HOTSPOT -
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains five domain controllers.
Your company purchases Microsoft 365 and creates a Microsoft Azure Directory (Azure AD) tenant named contoso.onmicrosoft,com.
You plan to establish federation authentication between on-premises Active Directory and the Azure AD tenant by using Active Directory Federation Services (AD
FS).
You need to establish the federation.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
The on-premises Active Directory domain is named contoso.com. Before you can configure federation authentication between on-premises Active Directory and the Azure AD tenant, you need to add the domain contoso.com to Microsoft 365. You do this by adding a custom domain name.
The next step is to establish the federation. You can configure AD FS by using Azure AD Connect.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-custom#configuring-federation-with-ad-fs
HOTSPOT -
You have a hybrid deployment of Azure Active Directory (Azure AD) that contains the users shown in the following table.
You need to identify which users can perform the following tasks:
✑ View sync errors in Azure AD Connect Health.
✑ Configure Azure AD Connect Health settings.
Which user should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-diagnose-sync-errors https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-operations https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis
HOTSPOT -
Your network contains an on-premises Active Directory domain and a Microsoft 365 subscription.
The domain contains the users shown in the following table.
The domain contains the groups shown in the following table.
You are deploying Azure AD Connect.
You configure Domain and OU filtering as shown in the following exhibit.
You configure Filter users and devices as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering
HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains a group named Group1. The subscription is linked to an Azure Active Directory (Azure AD) tenant named contoso.com.
The Identity Governance settings for contoso.com are configured as shown in the following table.
On March 1, 2022, you invite the guest users shown in the following table to contoso.com.
On March 2, 2022, you add Guest1 to Group1.
On March 5, 2022, you create an access package named Package1 that has the following settings:
• Resource roles
o Name: Group1
o Type: Group and Team
o Role: Member
• Lifecycle
o Access package assignments expire: On date
o Assignment expiration date: March 20, 2022
On March 5, 2022, you assign Package1 to the guest users shown in the following table.
On March 6, 2022, you assign the Reports reader role to Guest3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains the following group:
• Name: Group1
• Members: User1, User2
• Owner: User3
You create an access review that has the following settings:
• Review name: Review1
• Group: Group1
• Scope: All users
• Select reviewers: Users review their own access
• Duration (in days): 14
• Review recurrence: Monthly
• Start date: 5/1/2022
• End: End after number of occurrences
• Occurrences: 6
• Auto apply results to resource: Enable
Initial user responses to Review1 are shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You enable Microsoft 365 usage analytics for Microsoft Power BI.
Which users can use Power BI to connect to Microsoft 365 usage analytics and review usage analytics reports?
Answer:
B
Your network contains an Active Directory domain.
You have an Azure Active Directory (Azure AD) tenant that has Security defaults enabled.
Azure AD Connect is configured for directory synchronization. Password hash synchronization and pass-through authentication are disabled.
You need to enable Azure AD Identity Protection to detect leaked credentials.
What should you do first?
Answer:
D
HOTSPOT
-
You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1. Group1 is configured as shown in the following exhibit.
An external user named User1 has an email address of [email protected]
You need to add User1 to Group1.
What should you do first and which portal should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
You have a Microsoft 365 subscription that contains a user named User1.
User1 requires admin access to perform the following tasks:
• Manage Microsoft Exchange Online settings.
• Create Microsoft 365 groups.
You need to ensure that User1 only has admin access for eight hours and requires approval before the role assignment takes place.
What should you use?
Answer:
D
HOTSPOT
-
You have an Azure AD tenant that contains the groups shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
