Microsoft MS-102 Practice Test - Questions Answers, Page 39
Question list
List of questions
Related questions
You have a Microsoft 365 E5 subscription.
You create a Conditional Access policy that blocks access to an app named App1 when users trigger a high-risk sign-in event.
You need to reduce false positives for impossible travel when the users sign in from the corporate network.
What should you configure?
exclusion groups
multi-factor authentication (MFA)
named locations
user risk policies
HOTSPOT
You have an Azure AD tenant that contains the users shown in the following table.
You enable self-service password reset for all users. You set Number of methods required to reset to 1, and you set Methods available to users to Security questions only.
What information must be configured for each user before the user can perform a self-service password reset? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
Users have Android or iOS devices and access Microsoft 365 resources from computers that run Windows 11 or MacOS.
You need to implement passwordless authentication. The solution must support all the devices.
Which authentication method should you use?
Windows Hello
FID02 compliant security keys
Microsoft Authenticator app
HOTSPOT
You have a Microsoft 365 subscription.
From the Microsoft 365 admin center, you open the Microsoft 365 Apps usage report as shown in the following exhibit.
You need ensure that the report meets the following requirements:
* The Username column must display the actual name of each user.
* Usage of the Microsoft Teams mobile app must be displayed.
What should you modify for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You plan to create a Conditional Access policy that will use GPS-based named locations.
Which users can the policy protect?
User2 and User4 only
User1 and User3 only
Userl1 only
User1, User2. User3. and User4
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
Each user has an Android device with the Microsoft Authenticator app installed and has set up phone sign-in.
The subscription has the following Conditional Access policy:
* Name: Policy1
* Assignments
o Users and groups: Group1, Group2
o Cloud apps or actions: All cloud apps
* Access controls
o Grant Require multi-factor authentication
* Enable policy: On
From Microsoft Authenticator settings for the subscription, the Enable and Target settings are configured as shown in the exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
HOTSPOT
Your network contains an on-premises Active Directory domain named adatum.com that syncs to Azure AD by using the Azure AD Connect Express Settings. Password write back is disabled.
You create a user named User1 and enter Pass in the Password field as shown in the following exhibit.
The Azure AD password policy is configured as shown in the following exhibit.
Password policy
Set the password policy for all users in your organization.
Days before passwords expire 90
Days before a user is notified about 14
expiration
You confirm that User1 is synced to Azure AD.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription.
On Monday, you create a new user named User1.
On Tuesday, User1 signs in for the first time and perform the following actions:
* Signs in to Microsoft Exchange Online from an anonymous IP address
* Signs in to Microsoft SharePoint Online from a device in New York City.
* Establishes Remote Desktop connections to hosts in Berlin and Hong Kong, and then signs in to SharePoint Online from the Remote Desktop connections
Which types of sign-in risks will Azure AD Identity Protection detect for User1?
anonymous IP address only
anonymous IP address and atypical travel
anonymous IP address, atypical travel, and unfamiliar sign-in properties
unfamiliar sign-in properties and atypical travel only
anonymous IP address and unfamiliar sign-in properties only
You have a Microsoft 365 subscription that contains an Azure AD tenant named contoso.com.
Corporate policy states that user passwords must not include the word Contoso.
What should you do to implement the corporate policy?
From Azure AD Identity Protection, configure a sign-in risk policy.
From the Microsoft Entra admin center, create a conditional access policy.
From the Microsoft 365 admin center, configure the Password policy settings.
From the Microsoft Entra admin center, configure the Password protection settings.
HOTSPOT
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.
From the Sign-ins blade of the Microsoft Entra admin center for which users can User1 and User2 view the sign-ins? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question