Login / Register   My Cart (0)
  • Home
  • Articles
  • MS-100 Dumps PDF New [2022] Ultimate Study Guide [Q122-Q139]

MS-100 Dumps PDF New [2022] Ultimate Study Guide [Q122-Q139]

Share

MS-100 Dumps PDF New [2022] Ultimate Study Guide

MS-100 Exam Dumps PDF Updated Dump from Pass4suresVCE Guaranteed Success

NEW QUESTION 122
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You have three applications App1, App2, App3. The Apps use files that have the same file extensions.
Your company uses Windows Information Protection (WIP). WIP has the following configurations:
Windows Information Protection mode: Silent
Protected apps: App1
Exempt apps: App2
From App1, you create a file named File1.
What is the effect of the configurations? To answer, select the appropriate options in the answer area.

Answer:

Explanation:

Explanation:
Exempt apps: These apps are exempt from this policy and can access corporate data without restrictions.
Windows Information Protection mode: Silent: WIP runs silently, logging inappropriate data sharing, without stopping anything that would've been prompted for employee interaction while in Allow overrides mode. Unallowed actions, like apps inappropriately trying to access a network resource or WIP-protected data, are still stopped.
Reference:
https://docs.microsoft.com/en-us/intune/apps/windows-information-protection-policy-create
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure

 

NEW QUESTION 123
You have a Microsoft 365 Enterprise subscription.
You create a password policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-smart-lockout

 

NEW QUESTION 124
Your company has a Microsoft 365 subscription that contains the following domains:
Contoso.onmicrosoft.com
Contoso.com
You plan to add the following domains to Microsoft 365 and to use them with Exchange Online:
Sub1.contoso.onmicrosoft.com
Sub2.contoso.com
Fabrikam.com
You need to identify the minimum number of DNS records that must be added for Exchange Online to receive inbound email messages for the three domains.
How many DNS records should you add? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 125
You need to meet the security requirement for the vendors.
What should you do?

  • A. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the -UserPrincipalName parameter.
  • B. From the Azure portal, add an identity provider.
  • C. From the Azure portal, create guest accounts.
  • D. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the -UserType parameter.

Answer: C

Explanation:
You can invite guest users to the directory, to a group, or to an application. After you invite a user through any of these methods, the invited user's account is added to Azure Active Directory (Azure AD), with a user type of Guest. The guest user must then redeem their invitation to access resources. An invitation of a user does not expire.
The invitation will include a link to create a Microsoft account. The user can then authenticate using their Microsoft account. In this question, the vendors already have Microsoft accounts so they can authenticate using them.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/add-users-administrator
Topic 3, Litware inc
General Overview
Litware, Inc. is a consulting company that has a main office in Montreal and a branch office in Seattle.
Litware collaborates with a third-party company named ADatum Corporation.
Environment
On-Premises Environment
The network of Litware contains an Active Directory domain named litware.com. The domain contains three organizational units (OUs) named LitwareAdmins, Montreal Users, and Seattle Users and the users shown in the following table.

The domain contains 2,000 Windows 10 Pro devices and 100 servers that run Windows Server 2019.
Cloud environment
Litware has a pilot Microsoft 365 subscription that includes Microsoft Office 365 Enterprise E3 licenses and Azure Active Directory Premium Plan 2 licenses.
The subscription contains a verified DNS domain named litware.com.
Azure AD Connect is installed and has the following configurations:
Password hash synchronization is enabled.
Synchronization is enabled for the LitwareAdmins OU only.
Users are assigned the roles shown in the following table.

Self-service password reset (SSPR) is enabled.
The Azure Active Directory (Azure AD) tenant has Security defaults enabled.
Requirements
Planned Changes
Litware identifies the following issues:
Admin1 cannot create conditional access policies.
Admin4 receives an error when attempting to use SSPR.
Users access new Office 365 service and feature updates before the updates are reviewed by Admin2.
Technical Requirements
Litware plans to implement the following changes:
Implement Microsoft Intune.
Implement Microsoft Teams.
Implement Microsoft Defender for Office 365.
Ensure that users can install Office 365 apps on their device.
Convert all the Windows 10 Pro devices to Windows 10 Enterprise E5.
Configure Azure AD Connect to sync the Montreal Users OU and the Seattle Users OU.

 

NEW QUESTION 126
You are configuring an enterprise application named TestApp in Microsoft Azure as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-configure-hard-coded-lin

 

NEW QUESTION 127
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

Group2 is a member of Group1.
You assign a Microsoft Office 365 Enterprise E3 license to User2 as shown in the following exhibit.

You assign Office 365 Enterprise E3 licenses to Group1 as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-group-advanced

 

NEW QUESTION 128
You have a Microsoft 365 subscription that contains a guest user named User1. User1 is assigned the User administrator role.
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. Contoso.com is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Default permissions for guests are restrictive by default. Guests can be added to administrator roles, which grant them full read and write permissions contained in the role. There is one additional restriction available, the ability for guests to invite other guests. Setting Guests can invite to No prevents guests from inviting other guests.
User1 is assigned the User Administrator role. Therefore, User1 can open the Azure portal, view users, create new users, and create new guest users.
In the exhibit, the 'Guest user permissions are limited' is set to no. This means that guest users have the same permissions as members. However, the 'Guests can invite' setting is set to No. Therefore, other guest users (all guest users except User1) can open the Azure portal and view users in the same way as member users can.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/delegate-invitations
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions

 

NEW QUESTION 129
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role.
From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

  • A. NO
  • B. Yes

Answer: A

Explanation:
Explanation
* User2 must be able to view reports and schedule the email delivery of security and compliance reports.
The Security Reader role can view reports but not schedule the email delivery of security and compliance reports.
The Help Desk role cannot schedule the email delivery of security and compliance reports.
Reference:
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo

 

NEW QUESTION 130
You have a Microsoft 365 E5 subscription and a hybrid deployment of Microsoft Exchange. The deployment contains TOO users who have on-premises mailboxes and 100 users who have mailboxes in Exchange Online.
You enable Microsoft Teams and assign a Microsoft Teams license to each user.
You need to ensure that the users who have on-premises mailboxes can use Microsoft Teams. All Microsoft Teams chat data must be searchable by using Content search in the Security fit Compliance admin center.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 131
Your company has offices in several cities and 100.000 users.
The network contains an Active Directory domain contoso.com.
You purchase Microsoft 365 and plan to deploy several Microsoft 365 services.
You are evaluating the implementation of pass-through authentication and seamless SSO. Azure AD Connect will NOT be in staging mode.
You need to identify the redundancy limits for the planned implementation.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Azure AD Connect can be active on only one server. You can install Azure AD Connect on another server for redundancy but the additional installation would need to be in Staging mode. An Azure AD connect installation in Staging mode is configured and ready to go but it needs to be manually switched to Active to perform directory synchronization.
Azure authentication agents can be installed on as many servers as you like.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-quick-start

 

NEW QUESTION 132
Your network contains an on-premises Active Directory domain.
You have a Microsoft 365 subscription.
You implement a directory synchronization solution that uses pass-through authentication.
You configure Microsoft Azure Active Directory (Azure AD) smart lockout as shown in the following exhibit.

You discover that Active Directory users can use the passwords in the custom banned passwords list.
You need to ensure that banned passwords are effective for all users.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. From a domain controller, install the Microsoft AAD Application Proxy connector.
  • B. From a domain controller, install the Azure AD Password Protection Proxy.
  • C. From Active Directory, modify the Default Domain Policy.
  • D. From Custom banned passwords, modify the Enforce custom list setting.
  • E. From Password protection for Windows Server Active Directory, modify the Mode setting.
  • F. From all the domain controllers, install the Azure AD Password Protection DC Agent.

Answer: B,D,F

Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-de

 

NEW QUESTION 133
You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution.
You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. From all the domain controllers, run the Set-AdminAuditLogConfigcmdlet and specify the -
    LogLevel parameter.
  • B. From all the AD FS servers, run auditpol.exe.
  • C. On a domain controller, install Azure AD Connect Health for AD DS.
  • D. From the Azure AD Connect server, run the
    Register-AzureADConnectHealthSyncAgentcmdlet.
  • E. On an AD FS server, install Azure AD Connect Health for AD FS.

Answer: D,E

 

NEW QUESTION 134
Your network contains an Active Directory domain named adatum.com that is synced to Microsoft Azure Active Directory (Azure AD).
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?

  • A. From Azure portal, select all the Azure AD users, and then use the User settings blade.
  • B. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.
  • C. From Active Directory Administrative Center, select the Active Directory users, and then modify the Properties settings.
  • D. From Azure Cloud Shell, run the Get-AzureADUserand Set-AzureADUsercmdlets.

Answer: C

Explanation:
The user accounts are synced from the on-premise Active Directory to the Microsoft Azure Active Directory (Azure AD). Therefore, the city attribute must be changed in the on-premise Active Directory.
You can modify certain attributes of multiple user accounts simultaneously by selecting them in Active Directory Administrative Center or Active Directory Users and Computers, right clicking then selecting Properties.
The other three options all suggest modifying the city attribute of the users in the Azure Active Directory which is incorrect.
Reference:
https://blogs.technet.microsoft.com/canitpro/2015/11/25/step-by-step-managing-multiple-user-accounts-via- active-directory-admin-center/

 

NEW QUESTION 135
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You review the Security & Compliance report in the Microsoft 365 admin center.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Explanation
The Security & Compliance reports in the Microsoft 365 admin center are reports regarding security and compliance for your Office 365 Services. For example, email usage reports, Data Loss Prevention reports etc.
They do not display a list of the features that were recently updated in the tenant so this solution does not meet the goal.
To meet the goal, you need to use in the Microsoft 365 admin center.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/download-existing-reports

 

NEW QUESTION 136
Which role should you assign to User1?

  • A. Hygiene Management
  • B. Security Reader
  • C. Security Administrator
  • D. Records Management

Answer: B

Explanation:
Explanation/Reference:
Question Set 1

 

NEW QUESTION 137
You have a Microsoft 365 Enterprise E5 subscription.
You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.
You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.
Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Conditional-Access-now-in-the-new-Azur

 

NEW QUESTION 138
You have a Microsoft 365 Enterprise subscription.
You create a password policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad

 

NEW QUESTION 139
......

Pass Your Microsoft Exam with MS-100 Exam Dumps: https://realpdf.pass4suresvce.com/MS-100-pass4sure-vce-dumps.html

Related Articles

more
Microsoft MS-100 Certification Practice Exam

Our Pass4sures exam vce provides the free download trail for all of you. The 100% valid Pass4sures questions & answers can make you face the actual exam with confidence. You will successfully pass your exam at first attempt.

Latest Exam

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Pass4suresVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy