Question 31
You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. The tenant includes a user named User1.
You enable Azure AD Identity Protection.
You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege.
To which role should you add User1?
You enable Azure AD Identity Protection.
You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege.
To which role should you add User1?
Question 32
You have a Microsoft 365 subscription that uses an Azure Directory (Azure AD) tenant named Contoso.com.
The tenant contains the users shown in the following table.
You add another user named user5 to the User administrator role.
You need to identify which management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
The tenant contains the users shown in the following table.
You add another user named user5 to the User administrator role.
You need to identify which management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
Question 33
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
An external user has a Microsoft account that uses an email address of [email protected].
An administrator named Admin1 attempts to create a user account for the external user and receives the error message shown in the following exhibit.
You need to ensure that Admin1 can add the user.
What should you do from the Azure Active Directory admin center?
An external user has a Microsoft account that uses an email address of [email protected].
An administrator named Admin1 attempts to create a user account for the external user and receives the error message shown in the following exhibit.
You need to ensure that Admin1 can add the user.
What should you do from the Azure Active Directory admin center?
Question 34
You have three devices enrolled in Microsoft Intune as shown in the following table.
The device compliance policies in Intune are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The device compliance policies in Intune are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 35
Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
* Ensure that users can access Microsoft 365 by using their on-premises credentials.
* Use the existing server infrastructure only.
* Store all user passwords on-premises only.
* Be highly available.
Which authentication strategy should you identify?
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
* Ensure that users can access Microsoft 365 by using their on-premises credentials.
* Use the existing server infrastructure only.
* Store all user passwords on-premises only.
* Be highly available.
Which authentication strategy should you identify?