Microsoft MS-102 Practice Test - Questions Answers, Page 31
Question list
List of questions
Related questions
You have a Microsoft 365 E5 subscription.
Conditional Access is configured to block high-risk sign-ins for all users.
All users are in France and are registered for multi-factor authentication (MFA).
Users in the media department will travel to various countries during the next month.
You need to ensure that if the media department users are blocked from signing in while traveling, the users can remediate the issue without administrator intervention.
What should you configure?
an exclusion group
the MFA registration policy
named locations
self-service password reset (SSPR)
You have a Microsoft 365 E5 subscription that contains the following user:
Name: User1
UPN: [email protected]
Email address: [email protected]
MFA enrollment status: Disabled
When User1 attempts to sign in to Outlook on the web by using the [email protected] email address, the user cannot sign in.
You need to ensure that User1 can sign in to Outlook on the web by using [email protected].
What should you do?
Assign an MFA registration policy to User1.
Reset the password of User1.
Add an alternate email address for User1.
Modify the UPN of User1.
HOTSPOT
Your network contains an Active Directory domain named fabrikam.com. The domain contains the objects shown in the following table.
The groups have the members shown in the following table.
You are configuring synchronization between fabrikam.com and an Azure AD tenant.
You configure the Domain/OU Filtering settings in Azure AD Connect as shown in the Domain/OU Filtering exhibit (Click the Domain/OU Filtering tab.)
You configure the Filtering settings in Azure AD Connect as shown in the Filtering exhibit. (Click the Filtering tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft 365 E5 subscription.
From Azure AD Identity Protection on August 1, you configure a Multifactor authentication registration policy that has the following settings:
Assignments: All users
Controls: Require Azure AD multifactor authentication registration
Enforce Policy: On
On August 3, you create two users named User1 and User2.
Users authenticate by using Azure Multi-Factor Authentication (MFA) for the first time on the dates shown in the following table.
By which dates will User1 and User2 be forced to complete their Azure MFA registration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your on-premises network contains an Active Directory domain.
You have a Microsoft 365 subscription.
You need to sync the domain with the subscription. The solution must meet the following requirements:
On-premises Active Directory password complexity policies must be enforced.
Users must be able to use self-service password reset (SSPR) in Azure AD.
What should you use?
password hash synchronization
Azure AD Identity Protection
Azure AD Seamless Single Sign-On (Azure AD Seamless SSO)
pass-through authentication
You have a Microsoft 365 E5 subscription.
Users access Microsoft 365 from both their laptop and a corporate Virtual Desktop Infrastructure (VDI) solution.
From Azure AD Identity Protection, you enable a sign-in risk policy.
Users report that when they use the VDI solution, they are regularly blocked when they attempt to access Microsoft 365.
What should you configure?
the Tenant restrictions settings in Azure AD
a trusted location
a Conditional Access policy exclusion
the Microsoft 365 network connectivity settings
HOTSPOT
You have a Microsoft 365 E5 subscription that contains a user named User1.
Azure AD Password Protection is configured as shown in the following exhibit.
User1 attempts to update their password to the following passwords:
F@lcon
Project22
T4il$pin45dg4
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.
Azure AD Connect has the following settings:
Password Hash Sync: Enabled
Pass-through authentication: Enabled
You need to identify which users will be able to authenticate by using Azure AD if connectivity between on-premises Active Directory and the internet is lost.
Which users should you identify?
none
Used only1
User1 and User2 only
User1. User2, and User3
Your network contains an on-premises Active Directory domain named contoso.com.
For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.
You plan to sync contoso.com to an Azure AD tenant.
You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.
What should you include in the recommendation?
pass-through authentication
conditional access policies
password synchronization
Azure AD Identity Protection policies
Your network contains three Active Directory forests. There are forests trust relationships between the forests.
You create an Microsoft Entra tenant.
You plan to sync the on-premises Active Directory to Microsoft Entra tenant.
You need to recommend a synchronization solution. The solution must ensure that the synchronization can complete successfully and as quickly as possible if a single server fails.
What should you include in the recommendation?
one Microsoft Entra Connect sync server and one Microsoft Entra Connect sync server in staging mode
three Microsoft Entra Connect sync servers and one Microsoft Entra Connect sync server in staging mode
six Microsoft Entra Connect sync servers and three Microsoft Entra Connect sync servers in staging mode
three Microsoft Entra Connect sync servers and three Microsoft Entra Connect sync servers in staging mode
Question