” Mobile app notification Mobile app code Email Mobile phone Office phone Security questions You can specify the required authentication methods in the Password reset properties of the Azure AD tenant. In this case, you should set the required authentication method to be ‘Security questions’.Reference:https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworksNO.52 You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.An external user has a Microsoft account that uses an email address of user1@outlook.com.An administrator named Admin1 attempts to create a user account for the external user and receives the error message shown in the following exhibit.You need to ensure that Admin1 can add the user.What should you do from the Azure Active Directory admin center?  Add a custom domain name named outlook.com.  Modify the Authentication methods.  Modify the External collaboration settings.  Assign Admin1 the Security administrator role. Section: [none]Explanation:In the External Collaboration settings, you can set the following invitation policies:* Turn off invitations* Only admins and users in the Guest Inviter role can invite* Admins, the Guest Inviter role, and members can invite* All users, including guests, can inviteIn this question, an Admin user is unable to invite the guest user. This suggests that invitations are turned off altogether.Reference:https://docs.microsoft.com/en-us/azure/active-directory/b2b/delegate-invitationsNO.53 You have a Microsoft 365 Enterprise E5 subscription.You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area. Reference:https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practiceshttps://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Conditional-Access-now-in-the-new-Azure-portal/ba-p/250060NO.54 You have a Microsoft 365 subscription.You have a group named Support. Users in the Support group frequently send email messages to external users.The manager of the Support group wants to randomly review messages that contain attachments.You need to provide the manager with the ability to review messages that contain attachments sent from the Support group users to external users. The manager must have access to only 10 percent of the messages.What should you do? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationReferences:https://docs.microsoft.com/en-us/office365/securitycompliance/supervision-policiesNO.55 Your company has a hybrid deployment of Microsoft 365.An on-premises user named User1 is synced to Microsoft Azure Active Directory (Azure AD).Azure AD Connect is configured as shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point. ExplanationNO.56 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your network contains an Active Directory forest.You deploy Microsoft 365.You plan to implement directory synchronization.You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.* Users passwords must be 10 characters or more.Solution: Implement password hash synchronization and modify the password settings from the Default Domain Policy in Active Directory.Does this meet the goal?  Yes  No ExplanationThis solution meets the requirements:* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. (this is because the authentication is performed by Azure Active Directory).* Users passwords must be 10 characters or more. (the Default Domain Policy in the on-premise Active Directory can be configured to require the password length) Reference:https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronizationNO.57 Your company has a main office and 20 branch offices in North America and Europe. Each branch office connects to the main office by using a WAN link. All the offices connect to the Internet and resolve external host names by using the main office connections.You plan to deploy Microsoft 365 and to implement a direct Internet connection in each office.You need to recommend a change to the infrastructure to provide the quickest possible access to Microsoft 365 services.What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal.Select the BEST answer.  For all the client computers in the branch offices, modify the MTU setting by using a Group Policy object (GPO).  In each branch office, deploy a proxy server that has user authentication enabled.  In each branch office, deploy a firewall that has packet inspection enabled.  In each branch office, configure name resolution so that all external hosts are redirected to public DNS servers directly. NO.58 You have a Microsoft 365 subscription.You are configuring permissions for Security & Compliance.You need to ensure that the users can perform the tasks shown in the following table.The solution must use the principle of least privilege.To which role should you assign each user? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationSecurity Reader: Members can manage security alerts (view only), and also view reports and settings of security features.Security Administrator, Compliance Administrator and Organization Management can manage alerts.However, Security Administrator has the least privilege.Reference:https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-centNO.59 You are evaluating the use of multi-factor authentication (MFA).For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policyhttps://blog.admindroid.com/configuring-and-managing-mfa-in-office-365/NO.60 You have Microsoft 365 tenant that contains a Microsoft Power Platform environment named Environment1 (default). Environment1 contains a Microsoft Dataverse database.In the tenant, you create a user named User1. You assign a Microsoft Power Apps license to User1.Which security role for Environment1 is assigned automatically to User1?  Environment maker  System customizer  Delegate  System customizer Reference:https://docs.microsoft.com/en-us/power-platform/admin/database-security#predefined-security-rolesNO.61 You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the Windows 10 devices shown in the following table.All the devices are managed by using Microsoft Endpoint Manager and are members of a group named Group1.From the Microsoft Endpoint Manager admin center, you create an app suite named App1 for Microsoft Office365 apps.You configure the App1 settings as shown in the exhibit. (Click theYou assign App1 to Group1.For each of the following statements, select Yes if the statement is true. Otherwise, select No.Note: Each correct selection is worth one point. ExplanationBox 1: NoDevice1 is x86 (32-bit) so Office 365 will not be installed.Box 2: YesDevice2 is x64 (64-bit) so Office 365 will be installed. The German language pack will be installed and the OS language pack (English) will be installed.Box 3: YesDevice2 is x64 (64-bit) so Office 365 will be installed. The German language pack will be installed and the OS language pack (French) will be installed.Reference:https://docs.microsoft.com/en-us/mem/intune/apps/apps-add-office365NO.62 You have several Microsoft SharePoint document libraries in your on-premises environment.You have a Microsoft 365 tenant that has directory synchronization implemented.You plan to move all the document libraries to SharePoint Online.You need to recommend a migration strategy for the document libraries.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Reference:https://docs.microsoft.com/en-us/sharepointmigration/how-to-use-the-sharepoint-migration-tool Loading … MS-100 [Feb-2023] Newly Released] Exam Questions For You To Pass: https://www.actualtests4sure.com/MS-100-test-questions.html --------------------------------------------------- Images: https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-02-12 15:03:47 Post date GMT: 2023-02-12 15:03:47 Post modified date: 2023-02-12 15:03:47 Post modified date GMT: 2023-02-12 15:03:47