Quality MS-100 PDF Dumps - MS-100 Exam Questions [Q68-Q84]

Share

Quality MS-100 PDF Dumps - MS-100 Exam Questions

Most UptoDate Microsoft MS-100 Exam Dumps PDF 2022


How to study the MS-100 Exam

Lead2PassExam expert team recommends you to prepare some notes on these topics along with it don’t forget to practice Microsoft MS-100 Exam dumps which been written by our expert team, Both these will help you a lot to clear this exam with good marks.


For more info visit:

Microsoft MS-100 Exam Reference

 

NEW QUESTION 68
You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. The tenant includes a user named User1 You enable Azure AD Identity Protection.
You need to ensure that User1 can review the list in Azure AD Identity Protection of users nagged for risk. The solution must use the principle of least privilege.
To which role should you add User1?

  • A. Global administrator
  • B. Compliance administrator
  • C. Security reader
  • D. Reports reader

Answer: C

 

NEW QUESTION 69
You have a Microsoft 365 subscription.
You plan to enable Microsoft Azure Information Protection.
You need to ensure that only the members of a group named PilotUsers can protect content.
What should you do?

  • A. Run the Add-AadrmRoleBaseAdministrator cmdlet.
  • B. Create an Azure Information Protection policy.
  • C. Configure the protection activation status for Azure Information Protection.
  • D. Run the Set-AadrmOnboardingControlPolicy cmdlet.

Answer: D

Explanation:
If you don't want all users to be able to protect documents and emails immediately by using Azure Rights Management, you can configure user onboarding controls by using the Set-AadrmOnboardingControlPolicy References:
https://docs.microsoft.com/en-us/azure/information-protection/activate-service
Topic 1, Contoso, Ltd
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answer and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.
Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The offices have the users and devices shown in the following table.

Contoso recently purchased a Microsoft 365 E5 subscription.
Existing Environment
The network contains an Active directory forest named contoso.com and a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You recently configured the forest to sync to the Azure AD tenant.
You add and then verify adatum.com as an additional domain name.
All servers run Windows Server 2016.
All desktop computers and laptops run Windows 10 Enterprise and are joined to contoso.com.
All the mobile devices in the Montreal and Seattle offices run Android. All the mobile devices in the New York office run iOS.
Contoso has the users shown in the following table.

Contoso has the groups shown in the following table.

Microsoft Office 365 licenses are assigned only to Group2.
The network also contains external users from a vendor company who have Microsoft accounts that use a suffix of @outlook.com.
Requirements
Planned Changes
Contoso plans to provide email addresses for all the users in the following domains:
* East.adatum.com
* Contoso.adatum.com
* Humongousinsurance.com
Technical Requirements
Contoso identifies the following technical requirements:
* All new users must be assigned Office 365 licenses automatically.
* The principle of least privilege must be used whenever possible.
Security Requirements
Contoso identifies the following security requirements:
* Vendors must be able to authenticate by using their Microsoft account when accessing Contoso resources.
* User2 must be able to view reports and schedule the email delivery of security and compliance reports.
* The members of Group1 must be required to answer a security question before changing their password.
* User3 must be able to manage Office 365 connectors.
* User4 must be able to reset User3 password.

 

NEW QUESTION 70
You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
In the subscription, an administrator adds two custom domains named sub1.contoso.onmicrosoft.com and sub2.contoso.onmicrosoft.com and the objects shown in the following table.

You plan to delete sub1.contoso.onmicrosoft.com and sub2.contoso.onmicrosoft.com.
Which objects must you delete or modify manually before you can delete the domains? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/get-help-with-domains/remove-a-domain?view=o365-worldwide

 

NEW QUESTION 71
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

User1, User2 and User3 have each been assigned a SharePoint license directly. Therefore, they are all licensed for SharePoint Online.
Changing the group memberships will only affect whether or not they are licensed for Exchange Online because the Exchange Online licenses are assigned to Group1.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-licensing-whatis-azure-po

 

NEW QUESTION 72
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
Contoso.com
East.contoso.com
The forest contains the users shown in the following table.

The forest syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 73
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com You purchase a domain named contoso.com from a register and add all the required DNS records.
You create a user account named User 1 is configured to sign in as user 1 @contoso.onmicrosoft.com.
You need to configure User1 to sign in as [email protected].
Which three actions should you perform in sequent? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

 

NEW QUESTION 74
You company has a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts.
You need to identify which users can perform the following administrative tasks:
Create guest user accounts.
Add User3 to Admin1.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles

 

NEW QUESTION 75
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

The users are assigned SharePoint licenses directly. Their group memberships have no effect on licenses directly assigned to the user accounts.

 

NEW QUESTION 76
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.

The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-usHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-to-assigned-roles"/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-to-assigned-roles

 

NEW QUESTION 77
You have several devices enrolled in Microsoft Intune.
You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown in the following table.

The device type restrictions in Intune are configured as shown in the following table.

You add User3 as a device enrollment manager in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1:
No. User1 is in Group1. The two device type policies that apply to Group1 are Policy3 and the Default (All Users) policy. However, Policy3 has a higher priority than the default policy so Policy3 is the only effective policy. Policy3 allows the enrolment of Android and iOS devices only, not Windows.
Box 2:
No. User2 is in Group1 and Group2. The device type policies that apply to Group1 and Group2 are Policy2, Policy3 and the Default (All Users) policy. However, Policy2 has a higher priority than Policy 3 and the default policy so Policy2 is the only effective policy. Policy2 allows the enrolment of Windows devices only, not Android.
Box 3:
Yes. User3 is a device enrollment manager. Device restrictions to not apply to a device enrollment manager.
Reference:
https://docs.microsoft.com/en-us/intune/enrollment/enrollment-restrictions-set

 

NEW QUESTION 78
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Device Management admin center, you a trusted location and compliance policy.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Section: [none]
Explanation:
You need to configure a conditional access policy, not a compliance policy.
Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.
Reference:
https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Online- and-OneDrive-for/ba-p/46678

 

NEW QUESTION 79
You have a Microsoft 365 subscription.
You use the Microsoft Office Deployment tool to install Office 365 ProPlus.
You create a configuration file that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool

 

NEW QUESTION 80
You have a Microsoft 365 Enterprise E5 subscription.
You need to enforce multi-factor authentication on all cloud-based applications for the users in the finance department.
What should you do?

  • A. Create a Sign-in risk policy.
  • B. Create on activity policy.
  • C. Create an app permission policy.
  • D. Create a session policy.

Answer: A

Explanation:
Explanation
You can configure a sign-in risk policy that applies to the Finance department users. The policy can be configured to 'Allow access' but with multi-factor authentication as a requirement.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy

 

NEW QUESTION 81
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: *yfLo7Ir2&y-
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10811525
You need to prevent the users in your organization from establishing voice calls from Microsoft Skype for Business to external Skype users.

Answer:

Explanation:
You need to configure the External Communications settings in the Skype for Business admin center.
1. You need to go to the Skype for Business admin center. If you see a Skype for Business admin center in the admin center list in the Microsoft portal, open it and skip to step 4.
2. If you don't see a Skype for Business admin center in the admin center list in the Microsoft portal, open the Teams admin center.
3. In the Teams admin center, choose Skype > Legacy Portal.
4. In the Skype for Business admin center, select Organization.
5. Select External communications.
6. Untick the 'Let people use Skype for Business to communicate with Skype users outside your organization' checkbox.
7. Click Save to save the changes.

 

NEW QUESTION 82
You have a Microsoft 365 subscription.
You configure a data loss prevention (DLP) policy.
You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.
You need to prevent the users from bypassing the DLP policy.
What should you configure?

  • A. user overrides
  • B. exceptions
  • C. incident reports
  • D. actions

Answer: A

Explanation:
A DLP policy can be configured to allow users to override a policy tip and report a false positive.
You can educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word.
If you find that users are incorrectly marking content as false positive and bypassing the DLP policy, you can configure the policy to not allow user overrides.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies

 

NEW QUESTION 83
You have a Microsoft 365 subscription.
You have a group named Support. Users in the Support group frequently send email messages to external users.
The manager of the Support group wants to randomly review messages that contain attachments.
You need to provide the manager with the ability to review messages that contain attachments sent from the Support group users to external users. The manager must have access to only 10 percent of the messages.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Supervision policies in Office 365 allow you to capture employee communications for examination by designated reviewers. You can define specific policies that capture internal and external email, Microsoft Teams, or 3rd-party communications in your organization.
You create supervision policies in the Compliance center. These policies define which communications and users are subject to review in your organization and specify who should perform reviews.
If you want to reduce the amount of content to review, you can specify a percentage of all the communications governed by a supervision policy. A real-time, random sample of content is selected from the total percentage of content that matches chosen policy conditions.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/supervision-policies

 

NEW QUESTION 84
......

100% Free Microsoft 365 MS-100 Dumps PDF Demo Cert Guide Cover: https://www.lead2passexam.com/Microsoft/valid-MS-100-exam-dumps.html

PDF Exam Material 2022 Realistic MS-100 Dumps Questions: https://drive.google.com/open?id=14nTvZYwH7KKncF8Ey9hfgjZN8WpJR1lQ