ExamGecko
Login
Home / Microsoft / MS-102 / List of questions
Ask Question

Microsoft MS-102 Practice Test - Questions Answers, Page 24

List of questions

Question 231

Report
Export
Collapse

Your company has a Microsoft 365 subscription.

You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license.

What should you use?

Active users in the Microsoft 365 admin center

Active users in the Microsoft 365 admin center

Reports in Microsoft Purview compliance portal

Reports in Microsoft Purview compliance portal

the Licenses blade in the Microsoft Entra admin center

the Licenses blade in the Microsoft Entra admin center

Reports in the Microsoft 365 admin center

Reports in the Microsoft 365 admin center
Suggested answer: D

Explanation:

Microsoft 365 Reports in the admin center

You can easily see how people in your business are using Microsoft 365 services. For example, you can identify who is using a service a lot and reaching quotas, or who may not need a Microsoft 365 license at all.

Which activity reports are available in the admin center

Depending on your subscription, here are the available reports in all environments.

Microsoft MS-102 image Question 192 explanation 104128 10052024010458000000

https://learn.microsoft.com/en-us/microsoft-365/admin/activity-reports/activity-reports

asked 05/10/2024
Said Jabri
40 questions

Question 232

Report
Export
Collapse

HOTSPOT

You have a Microsoft 365 subscription that contains the users shown in the following table.

Microsoft MS-102 image Question 193 104129 10052024010458000000

You need to configure a dynamic user group that will include the guest users in any department that contains the word Support.

How should you complete the membership rule? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft MS-102 image Question 232 104129 10052024010458000
Correct answer: Microsoft MS-102 image answer Question 232 104129 10052024010458000

Explanation:

https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership

asked 05/10/2024
Juan Carlos Yepez
36 questions

Question 233

Report
Export
Collapse

HOTSPOT

Your company uses a legacy on-premises LDAP directory that contains 100 users.

The company purchases a Microsoft 365 subscription.

You need to import the 100 users into Microsoft 365 by using the Microsoft 365 admin center.

Which type of file should you use and which properties are required? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft MS-102 image Question 233 104130 10052024010458000
Correct answer: Microsoft MS-102 image answer Question 233 104130 10052024010458000

Explanation:

https://learn.microsoft.com/en-us/microsoft-365/enterprise/add-several-users-at-the-same-time

asked 05/10/2024
Ahsan Ilyas
32 questions

Question 234

Report
Export
Collapse

You have a Microsoft 365 subscription that contains the users shown in the following table.

Microsoft MS-102 image Question 195 104131 10052024010458000000

You need to configure group-based licensing to meet the following requirements:

To all users, deploy an Office 365 E3 license without the Power Automate license option.

To all users, deploy an Enterprise Mobility + Security E5 license.

To the users in the research department only, deploy a Power BI Pro license.

To the users in the marketing department only, deploy a Visio Plan 2 license.

What is the minimum number of deployment groups required?

1

1

2

2

3

3

4

4

5

5
Suggested answer: C

Explanation:

One for all users, one for the research department, and one for the marketing department.

Note: What are Deployment Groups?

With Deployment Groups, you can orchestrate deployments across multiple servers and perform rolling updates, while ensuring high availability of your application throughout. You can also deploy to servers on-premises or virtual machines on Azure or any cloud, plus have end-to-end traceability of deployed artifact versions down to the server level.

https://devblogs.microsoft.com/devops/deployment-groups-is-now-generally-available-sharing-of-targets-and-more

asked 05/10/2024
Katlego Nkwane
45 questions

Question 235

Report
Export
Collapse

You have a Microsoft 365 subscription.

You view the Service health Overview as shown in the following exhibit.

Microsoft MS-102 image Question 196 104132 10052024010458000000

You need to ensure that a user named User1 can view the advisories to investigate service health issues.

Which role should you assign to User1?

Message Center Reader

Message Center Reader

Reports Reader

Reports Reader

Service Support Administrator

Service Support Administrator

Compliance Administrator

Compliance Administrator
Suggested answer: B

Explanation:


asked 05/10/2024
Trevore Agee
25 questions

Question 236

Report
Export
Collapse

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

Microsoft MS-102 image Question 197 104133 10052024010458000000

You add the following assignment for the User Administrator role:

Scope type: Directory

Selected members: Group1

Assignment type: Active

Assignment starts: Mar 15, 2023

Assignment ends: Aug 15, 2023

You add the following assignment for the Exchange Administrator role:

Scope type: Directory

Selected members: Group2

Assignment type: Eligible

Assignment starts: Jun 15, 2023

Assignment ends: Oct 15, 2023

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Microsoft MS-102 image Question 236 104133 10052024010458000
Correct answer: Microsoft MS-102 image answer Question 236 104133 10052024010458000

Explanation:

https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference

https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/groups-assign-member-owner

asked 05/10/2024
TRONG KY
51 questions

Question 237

Report
Export
Collapse

You have a Microsoft 365 subscription.

You have an Azure AD tenant that contains the users shown in the following table.

Microsoft MS-102 image Question 198 104134 10052024010458000000

You configure Tenant properties as shown in the following exhibit.

Microsoft MS-102 image Question 198 104134 10052024010458000000

Which users will be contacted by Microsoft if the tenant experiences a data breach?

Used only

Used only

User2 only

User2 only

User3 only

User3 only

Used and User2 only

Used and User2 only

User2 and User3 only

User2 and User3 only
Suggested answer: B

Explanation:

Microsoft 365 is committed to notifying customers within 72 hours of breach declaration. The customer's tenant administrator will be notified.

https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-office365

asked 05/10/2024
sujan bolla
38 questions

Question 238

Report
Export
Collapse

Your network contains an Active Directory forest named contoso.local.

You purchase a Microsoft 365 subscription.

You plan to move to Microsoft 365 and to implement a hybrid deployment solution for the next 12 months.

You need to prepare for the planned move to Microsoft 365.

What is the best action to perform before you implement directory synchronization? More than one answer choice may achieve the goal. Select the BEST answer.

Purchase a third-party X.509 certificate.

Purchase a third-party X.509 certificate.

Create an external forest trust.

Create an external forest trust.

Rename the Active Directory forest.

Rename the Active Directory forest.

Purchase a custom domain name.

Purchase a custom domain name.
Suggested answer: D

Explanation:

The first thing you need to do before you implement directory synchronization is to purchase a custom domain name. This could be the domain name that you use in your on-premise Active Directory if it's a routable domain name, for example, contoso.com.

If you use a non-routable domain name in your Active Directory, for example contoso.local, you'll need to add the routable domain name as a UPN suffix in Active Directory.

Incorrect:

Not C: No need to rename the Active Directory forest. As we use a non-routable domain name contoso.local, we just need to add the routable domain name as a UPN suffix in Active Directory.

https://docs.microsoft.com/en-us/office365/enterprise/set-up-directory-synchronization

asked 05/10/2024
Kabi Bashala
36 questions

Question 239

Report
Export
Collapse

You have a Microsoft 365 subscription.

You configure a new Azure AD enterprise application named App1. App1 requires that a user be assigned the Reports Reader role.

Which type of group should you use to assign the Reports Reader role and to access App1?

a Microsoft 365 group that has assigned membership

a Microsoft 365 group that has assigned membership

a Microsoft 365 group that has dynamic user membership

a Microsoft 365 group that has dynamic user membership

a security group that has assigned membership

a security group that has assigned membership

a security group that has dynamic user membership

a security group that has dynamic user membership
Suggested answer: C

Explanation:

To grant permissions to assignees to manage users and group access for a specific enterprise app, go to that app in Azure AD and open in the Roles and Administrators list for that app. Select the new custom role and complete the user or group assignment. The assignees can manage users and group access only for the specific app.

Note: You can add the following types of groups:

Assigned groups - Manually add users or devices into a static group.

Dynamic groups (Requires Azure AD Premium) - Automatically add users or devices to user groups or device groups based on an expression you create.

Note:

Security groups

Security groups are used for granting access to Microsoft 365 resources, such as SharePoint. They can make administration easier because you need only administer the group rather than adding users to each resource individually.

Security groups can contain users or devices. Creating a security group for devices can be used with mobile device management services, such as Intune.

Security groups can be configured for dynamic membership in Azure Active Directory, allowing group members or devices to be added or removed automatically based on user attributes such as department, location, or title; or device attributes such as operating system version.

Security groups can be added to a team.

Microsoft 365 Groups can't be members of security groups.

Microsoft 365 Groups

Microsoft 365 Groups are used for collaboration between users, both inside and outside your company. With each Microsoft 365 Group, members get a group email and shared workspace for conversations, files, and calendar events, Stream, and a Planner.

https://learn.microsoft.com/en-us/azure/active-directory/roles/custom-enterprise-apps

https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/compare-groups?

https://learn.microsoft.com/en-us/mem/intune/apps/apps-deploy

asked 05/10/2024
Rudy Raijmakers
40 questions

Question 240

Report
Export
Collapse

You have a new Microsoft 365 E5 tenant.

You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected.

What should you do first?

Enable auditing.

Enable auditing.

Enable Microsoft 365 usage analytics.

Enable Microsoft 365 usage analytics.

Create an Insider risk management policy.

Create an Insider risk management policy.

Create a communication compliance policy.

Create a communication compliance policy.
Suggested answer: A

Explanation:

Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization.

Note: Permissions alert policies

Example: Elevation of Exchange admin privilege

Generates an alert when someone is assigned administrative permissions in your Exchange Online organization. For example, when a user is added to the Organization Management role group in Exchange Online.

https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-solutions-overview

https://learn.microsoft.com/en-us/microsoft-365/compliance/alert-policies

asked 05/10/2024
nico farina
38 questions
Total 467 questions
Go to page: of 47
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have a Microsoft 365 E5 subscription that contains the labels shown in the following table. You have the items shown in the following table. Which items can you view in Content explorer?
HOTSPOT You have a Microsoft 365 E5 subscription. You have an Azure AD tenant named contoso.com that contains the following users: * Admin1 * Admin2 * User1 Contoso.com contains an administrative unit named AIM that has no role assignments. User1 is a member of AU1. You create an administrative unit named AU2 that does NOT have any members or role assignments. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT Your company has a Microsoft 365 subscription that contains the users shown in the following table. External collaboration settings have default configuration. You need to identify which users can perform the following administrative tasks: * Modify the password protection policy. * Create guest user accounts. Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have a Microsoft 365 E5 subscription that contains 200 Android devices enrolled in Microsoft Intune. You create an Android app protection policy named Policy! that is targeted to all Microsoft apps and assigned to all users. Policy! has the Data protection settings shown in the following exhibit. Use the drop-down menus to select 'he answer choice that completes each statement based on the information presented in the graphic.
You have an Azure AD tenant. You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD. You purchase a Microsoft 365 E3 subscription. You need to deploy Windows 10 Enterprise to the computers. The solution must minimize administrative effort. What should you do?
You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2. Which authentication strategy should you implement for the pilot projects?
You are evaluating the required processes for Project1. You need to recommend which DNS record must be created while adding a domain name for the project. Which DNS record should you recommend?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 E5 subscription. You create an account for a new security administrator named SecAdmin1. You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive. Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchange Administrator role. Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen. Your network contains an Active Directory forest. You deploy Microsoft 365. You plan to implement directory synchronization. You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements: * Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. * User passwords must be 10 characters or more. Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant. Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection. Does this meet the goal?