Question 81
You have an Azure subscription that contains the key vaults shown in the following table.
The subscription contains the users shown in the following table.
On June1, Admin4 performs the following actions:
* Deletes a certificate named Certificate! from Key Vault1
* Deletes a secret named Secret1 from KeyVault2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The subscription contains the users shown in the following table.
On June1, Admin4 performs the following actions:
* Deletes a certificate named Certificate! from Key Vault1
* Deletes a secret named Secret1 from KeyVault2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 82
Your organization has an existing Microsoft 365 tenant. The following end-user devices have been onboarded into your tenant:
You set up a conditional access policy as shown in the exhibits. The support desk receives complaints that users are unable to access cloud resources due to MFA registration failing.
You need to report which of the new devices have been blocked from accessing cloud resources.
Which three devices does the Conditional Access policy block from accessing cloud resources?
Each correct answer presents part of the solution.
You set up a conditional access policy as shown in the exhibits. The support desk receives complaints that users are unable to access cloud resources due to MFA registration failing.
You need to report which of the new devices have been blocked from accessing cloud resources.
Which three devices does the Conditional Access policy block from accessing cloud resources?
Each correct answer presents part of the solution.
Question 83
Your company has a Microsoft 365 tenant.
All users have computers that run Windows 10 and are joined to the Azure Active Directory (Azure AD) tenant.
The company subscribes to a third-party cloud service named Service1. Service1 supports Azure AD authentication and authorization based on OAuth. Service1 is published to the Azure AD gallery.
You need to recommend a solution to ensure that the users can connect to Service1 without being prompted for authentication. The solution must ensure that the users can access Service1 only from Azure AD-joined computers. The solution must minimize administrative effort.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
All users have computers that run Windows 10 and are joined to the Azure Active Directory (Azure AD) tenant.
The company subscribes to a third-party cloud service named Service1. Service1 supports Azure AD authentication and authorization based on OAuth. Service1 is published to the Azure AD gallery.
You need to recommend a solution to ensure that the users can connect to Service1 without being prompted for authentication. The solution must ensure that the users can access Service1 only from Azure AD-joined computers. The solution must minimize administrative effort.
What should you recommend for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 84
You have a Microsoft 365 tenant.
You currently allow email clients that use Basic authentication to conned to Microsoft Exchange Online.
You need to ensure that users can connect t to Exchange only run email clients that use Modern authentication protocols.
You need to ensure that use Modern authentication.
What should you implement?
You currently allow email clients that use Basic authentication to conned to Microsoft Exchange Online.
You need to ensure that users can connect t to Exchange only run email clients that use Modern authentication protocols.
You need to ensure that use Modern authentication.
What should you implement?
Question 85
You have a Microsoft 365 tenant.
Sometimes, users use external, third-party applications that require limited access to the Microsoft 365 data of the respective user. The users register the applications in Azure Active Directory (Azure AD).
You need to receive an alert if a registered application gains read and write access to the users' email.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Sometimes, users use external, third-party applications that require limited access to the Microsoft 365 data of the respective user. The users register the applications in Azure Active Directory (Azure AD).
You need to receive an alert if a registered application gains read and write access to the users' email.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
