Question 256
You need to implement the planned changes for litware.com. What should you configure?
Question 257
You have a Microsoft 365 tenant.
You need to Identity users who have leaked credentials. The solution must meet the following requirements:
* Identity sign-ms by users who are suspected of having leaked credentials.
* Flag the sign-ins as a high-risk event.
* Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.
What should you use? To answer, select the appropriate options m the answer area.
You need to Identity users who have leaked credentials. The solution must meet the following requirements:
* Identity sign-ms by users who are suspected of having leaked credentials.
* Flag the sign-ins as a high-risk event.
* Immediately enforce a control to mitigate the risk, while still allowing the user to access applications.
What should you use? To answer, select the appropriate options m the answer area.
Question 258
You have an Azure AD tenant that contains the users shown in the following table.
In Azure AD Identity Protection, you configure a user risk policy that has the following settings:
* Assignments:
o Users: Group1
o User risk: Low and above
* Controls:
o Access: Block access
* Enforce policy: On
In Azure AD Identity Protection, you configure a sign-in risk policy that has the following settings:
* Assignments:
o Users: Group2
o Sign-in risk: Low and above
* Controls:
o Access: Require multi-factor authentication
* Enforce policy. On
the following settings:
ng settings:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
In Azure AD Identity Protection, you configure a user risk policy that has the following settings:
* Assignments:
o Users: Group1
o User risk: Low and above
* Controls:
o Access: Block access
* Enforce policy: On
In Azure AD Identity Protection, you configure a sign-in risk policy that has the following settings:
* Assignments:
o Users: Group2
o Sign-in risk: Low and above
* Controls:
o Access: Require multi-factor authentication
* Enforce policy. On
the following settings:
ng settings:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 259
You have a Microsoft 365 tenant that has 5,000 users. One hundred of the users are executives. The executives have a dedicated support team.
You need to ensure that the support team can reset passwords and manage multi-factor authentication (MFA) settings for only the executives. The solution must use the principle of least privilege.
Which object type and Azure Active Directory (Azure AD) role should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to ensure that the support team can reset passwords and manage multi-factor authentication (MFA) settings for only the executives. The solution must use the principle of least privilege.
Which object type and Azure Active Directory (Azure AD) role should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 260
You are the lead cloud administrator for Pass4test Inc. and you just hired a new employee that will be in charge of Azure AD Support issues. This new employee needs the ability to reset the passwords for all types of users when requested, including users with the user admin, global admin, or password admin roles. You need to ensure that you follow the principle of least privilege when granting access. What role should you grant the new employee?