ExamGecko
Search Search Login
Home Home / Microsoft / MS-102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT Your company has a Microsoft 365 subscription that contains the users shown in the following table. External collaboration settings have default configuration. You need to identify which users can perform the following administrative tasks: * Modify the password protection policy. * Create guest user accounts. Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the labels shown in the following table. You have the items shown in the following table. Which items can you view in Content explorer?
HOTSPOT You have a Microsoft 365 E5 subscription that contains 200 Android devices enrolled in Microsoft Intune. You create an Android app protection policy named Policy! that is targeted to all Microsoft apps and assigned to all users. Policy! has the Data protection settings shown in the following exhibit. Use the drop-down menus to select 'he answer choice that completes each statement based on the information presented in the graphic.
You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2. Which authentication strategy should you implement for the pilot projects?
You have an Azure AD tenant. You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD. You purchase a Microsoft 365 E3 subscription. You need to deploy Windows 10 Enterprise to the computers. The solution must minimize administrative effort. What should you do?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection. Does this meet the goal?
You have a Microsoft 365 subscription that contains the users shown in the following table. You plan to use Exchange Online to manage email for a DNS domain. An administrator adds the DNS domain to the subscription. The DNS domain has a status of Incomplete setup. You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege. Which user should you identify?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen. Your network contains an Active Directory forest. You deploy Microsoft 365. You plan to implement directory synchronization. You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements: * Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. * User passwords must be 10 characters or more. Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant. Does this meet the goal?
HOTSPOT You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365. You need to identify the settings that are below the Standard protection profile settings in the preset security policies. What should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have a Microsoft 365 E5 subscription that contains the devices shown in the following table. All the devices are onboarded To Microsoft Defender for Endpoint You plan to use Microsoft Defender Vulnerability Management to meet the following requirements: * Detect operating system vulnerabilities.

Question 252 - MS-102 discussion

Report
Export

You have a Microsoft 365 E5 subscription.

You need to create Conditional Access policies to meet the following requirements:

All users must use multi-factor authentication (MFA) when they sign in from outside the corporate network.

Users must only be able to sign in from outside the corporate network if the sign-in originates from a compliant device.

All users must be blocked from signing in from outside the United States and Canada.

Only users in the R&D department must be blocked from signing in from both Android and iOS devices.

Only users in the finance department must be able to sign in to an Azure AD enterprise application named App1. All other users must be blocked from signing in to App1.

What is the minimum number of Conditional Access policies you should create?

A.

3

Answers
A.

3

B.

4

Answers
B.

4

C.

5

Answers
C.

5

D.

6

Answers
D.

6

E.

7

Answers
E.

7

F.

8

Answers
F.

8

Suggested answer: B

Explanation:

* Only users in the finance department must be able to sign in to an Azure AD enterprise application named App1. All other users must be blocked from signing in to App1.

One Policy.

* Only users in the R&D department must be blocked from signing in from both Android and iOS devices.

One Policy.

* Users must only be able to sign in from outside the corporate network if the sign-in originates from a compliant device.

All users must use multi-factor authentication (MFA) when they sign in from outside the corporate network.

One policy

* All users must be blocked from signing in from outside the United States and Canada.

Only users in the R&D department must be blocked from signing in from both Android

One Policy

https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access

Show Answer
asked 05/10/2024
Hossein Nasri
31 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms