Question 211
You have an Azure AD tenant that contains a user named Admin1.
Admin1 uses the Require password change for high-risk user's policy template to create a new Conditional Access policy.
Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Admin1 uses the Require password change for high-risk user's policy template to create a new Conditional Access policy.
Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Question 212
You need to modify the settings of the User administrator role to meet the technical requirements. Which two actions should you perform for the role? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Question 213
You have an Azure subscription that contains the resources shown in the following table.
You need to configure access to Vault1. The solution must meet the following requirements:
* Ensure that User1 can manage and create keys in Vault1.
* Ensure that User2 can access a certificate stored in Vault1.
* Use the principle of least privilege.
Which role should you assign to each user? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure access to Vault1. The solution must meet the following requirements:
* Ensure that User1 can manage and create keys in Vault1.
* Ensure that User2 can access a certificate stored in Vault1.
* Use the principle of least privilege.
Which role should you assign to each user? To answer select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 214
You have a Microsoft 365 E5 subscription.
You need to create a dynamic user group that will include all the users that do NOT have a department defined in their user profile.
How should you complete the membership rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to create a dynamic user group that will include all the users that do NOT have a department defined in their user profile.
How should you complete the membership rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 215
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.
You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account.
You deploy an Azure subscription and enable Microsoft 365 Defender
You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps.
Solution: From the Microsoft 365 Defender portal, you add the Microsoft Azure app connector.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.
You have an Amazon Web Services (AWS) account, a Google Workspace subscription, and a GitHub account.
You deploy an Azure subscription and enable Microsoft 365 Defender
You need to ensure that you can monitor OAuth authentication requests by using Microsoft Defender for Cloud Apps.
Solution: From the Microsoft 365 Defender portal, you add the Microsoft Azure app connector.
Does this meet the goal?