Exams > Microsoft > MS-100: Microsoft 365 Identity and Services
MS-100: Microsoft 365 Identity and Services
Page 13 out of 40 pages Questions 121-130 out of 397 questions
Question#121

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.

Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:

Lab Instance: 111111111 -

You recently discovered that several users in your organization have permissions on the mailbox of another user in the organization.
You need to ensure that Lee Gu receives a notification when a user is granted permissions on another user's mailbox.
To answer the question, sign in to the Microsoft 365 portal.

Discover Answer Hide Answer

Answer: See explanation below.
Create an activity alert -
1. Go to https://protection.office.com/managealerts.
2. Sign in to Office 365 using your work or school account.
3. On the Activity alerts page, click + New.
The flyout page to create an activity alert is displayed.

4. Complete the following fields to create an activity alert:
✑ Name - Type a name for the alert. Alert names must be unique within your organization.
✑ Description (Optional) - Describe the alert, such as the activities and users being tracked, and the users that email notifications are sent to. Descriptions provide a quick and easy way to describe the purpose of the alert to other admins.
✑ Alert type - Make sure the Custom option is selected.
✑ Send this alert when ג€" Click Send this alert when and then configure these two fields:
- Activities - Click the drop-down list to display the activities that you can create an alert for. This is the same activities list that's displayed when you search the Office 365 audit log. You can select one or more specific activities or you can click the activity group name to select all activities in the group. For a description of these activities, see the "Audited activities" section in Search the audit log. When a user performs any of the activities that you've added to the alert, an email notification is sent.
- Users - Click this box and then select one or more users. If the users in this box perform the activities that you added to the Activities box, an alert will be sent. Leave the Users box blank to send an alert when any user in your organization performs the activities specified by the alert.
✑ Send this alert to ג€" Click Send this alert, and then click in the Recipients box and type a name to add a users who will receive an email notification when a user (specified in the Users box) performs an activity (specified in the Activities box). Note that you are added to the list of recipients by default. You can remove your name from this list.
5. Click Save to create the alert.
The new alert is displayed in the list on the Activity alerts page.

The status of the alert is set to On. Note that the recipients who will received an email notification when an alert is sent are also listed.
References:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-activity-alerts?view=o365-worldwide

Question#122

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.

Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:

Lab Instance: 111111111 -

You need to ensure that all the users in your organization are prompted to change their password every 180 days.
To answer the question, sign in to the Microsoft 365 portal.

Discover Answer Hide Answer

Answer: See explanation below.
You need to configure the Password Expiration Policy.
1. Sign in to the Microsoft 365 Admin Center.
2. In the left navigation pane, expand the Settings section then select the Settings option.
3. Click on Security and Privacy.
4. Select the Password Expiration Policy.
5. Ensure that the checkbox labelled ג€Set user passwords to expire after a number of daysג€ is ticked.
6. Enter 180 in the ג€Days before passwords expireג€ field.
7. Click the 'Save changes' button.

Question#123

HOTSPOT -
Your network contains an on-premises Active Directory domain named adatum.com that syncs to Azure Active Directory (Azure AD) by using the Azure AD
Connect Express Settings. Password writeback is disabled.
You create a user named User1 and enter Pass in the Password field as shown in the following exhibit.

The Azure AD password policy is configured as shown in the following exhibit.
Hot Area:

Discover Answer Hide Answer

Answer:
Box 1: Yes -
The question states that User1 is synced to Azure AD. This tells us that the short password (Pass) meets the on-premise Active Directory password policy and you were able to create the on-premise account for User1. The on-premise Active Directory password policy applies over the Azure AD password policy for synced user accounts.

Box 2: No -
Self-Service Password Reset would need to be configured.

Box 3: Yes -
The password for the Azure AD User1 account will expire after 90 days according to the Azure AD password policy. If the on-premise password policy has a shorter password expiration period, User1 would have the change his/her on-premise AD password. The new password would then sync to Azure AD.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express

Question#124

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.

Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected]
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:

Lab Instance: 111111111 -

You need to add Adele Vance to a group named Managers. The solution must ensure that you can grant permissions to Managers.
To answer, sign in to the Microsoft 365 portal.

Discover Answer Hide Answer

Answer: See explanation below.
You need to create a group named Managers and add Adele Vance to the group. To ensure that you can grant permissions to the Managers group, the group needs to be a Security Group.
1. Sign in to the Microsoft 365 Admin Center.
2. In the left navigation pane, expand the Groups section then select Groups.
3. Click the 'Add a group' link.
4. For the group type, select Security and click Next.
5. Enter 'Managers' in the Name field and click Next.
6. Click the 'Create Group' button to create the Managers group.
7. In the list of groups, select the Managers group.
8. Click the Members link.
9. Click the 'View all and manage members link'.
10. Click the 'Add Members' button.
11. Select Adele Vance and click the Save button.
12. Click the Close button to close the group page.

Question#125

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.

Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected]
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:

Lab Instance: 111111111 -

You need to create a policy that allows a user named Lee Gu to use Outlook Web App to review 50 percent of the outbound email messages sent by a user named Joni Sherman.
To answer, sign in to the Microsoft 365 portal.

Discover Answer Hide Answer

Answer: See explanation below.
You need to configure a Supervision Policy.
1. Go to https://protection.office.com or navigate to the Security & Compliance admin center.
2. In the left navigation pane, select Supervision.
3. Click the '+Create' button to create a new supervision policy.
4. Give the policy a name such as 'Joni Sherman' and click Next.
5. In the 'Supervised users' section, click '+Add users or groups'.
6. Select Joni Sherman from the users list and click the Add button.
7. Deselect the 'Teams chats' and 'Skype for Business Conversations' checkboxes leaving only the 'Exchange Email' checkbox ticked and click Next.
8. Under 'Direction is', deselect Inbound leaving only Outbound selected and click Next.
9. In the 'Percentage to review' section, enter 50 and click Next.
10. In the 'Reviewers' section, start typing Lee Gu then select his account when it appears.
11. Click Next.
12. On the 'Review your settings' page, check the settings are correct the click the Finish button to create the policy.

Question#126

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.

Lab information -
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected]
Microsoft 365 Password: xxxxxxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:

Lab Instance: 111111111 -

You need to ensure that all the users in your organization are prompted to change their password every 60 days. The solution must ensure that the users are reminded that their password must be changed 10 days before the required change.
To answer, sign in to the Microsoft 365 portal.

Discover Answer Hide Answer

Answer: See explanation below.
You need to configure the Password Expiration Policy.
1. Sign in to the Microsoft 365 Admin Center.
2. In the left navigation pane, expand the Settings section then select the Settings option.
3. Click on Security and Privacy.
4. Select the Password Expiration Policy.
5. Ensure that the checkbox labelled ג€Set user passwords to expire after a number of daysג€ is ticked.
6. Enter 60 in the ג€Days before passwords expireג€ field.
7. Enter 10 in the ג€Days before a user is notified about expirationג€ field.
8. Click the 'Save changes' button.

Question#127

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
✑ Contoso.com
✑ East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to active mode.
Does this meet the goal?

  • A. Yes
  • B. No
Discover Answer Hide Answer

Answer: B
You can only have one the AD Connect per tenant and one is already located in the root domain. Instead, run the wizard and add the new child domain to sync.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies

Question#128

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
✑ Contoso.com
✑ East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to staging mode.
Does this meet the goal?

  • A. Yes
  • B. No
Discover Answer Hide Answer

Answer: B
When Azure AD Connect is set to staging mode, this action makes the server active for import and synchronization, but it does not run any exports. A server in staging mode is not running password sync or password writeback, even if you selected these features during installation.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server

Question#129

You have a Microsoft 365 subscription that contains the domains shown in the following exhibit.

Which domain name suffixes can you use when you create users?

  • A. only Sub1.Contoso1919.onmicrosoft.com
  • B. only Contoso1919.onmicrosoft.com and Sub2.Contoso1919.onmicrosoft.com
  • C. only Contoso1919.onmicrosoft.com, Sub1.Contoso1919.onmicrosoft.com, and Sub2.Contoso1919.onmicrosoft.com
  • D. all the domains in the subscription
Discover Answer Hide Answer

Answer: C

Question#130

You have a Microsoft 365 subscription that contains the users shown in the following table.

You plan to use Exchange Online to manage email for a DNS domain.
An administrator adds the DNS domain to the subscription.
The DNS domain has a status of incomplete setup.
You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.
Which user should you identify?

  • A. User1
  • B. User2
  • C. User3
  • D. User4
Discover Answer Hide Answer

Answer: A
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/setup/add-domain?view=o365-worldwide

chevron rightPrevious Nextchevron right