This page was exported from Free Exam Dumps Collection [ http://free.examcollectionpass.com ] Export date:Sat Apr 19 10:43:57 2025 / +0000 GMT ___________________________________________________ Title: [Q40-Q60] MS-100 Certification - The Ultimate Guide [Updated 2023] --------------------------------------------------- MS-100 Certification - The Ultimate Guide [Updated 2023] MS-100 Practice Exam and Study Guides - Verified By ExamcollectionPass Microsoft MS-100 is a certification exam that tests the candidate's knowledge and skills in managing Microsoft 365 services. The exam covers a wide range of topics related to Azure Active Directory, Microsoft Intune, and Exchange Online. The certification is ideal for IT professionals who want to validate their skills and knowledge in managing Microsoft 365 services and expand their career opportunities in the field of cloud computing. The Microsoft MS-100 exam covers a wide range of topics, including identity and access management, security, compliance, and collaboration. The exam focuses on the skills and knowledge required to manage Microsoft 365 services such as Exchange Online, SharePoint Online, Teams, and Azure Active Directory. The exam also tests the candidate's ability to implement and manage hybrid scenarios, where some services are on-premises and others are in the cloud.   NO.40 You have a document in Microsoft OneDrive that is encrypted by using Microsoft Azure Information Protection as shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protectionNO.41 Your company uses Gmail as a corporate email solution.You purchase a Microsoft 365 subscription and plan to move all email data to Microsoft Exchange Online.You plan to perform the migration by using the Exchange admin center.You need to recommend which type of migration to use and which type of data to migrate.What should you recommend? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/exchange/mailbox-migration/migrating-imap-mailboxes/migrate-g-suite-mailboxesNO.42 You need to prepare the environment for Project1.You create the Microsoft 365 tenant.Which three actions should you perform in sequence next? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Reference:https://docs.microsoft.com/en-us/exchange/exchange-hybridNO.43 Your company has a hybrid deployment of Microsoft 365.Users authenticate by using pass-through authentication. Several Microsoft Azure AD Connect Authentication Agents are deployed.You need to verify whether all the Authentication Agents are used for authentication.What should you do?  From the Azure portal, use the Troubleshoot option on the Pass-through authentication page.  From Performance Monitor, use the #PTA authentications counter.  From the Azure portal, use the Diagnostics settings on the Monitor blade.  From Performance Monitor, use the Kerberos authentications counter. On the Troubleshoot page, you can view how many agents are configured. If you click on the agents link, you can view the status of each agent. Each agent will have a status of Active or Inactive.Reference:https://docs.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-pass-through-authenticationNO.44 Your company recently purchased a Microsoft 365 subscription.You enable Microsft Azure Multi-Factor Authentication (MFA) for all 500 users in the Azure Active Directory (Azure tenant) You need to generate a report that lists all the users who Azure registeration process.What is the best approach to achieve the goal? More than one answer choice achieve the goal. Select the Best answer.  From Azure Cloud Shell, run the Get-Msoluser cndlet.  From the Azure Active Directory admin center, use the Risky sign-ins blade.  From the Azure Active Directory admin center, use the Multi-factor Authentication – Server Status blade.  From Azure Cloud Shell, run the Get-AzureADUser cndlet. NO.45 Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users shown in the following table.You need to identify which users can perform the following administrative tasks:Reset the password of User4.Modify the value for the manager attribute of User4.Which users should you identify for each task? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-rolesNO.46 Note: This question it part of a series of questions that present the same scenario. Cacti question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your company has a Microsoft Office 36S tenant.You suspect that several Office 365 features were recently updated.You need to view a last of the features that were recently updated in the tenant.Solution: You use Dashboard in Security & Compliance.Does this meet the goal?  Yes  NO NO.47 You need to configure HRApp to enable users to search for specific jobs by using chat in Microsoft Teams. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – Create a bot registration..,,,,2 – In the HRApp manifest, configure the botId value in the ComposeExtensions section to match the botId value of the bot registration.3 – Implement a handler,,,,,,,,Reference:https://docs.microsoft.com/en-us/azure/bot-service/bot-service-quickstart-registrationNO.48 Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.You may now click next to proceed to the lab.Lab informationUse the following login credentials as needed:To enter your username, place your cursor in the Sign in box and click on the username below.To enter your password, place your cursor in the Enter password box and click on the password below.Microsoft 365 Username:admin@LODSe426243.onmicrosoft.comMicrosoft 365 Password: 3&YWyjse-6-dIf the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.The following information is for technical support purposes only:Lab Instance: 10887751You hire a new Microsoft 365 administrator named Nestor Wilke. Nestor Wilke will begin working for your organization in several days.You need to ensure that Nestor Wilke is prevented from using his account until he begins working. You need to sign-in status for the account to ‘Blocked’. Blocking doesn’t stop the account from receiving email and it doesn’t delete any data.1. On the home page of the Microsoft 365 admin center, type the user’s name into the Search box.2. Select the Nestor Wilke account in the search results.3. In the ‘Sign-in status’ section of the account properties, click the Edit link.4. Select ‘Block the user from signing in’ and click the Save button.NO.49 Your network contains an on-premises Active Directory domain named Contoso.com.Your company purchase a Microsoft 365 subscription and establishes a hybrid deployment of Azure Active Directory (Azure AD) by using password hash synchronization.You need to identify where an administrator can reset the password of each new user.What should you identify? To answer, select the appropriate option in the area.NOTE: Each correct selection is worth point. NO.50 Your company has an Azure Active Directory (Azure AD) tenant named contoso.com and a Microsoft 365 subscription.Contoso.com contains the users shown in the following table.You add an enterprise application named App1 to contoso.com.You configure the following self-service settings for App1:* Allow users to request access to this application is set to Yes.* To which group should assigned users be added is set to Group1.* Who is allowed to approve access to this application is set to User2.* Require approval before granting access to this application is set to Yes.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationBox 1: Yes.User1 can request access to App1 because “Allow users to request access to this application” is set to Yes.Box 2: No.User2 is an approver. If User2 requests access to App1, he will still need to approve the request before he is added to Group1.Box 3: Yes.User2 can approve requests for App1 because “Who is allowed to approve access to this application” is set to User2.Reference:https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-accessNO.51 You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase.You want the members of two groups named IT and Managers to be able to use the features shown in the following table.The IT group contains 50 users. The Managers group contains 200 users.You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs.Which licenses should you recommend?  250 Microsoft 365 E3 only  50 Microsoft 365 E 3 and 200 Microsoft 365 E5  250 Microsoft 365 E5 only  200 Microsoft 365 E3 and 50 Microsoft 365 E5 NO.52 Your on-premises network contains five file servers. The file servers host shares that contain user data.You plan to migrate the user data to a Microsoft 365 subscription.You need to recommend a solution to import the user data into Microsoft OneDrive.What should you include in the recommendation?  Configure the settings of the OneDrive client on your Windows 10 device.  Configure the Sync settings in the OneDrive admin center.  Run the SharePoint Hybrid Configuration Wizard.  Run the SharePoint Migration Tool. Section: [none]Explanation:The SharePoint Migration Tool lets you migrate content to SharePoint Online and OneDrive from the following locations:* SharePoint Server 2013* SharePoint Server 2010* Network and local file sharesReference:https://docs.microsoft.com/en-us/sharepointmigration/introducing-the-sharepoint-migration-toolNO.53 Your network contains an on-premises Active Directory domain named contoso.com that syncs to Azure Active Directory (Azure AD).You have users in contoso.com as shown in the following table.The users have the passwords shown in the following table.You implement password protection as shown in the following exhibit.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Explanation:Box 1: NoUser1’s password contains the banned password ‘Contoso’. However, User1 will not be required to change his password at next sign in. When the password expires or when User1 (or an administrator) changes the password, the password will be evaluated and will have to meet the password requirements.Box 2: YesPassword evaluation goes through several steps including normalization and Substring matching which is used on the normalized password to check for the user’s first and last name as well as the tenant name. Normalization is the process of converting common letter substitutes into letters. For example, 0 converts to o. $ converts to s. etc.The next step is to identify all instances of banned passwords in the user’s normalized new password. Then:Each banned password that is found in a user’s password is given one point.Each remaining unique character is given one point.A password must be at least five (5) points for it to be accepted.‘C0nt0s0’ becomes ‘contoso’ after normalization. Therefore, C0nt0s0_C0mplex123 contains one instance of the banned password (contoso) so that equals 1 point. After ‘contoso’, there are 11 unique characters. Therefore, the score for ‘C0nt0s0_C0mplex123’ is 12. This is more than the required 5 points so the password is acceptable.Box 3:The ‘Password protection for Windows Server Active Directory’ is in ‘Audit’ mode. This means that the password protection rules are not applied. Audit mode is for logging policy violations before putting the password protection ‘live’ by changing the mode to ‘enforced’.Reference:https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-badNO.54 You have a Microsoft 365 subscription.You are configuring permissions for Security & Compliance.You need to ensure that the users can perform the tasks shown in the following table.The solution must use the principle of least privilege.To which role should you assign each user? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-to-assigned-rolesNO.55 Your network contains an on-premises Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD) as shown in the following exhibit.An on-premises Active Directory user account named Allan Yoo is synchronized to Azure AD. You view Allan’s account from Microsoft 365 and notice that his username is set to Allan@contoso.onmicrosoft.com.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writebackNO.56 After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your network contains an Active Directory forest.You deploy Microsoft 365.You plan to implement directory synchronization.You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.* User passwords must be 10 characters or more.Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.Does this meet the goal?  Yes  No NO.57 Your network contains an on-premises Active Directory domain named adatum.com that syncs to Azure Active Directory (Azure AD) by using the Azure AD Connect Express Settings. Password writeback is disabled.You create a user named User1 and enter Pass in the Password field as shown in the following exhibit.The Azure AD password policy is configured as shown in the following exhibit. Reference:https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-expressNO.58 You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.Multi-factor authentication (MFA) is configured to use 131.107.50/24 for trusted IPs.The tenant contains the named locations shown in the following table.You create a conditional access policy that has the following configurations:Users and groups assignment: All usersCloud apps assignment: App1Conditions: Include all trusted locationsGrant access: require multi-factor authenticationFor each of the following statements, select Yes if the statement is true. otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-conditionNO.59 You need to meet the application requirements for the Office 365 ProPlus applications.You create an XML files that contains the following settings.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updates-elementhttps://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplusNO.60 You have Microsoft 365 tenant that contains a Microsoft Power Platform environment named Environment1 (default). Environment1 contains a Microsoft Dataverse database.In the tenant, you create a user named User1. You assign a Microsoft Power Apps license to User1.Which security role for Environment1 is assigned automatically to User1?  Environment maker  System customizer  Delegate  System customizer Reference:https://docs.microsoft.com/en-us/power-platform/admin/database-security#predefined-security-roles Loading … The Microsoft MS-100 (Microsoft 365 Identity and Services) Exam is a certification exam that is designed to test your skills and knowledge on Microsoft 365 identity and services. The exam covers various topics such as Microsoft 365 tenant and service management, identity management and synchronization, and authentication and authorization. The MS-100 exam is intended for IT professionals who are responsible for managing and implementing Microsoft 365 services and identity solutions.   Ultimate Guide to the MS-100 - Latest Edition Available Now: https://www.examcollectionpass.com/Microsoft/MS-100-practice-exam-dumps.html --------------------------------------------------- Images: https://free.examcollectionpass.com/wp-content/plugins/watu/loading.gif https://free.examcollectionpass.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-07-01 13:39:49 Post date GMT: 2023-07-01 13:39:49 Post modified date: 2023-07-01 13:39:49 Post modified date GMT: 2023-07-01 13:39:49