Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2.
User passwords must be 10 characters or more.
Solution: Implement password hash synchronization and modify the password settings from the Default Domain Policy in Active Directory.
Does this meet the goal?
A. Yes
B. No
Your company has a Microsoft 365 subscription that has multi-factor authentication configured for all users.
Users that connect to Microsoft 365 services report that they are prompted for multi-factor authentication multiple times a day.
You need to reduce the number of times the users are prompted for multi-factor authentication on their company-owned devices. Your solution must ensure that users are still prompted for MFA.
What should you do?
A. Enable the multi-factor authentication trusted IPs setting, and then verify each device as a trusted device.
B. Enable the remember multi-factor authentication setting, and then verify each device as a trusted device.
C. Enable the multi-factor authentication trusted IPs setting, and then join all client computers to Microsoft Azure Active Directory (Azure AD).
D. Enable the remember multi-factor authentication setting, and then join all client computers to Microsoft Azure Active Directory (Azure AD).
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2.
User passwords must be 10 characters or more.
Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant.
Does this meet the goal?
A. Yes
B. No
You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.
A temporary employee at your company uses an email address of [email protected].
You need to ensure that the temporary employee can sign in to contoso.com by using the [email protected] account.
What should you do?
A. From the Azure Active Directory admin center, create a new user.
B. From the Microsoft 365 admin center, create a new contact.
C. From the Azure Active Directory admin center, create a new guest user.
D. From the Microsoft 365 admin center, create a new user.
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com that contains 10,000 users.
The company has a Microsoft 365 subscription.
You enable Azure Multi-Factor Authentication (MFA) for all the users in contoso.com.
You run the following query.
search "SigninLogs" | where ResultDescription == "User did not pass the MFA challenge."
The query returns blank results.
You need to ensure that the query returns the expected results.
What should you do?
A. From the Azure Active Directory admin center, configure the diagnostics settings to archive logs to an Azure Storage account.
B. From the Security and Compliance admin center, turn on auditing.
C. From the Security and Compliance admin center, enable Office 365 Analytics.
D. From the Azure Active Directory admin center, configure the diagnostics settings to send logs to an Azure Log Analytics workplace.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2.
User passwords must be 10 characters or more.
Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.
Does this meet the goal?
A. Yes
B. No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2.
User passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?
A. Yes
B. No
You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution.
You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. From all the AD FS servers, run auditpol.exe.
B. From all the domain controllers, run the Set-AdminAuditLogConfig cmdlet and specify the -LogLevel parameter.
C. On a domain controller, install Azure AD Connect Health for AD DS.
D. From the Azure AD Connect server, run the Register-AzureADConnectHealthSyncAgent cmdlet.
E. On an AD FS server, install Azure AD Connect Health for AD FS.
You have a Microsoft 365 Enterprise E5 subscription.
You need to enforce multi-factor authentication on all cloud-based applications for the users in the finance department.
What should you do?
A. Create an activity policy.
B. Create a new app registration.
C. Create a conditional access policy.
D. Create a session policy.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft Office 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
1.
Users must be able to authenticate during business hours only.
2.
Authentication requests must be processed successfully if a single server fails.
3.
When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
4.
Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that uses password hash synchronization and seamless SSO. The solution contains two servers that have an Authentication Agent installed.
Does this meet the goal?
A. Yes
B. No
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MS-100 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.