Ask Question
Microsoft MS-102 Practice Test - Questions Answers, Page 28
List of questions
Question 271
HOTSPOT
You have a Microsoft 365 subscription.
You need to review metrics for the following:
The daily active users in Microsoft Teams
Recent Microsoft service issues
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/microsoft-365/admin/activity-reports/microsoft-teams-usage-activity
https://learn.microsoft.com/en-us/microsoft-365/enterprise/view-service-health
Question 272
DRAG DROP
You have a Microsoft 365 E5 subscription that contains two groups named Group1 and Group2.
You need to ensure that each group can perform the tasks shown in the following table.
The solution must use the principle of least privilege.
Which role should you assign to each group? To answer, drag the appropriate roles to the correct groups. Each role may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Box 1: Billing admin
manage service request
Purchase new services
Etc.
Assign the Billing admin role to users who make purchases, manage subscriptions and service requests, and monitor service health.
Box 2: User admin
User admin
Assign the User admin role to users who need to do the following for all users:
- Add users and groups
- Assign licenses
- Manage most users properties
- Create and manage user views
- Update password expiration policies
- Manage service requests
- Monitor service health
Explanation:
https://learn.microsoft.com/en-us/microsoft-365/admin/add-users/about-admin-roles
Question 273
You have a Microsoft 365 subscription.
You need to add additional onmicrosoft.com domains to the subscription. The additional domains must be assignable as email addresses for users.
What is the maximum number of onmicrosoft.com domains the subscription can contain?
1
2
5
10
Explanation:
You are limited to five onmicrosoft.com domains in your Microsoft 365 environment, so make sure to check for spelling and to assess your need if you choose to create a new one.
https://learn.microsoft.com/en-us/microsoft-365/admin/setup/domains-faq
Question 274
HOTSPOT
You have an Azure AD tenant that contains the administrative units shown in the following table.
You have the following users:
A user named User1 that is assigned the Password Administrator for AU1 and AU2.
A user named User2 that is assigned the User Administrator for AU1.
A user named User3 that is assigned the User Administrator for the tenant.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#who-can-reset-passwords
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
Question 275
Your network contains an Active Directory domain named adatum.com that is synced to Azure AD.
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?
From Windows PowerShell on a domain controller, run the Gec-ADUser and Sec-ADUser cmdlets.
From Azure Cloud Shell, run the Gec-ADUser and Sec-ADUser cmdlets.
From Windows PowerShell on a domain controller, run the Gec-MgUser and Updace-MgUser cmdlets.
From Azure Cloud Shell, run the Gec-MgUser and Update-MgUser cmdlets.
Explanation:
The user accounts are synced from the on-premise Active Directory to the Microsoft Azure Active Directory (Azure AD). Therefore, the city attribute must be changed in the on-premise Active Directory.
You can use Windows PowerShell on a domain controller and run the Get-ADUser cmdlet to get the required users and pipe the results into Set-ADUser cmdlet to modify the city attribute.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. From Windows PowerShell on a domain controller, run the Get-ADUser and Set-ADUser cmdlets.
2. From Active Directory Administrative Center, select the Active Directory users, and then modify the Properties settings.
Other incorrect answer options you may see on the exam include the following:
1. From the Azure portal, select all the Azure AD users, and then use the User settings blade.
2. From Windows PowerShell on a domain controller, run the Get-AzureADUser and Set-AzureADUser cmdlets.
3. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.
4. From Azure Cloud Shell, run the Get-ADUser and Set-ADUser cmdlets.
https://docs.microsoft.com/en-us/powershell/module/addsadministration/set-aduser
Question 276
HOTSPOT
Your company has a Microsoft 365 E5 subscription.
You need to perform the following tasks:
View the Adoption Score of the company.
Create a new service request to Microsoft.
Which two options should you use in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/microsoft-365/admin/adoption/adoption-score
https://support.microsoft.com/en-us/topic/contact-microsoft-office-support-fd6bb40e-75b7-6f43-d6f9-c13d10850e77
Question 277
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.
You add another user named User5 to the User Administrator role.
You need to identify which two management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Delete User2 and User4 only.
Reset the password of User4 only
Reset the password of any user in Azure AD.
Delete User1, User2, and User4 only.
Reset the password of User2 and User4 only.
Delete any user in Azure AD.
Explanation:
Users with the User Administrator role can create users and manage all aspects of users with some restrictions (see below).
Only on users who are non-admins or in any of the following limited admin roles:
* Directory Readers
* Guest Inviter
* Helpdesk Administrator
* Message Center Reader
* Reports Reader
* User Administrator
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles
Question 278
HOTSPOT
You have a Microsoft 365 subscription that contains a Microsoft 365 group named Group1. Group1 is configured as shown in the following exhibit.
An external user named User1 has an email address of [email protected].
You need to add User1 to Group1.
What should you do first, and which portal should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
https://stefanos.cloud/kb/how-to-manage-microsoft-365-guest-users
https://m365admin.handsontek.net/microsoft-entra-admin-center-unites-azure-ad-with-family-of-identity-and-access-products
Question 279
You have a Microsoft 365 subscription that contains a user named User1.
User1 requires admin access to perform the following tasks:
Manage Microsoft Exchange Online settings.
Create Microsoft 365 groups.
You need to ensure that User1 only has admin access for eight hours and requires approval before the role assignment takes place.
What should you use?
zure AD Identity Protection
Microsoft Entra Verified ID
Conditional Access
Azure AD Privileged Identity Management (PJM)
Explanation:
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:
Provide just-in-time privileged access to Azure AD and Azure resources
Assign time-bound access to resources using start and end dates
Require approval to activate privileged roles
Enforce multi-factor authentication to activate any role
Use justification to understand why users activate
Get notifications when privileged roles are activated
Conduct access reviews to ensure users still need roles
Download audit history for internal or external audit
Prevents removal of the last active Global Administrator and Privileged Role Administrator role assignments.
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
Question 280
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.
All the groups are deleted.
Which groups can be restored, and what is the retention period? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/restore-deleted-group
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
.png)
Question