ExamGecko
Search Search Login
Home Home / Microsoft / MS-102

Microsoft MS-102 Practice Test - Questions Answers, Page 24

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT Your company has a Microsoft 365 subscription that contains the users shown in the following table. External collaboration settings have default configuration. You need to identify which users can perform the following administrative tasks: * Modify the password protection policy. * Create guest user accounts. Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the labels shown in the following table. You have the items shown in the following table. Which items can you view in Content explorer?
HOTSPOT You have a Microsoft 365 E5 subscription that contains 200 Android devices enrolled in Microsoft Intune. You create an Android app protection policy named Policy! that is targeted to all Microsoft apps and assigned to all users. Policy! has the Data protection settings shown in the following exhibit. Use the drop-down menus to select 'he answer choice that completes each statement based on the information presented in the graphic.
You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2. Which authentication strategy should you implement for the pilot projects?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection. Does this meet the goal?
You have a Microsoft 365 subscription that contains the users shown in the following table. You plan to use Exchange Online to manage email for a DNS domain. An administrator adds the DNS domain to the subscription. The DNS domain has a status of Incomplete setup. You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege. Which user should you identify?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen. Your network contains an Active Directory forest. You deploy Microsoft 365. You plan to implement directory synchronization. You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements: * Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. * User passwords must be 10 characters or more. Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant. Does this meet the goal?
HOTSPOT You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365. You need to identify the settings that are below the Standard protection profile settings in the preset security policies. What should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have a Microsoft 365 E5 subscription that contains the devices shown in the following table. All the devices are onboarded To Microsoft Defender for Endpoint You plan to use Microsoft Defender Vulnerability Management to meet the following requirements: * Detect operating system vulnerabilities.
You have an Azure AD tenant. You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD. You purchase a Microsoft 365 E3 subscription. You need to deploy Windows 10 Enterprise to the computers. The solution must minimize administrative effort. What should you do?

Question 231

Report
Export
Collapse

Your company has a Microsoft 365 subscription.

You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license.

What should you use?

A.

Active users in the Microsoft 365 admin center

A.

Active users in the Microsoft 365 admin center

Answers
B.

Reports in Microsoft Purview compliance portal

B.

Reports in Microsoft Purview compliance portal

Answers
C.

the Licenses blade in the Microsoft Entra admin center

C.

the Licenses blade in the Microsoft Entra admin center

Answers
D.

Reports in the Microsoft 365 admin center

D.

Reports in the Microsoft 365 admin center

Answers
Suggested answer: D

Explanation:

Microsoft 365 Reports in the admin center

You can easily see how people in your business are using Microsoft 365 services. For example, you can identify who is using a service a lot and reaching quotas, or who may not need a Microsoft 365 license at all.

Which activity reports are available in the admin center

Depending on your subscription, here are the available reports in all environments.

https://learn.microsoft.com/en-us/microsoft-365/admin/activity-reports/activity-reports

Question 232

Report
Export
Collapse

HOTSPOT

You have a Microsoft 365 subscription that contains the users shown in the following table.

You need to configure a dynamic user group that will include the guest users in any department that contains the word Support.

How should you complete the membership rule? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 232
Correct answer: Question 232

Explanation:

https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership

Question 233

Report
Export
Collapse

HOTSPOT

Your company uses a legacy on-premises LDAP directory that contains 100 users.

The company purchases a Microsoft 365 subscription.

You need to import the 100 users into Microsoft 365 by using the Microsoft 365 admin center.

Which type of file should you use and which properties are required? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 233
Correct answer: Question 233

Explanation:

https://learn.microsoft.com/en-us/microsoft-365/enterprise/add-several-users-at-the-same-time

Question 234

Report
Export
Collapse

You have a Microsoft 365 subscription that contains the users shown in the following table.

You need to configure group-based licensing to meet the following requirements:

To all users, deploy an Office 365 E3 license without the Power Automate license option.

To all users, deploy an Enterprise Mobility + Security E5 license.

To the users in the research department only, deploy a Power BI Pro license.

To the users in the marketing department only, deploy a Visio Plan 2 license.

What is the minimum number of deployment groups required?

A.

1

A.

1

Answers
B.

2

B.

2

Answers
C.

3

C.

3

Answers
D.

4

D.

4

Answers
E.

5

E.

5

Answers
Suggested answer: C

Explanation:

One for all users, one for the research department, and one for the marketing department.

Note: What are Deployment Groups?

With Deployment Groups, you can orchestrate deployments across multiple servers and perform rolling updates, while ensuring high availability of your application throughout. You can also deploy to servers on-premises or virtual machines on Azure or any cloud, plus have end-to-end traceability of deployed artifact versions down to the server level.

https://devblogs.microsoft.com/devops/deployment-groups-is-now-generally-available-sharing-of-targets-and-more

Question 235

Report
Export
Collapse

You have a Microsoft 365 subscription.

You view the Service health Overview as shown in the following exhibit.

You need to ensure that a user named User1 can view the advisories to investigate service health issues.

Which role should you assign to User1?

A.

Message Center Reader

A.

Message Center Reader

Answers
B.

Reports Reader

B.

Reports Reader

Answers
C.

Service Support Administrator

C.

Service Support Administrator

Answers
D.

Compliance Administrator

D.

Compliance Administrator

Answers
Suggested answer: B

Explanation:


Question 236

Report
Export
Collapse

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You add the following assignment for the User Administrator role:

Scope type: Directory

Selected members: Group1

Assignment type: Active

Assignment starts: Mar 15, 2023

Assignment ends: Aug 15, 2023

You add the following assignment for the Exchange Administrator role:

Scope type: Directory

Selected members: Group2

Assignment type: Eligible

Assignment starts: Jun 15, 2023

Assignment ends: Oct 15, 2023

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 236
Correct answer: Question 236

Explanation:

https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference

https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/groups-assign-member-owner

Question 237

Report
Export
Collapse

You have a Microsoft 365 subscription.

You have an Azure AD tenant that contains the users shown in the following table.

You configure Tenant properties as shown in the following exhibit.

Which users will be contacted by Microsoft if the tenant experiences a data breach?

A.

Used only

A.

Used only

Answers
B.

User2 only

B.

User2 only

Answers
C.

User3 only

C.

User3 only

Answers
D.

Used and User2 only

D.

Used and User2 only

Answers
E.

User2 and User3 only

E.

User2 and User3 only

Answers
Suggested answer: B

Explanation:

Microsoft 365 is committed to notifying customers within 72 hours of breach declaration. The customer's tenant administrator will be notified.

https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-office365

Question 238

Report
Export
Collapse

Your network contains an Active Directory forest named contoso.local.

You purchase a Microsoft 365 subscription.

You plan to move to Microsoft 365 and to implement a hybrid deployment solution for the next 12 months.

You need to prepare for the planned move to Microsoft 365.

What is the best action to perform before you implement directory synchronization? More than one answer choice may achieve the goal. Select the BEST answer.

A.

Purchase a third-party X.509 certificate.

A.

Purchase a third-party X.509 certificate.

Answers
B.

Create an external forest trust.

B.

Create an external forest trust.

Answers
C.

Rename the Active Directory forest.

C.

Rename the Active Directory forest.

Answers
D.

Purchase a custom domain name.

D.

Purchase a custom domain name.

Answers
Suggested answer: D

Explanation:

The first thing you need to do before you implement directory synchronization is to purchase a custom domain name. This could be the domain name that you use in your on-premise Active Directory if it's a routable domain name, for example, contoso.com.

If you use a non-routable domain name in your Active Directory, for example contoso.local, you'll need to add the routable domain name as a UPN suffix in Active Directory.

Incorrect:

Not C: No need to rename the Active Directory forest. As we use a non-routable domain name contoso.local, we just need to add the routable domain name as a UPN suffix in Active Directory.

https://docs.microsoft.com/en-us/office365/enterprise/set-up-directory-synchronization

Question 239

Report
Export
Collapse

You have a Microsoft 365 subscription.

You configure a new Azure AD enterprise application named App1. App1 requires that a user be assigned the Reports Reader role.

Which type of group should you use to assign the Reports Reader role and to access App1?

A.

a Microsoft 365 group that has assigned membership

A.

a Microsoft 365 group that has assigned membership

Answers
B.

a Microsoft 365 group that has dynamic user membership

B.

a Microsoft 365 group that has dynamic user membership

Answers
C.

a security group that has assigned membership

C.

a security group that has assigned membership

Answers
D.

a security group that has dynamic user membership

D.

a security group that has dynamic user membership

Answers
Suggested answer: C

Explanation:

To grant permissions to assignees to manage users and group access for a specific enterprise app, go to that app in Azure AD and open in the Roles and Administrators list for that app. Select the new custom role and complete the user or group assignment. The assignees can manage users and group access only for the specific app.

Note: You can add the following types of groups:

Assigned groups - Manually add users or devices into a static group.

Dynamic groups (Requires Azure AD Premium) - Automatically add users or devices to user groups or device groups based on an expression you create.

Note:

Security groups

Security groups are used for granting access to Microsoft 365 resources, such as SharePoint. They can make administration easier because you need only administer the group rather than adding users to each resource individually.

Security groups can contain users or devices. Creating a security group for devices can be used with mobile device management services, such as Intune.

Security groups can be configured for dynamic membership in Azure Active Directory, allowing group members or devices to be added or removed automatically based on user attributes such as department, location, or title; or device attributes such as operating system version.

Security groups can be added to a team.

Microsoft 365 Groups can't be members of security groups.

Microsoft 365 Groups

Microsoft 365 Groups are used for collaboration between users, both inside and outside your company. With each Microsoft 365 Group, members get a group email and shared workspace for conversations, files, and calendar events, Stream, and a Planner.

https://learn.microsoft.com/en-us/azure/active-directory/roles/custom-enterprise-apps

https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/compare-groups?

https://learn.microsoft.com/en-us/mem/intune/apps/apps-deploy

Question 240

Report
Export
Collapse

You have a new Microsoft 365 E5 tenant.

You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected.

What should you do first?

A.

Enable auditing.

A.

Enable auditing.

Answers
B.

Enable Microsoft 365 usage analytics.

B.

Enable Microsoft 365 usage analytics.

Answers
C.

Create an Insider risk management policy.

C.

Create an Insider risk management policy.

Answers
D.

Create a communication compliance policy.

D.

Create a communication compliance policy.

Answers
Suggested answer: A

Explanation:

Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization.

Note: Permissions alert policies

Example: Elevation of Exchange admin privilege

Generates an alert when someone is assigned administrative permissions in your Exchange Online organization. For example, when a user is added to the Organization Management role group in Exchange Online.

https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-solutions-overview

https://learn.microsoft.com/en-us/microsoft-365/compliance/alert-policies

Total 467 questions
Go to page: of 47
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms