Questions
A. email address B. redirection URL
You have an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to bulk invite Azure AD business-to-business (B2B) collaboration users. Which two parameters must you include when you create the bulk invite? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. email address B. redirection URL C. username D. shared key E. password
A. From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options.
A. From the Microsoft Azure Active Directory Connect wizard, select Customize synchronization options. B. From PowerShell, run Set-ADSyncScheduler. C. From PowerShell, run Start-ADSyncSyncCycle. D. From the Microsoft Azure Active Directory Connect wizard, select Change user sign-in.
yes - not yet accepted, part of whitelist (outlook) yes - already had one sent and accepted no - user is not in outlook
From a Microsoft SharePoint Online site, a user invites [email protected] to the site. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
E. Group1, Group2, Group4, and Group5 only
To which groups can you assign a Microsoft Office 365 Enterprise E5 license directly? A. Group1 and Group4 only B. Group1, Group2, Group3, Group4, and Group5 C. Group1 and Group2 only D. Group1 only E. Group1, Group2, Group4, and Group5 only
User 1 and group 2 only
User 1 syncs to Azure AD User 2 syncs to Azure AD Group 2 syncs to Azure AD
E. User 2
Which objects can you add as members to Group3? A. User2 and Group2 only B. User2, Group1, and Group2 only C. User1, User2, Group1 and Group2 D. User1 and User2 only E. User2 only
B. User1 only Users with microsoft account wont be sent a OTP.
Which users will be emailed a passcode? User 1 - @contoso.com User2 - @outlook.com user3 - @fabrkam.com A. User2 only B. User1 only C. User1 and User2 only D. User1, User2, and User3
No Yes Yes
Yes or no for these questions: admin1 can reset passwords of user 3 and 4 admin1 can add User1 to Group 2 admin2 can reset password for User1
create self-signed user account in Azure AD Tenant sign into Microsoft 365 admin center respond to become the admin message create TXT record
You discover that users use their email address for self-service sign-up to Microsoft 365 services. You need to gain global administrator privileges to the Azure Active Directory (Azure AD) tenant that contains the self-signed users. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. sign in to Microsoft 365 admin center create self-signed user account in Azure AD Tenant from admin center, add domain name respond to become the admin message from M365 admin center, remove domain name create TXT record
C. the Licenses blade in the Azure Active Directory admin center
You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users. From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users. You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort. What should you use? A. the Identity Governance blade in the Azure Active Directory admin center B. the Set-AzureAdUser cmdlet C. the Licenses blade in the Azure Active Directory admin center D. the Set-WindowsProductKey cmdlet
A. Set-MsolCompany
You have a Microsoft Exchange organization that uses an SMTP address space of contoso.com. Several users use their contoso.com email address for self-service sign-up to Azure Active Directory (Azure AD).You gain global administrator privileges to the Azure AD tenant that contains the self-signed users. You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services. Which PowerShell cmdlet should you run? A. Set-MsolCompanySettings B. Set-MsolDomainFederationSettings C. Update-MsolfederatedDomain D. Set-MsolDomainettings
No
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant. You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes. You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD Solution: You configure password writeback. Does this meet the goal?
Yes
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant. You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes. You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD. Solution: You configure pass-through authentication. Does this meet the goal?
C. Modify the Intranet Zone settings.
Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant. Users sign in to computers that run Windows 10 and are joined to the domain. You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO). You need to configure the Windows 10 computers to support Azure AD Seamless SSO. What should you do? A. Configure Sign-in options from the Settings app. B. Enable Enterprise State Roaming. C. Modify the Intranet Zone settings. D. Install the Azure AD Connect Authentication Agent.
both SEC ADMIN and SEC OPERATOR
who can configure the user risk policy?
Sec Admin only
who can view the risky users report?