The latest Microsoft MS-100 dumps by Lead4Pass helps you pass the MS-100 exam for the first time! Lead4Pass Latest Update Microsoft MS-100 VCE Dump and MS-100 PDF Dumps, Lead4Pass MS-100 Exam Questions Updated, Answers corrected! Get the latest LeadPass MS-100 dumps with Vce and PDF: https://www.leads4pass.com/ms-100.html (Q&As: 273 dumps)
[Free MS-100 PDF] Microsoft MS-100 Dumps PDF can be collected on Google Drive shared by Lead4Pass:
https://drive.google.com/file/d/1Ubgcah00q_f60KQLFu1-ZzIw7t1gpF8y/
[Lead4pass MS-100 Youtube] Microsoft MS-100 Dumps can be viewed on Youtube shared by Lead4Pass
Microsoft MS-100 Online Exam Practice Questions
QUESTION 1
Your network contains an Active Directory domain named contoso.com. The domain contains 1000 Windows 8.1
devices.
You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices.
You need to recommend a Windows 10 deployment method.
What should you recommend?
A. Wipe and load refresh
B. Windows Autopilot
C. a provisioning package
D. an in-place upgrade
Correct Answer: A
To deploy a custom image, you must use the wipe and load refresh method. You cannot deploy a custom image by
using an in-place upgrade, Windows Autopilot, or a provisioning package.
Reference: https://docs.microsoft.com/en-us/windows/deployment/windows-10-deployment-scenarios
QUESTION 2
HOTSPOT
You need to meet the technical requirements for the user licenses.
Which two properties should you configure for each user? To answer, select the appropriate properties in the answer
area.
NOTE: Each correct selection is worth one point.
Hot Area:
Correct Answer:
All new users must be assigned Office 365 licenses automatically.
To enable Microsoft 365 license assignment, the users must have a username. This is also the UPN. The users must
also have a Usage Location.
QUESTION 3
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to
your on-premises network.
Solution: From the Microsoft 365 admin center, you configure the Organization profile settings.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
You need to configure a trusted location and a conditional access policy.
Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.
Reference:
https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Online-andOneDrive-for/ba-p/46678
QUESTION 4
You have a Microsoft 365 Enterprise subscription.
You have a conditional access policy to force multi-factor authentication when accessing Microsoft SharePoint from a
mobile device.
You need to view which users authenticated by using multi-factor authentication.
What should you do?
A. From the Microsoft 365 admin center, view the Security and Compliance reports.
B. From the Azure Active Directory admin center, view the user sign-ins.
C. From the Microsoft 365 admin center, view the Usage reports.
D. From the Azure Active Directory admin center, view the audit logs.
Correct Answer: B
With the sign-ins activity report in the Azure portal, you can get the information you need to determine how your
environment is doing. The sign-ins report can provide you with information about the usage of managed applications
and user sign-in activities, which includes information about multi-factor authentication (MFA) usage. The MFA data
gives you insights into how MFA is working in your organization. It enables you to answer questions like:
1.
Was the sign-in challenged with MFA?
2.
How did the user complete MFA?
3.
Why was the user unable to complete MFA?
4.
How many users are challenged for MFA?
5.
How many users are unable to complete the MFA challenge?
6.
What are the common MFA issues end-users are running into?
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting
QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users
shown in the following table.
The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit.
User2 fails to authenticate to Azure AD when signing in as [email protected].
You need to ensure that User2 can access the resources in Azure AD.
Solution: From the Azure Active Directory admin center, you add fabrikam.com as a custom domain. You instruct User2
to sign in as [email protected].
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
The on-premises Active Directory domain is named contoso.com. To enable users to sign on using a different UPN
(different domain), you need to add the domain to Microsoft 365 as a custom domain.
QUESTION 6
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for synchronized identities. The solution must meet the following
requirements:
1. Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2. User passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
This solution meets the following requirement:
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. (this
is because the authentication is performed by Azure Active Directory).
This solution does not meet the following requirement:
The user’s passwords must be 10 characters or more.
To meet this requirement, you would need to configure the Default Domain Policy in the on-premise Active Directory.
Azure Password Protection can prevent users from using passwords from a `banned password\\’ list but it cannot be
configured to require that passwords must be 10 characters or more.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization
QUESTION 7
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
Your company plans to deploy several Microsoft Office 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following
requirements:
1.
Users must be able to authenticate during business hours only.
2.
Authentication requests must be processed successfully if a single server fails.
3.
When the password for an on-premises user account expires, the new password must be enforced the next time the
user signs in.
4.
Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must
be signed in automatically.
Solution: You design an authentication strategy that uses federation authentication by using Active Directory Federation
Services (AD FS). The solution contains two AD FS servers and two Web Application Proxies.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
This solution meets the following requirements:
1.
Users must be able to authenticate during business hours only.
2.
Authentication requests must be processed successfully if a single server fails.
3.
When the password for an on-premises user account expires, the new password must be enforced the next time the
user signs in.
The following requirement is not met:
Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must
be signed in automatically.
To meet this requirement, you would need to configure seamless Single Sign-on (SSO)
Reference:
https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn
QUESTION 8
You have a Microsoft 365 subscription.
You plan to enable Microsoft Azure Information Protection.
You need to ensure that only the members of a group named PilotUsers can protect content.
What should you do?
A. Run the Add-AadrmRoleBaseAdministrator cmdlet.
B. Create an Azure Information Protection policy.
C. Configure the protection activation status for Azure Information Protection.
D. Run the Set-AadrmOnboardingControlPolicy cmdlet.
Correct Answer: D
If you don\\’t want all users to be able to protect documents and emails immediately by using Azure Rights
Management, you can configure user onboarding controls by using the Set-AadrmOnboardingControlPolicy
Reference: https://docs.microsoft.com/en-us/azure/information-protection/activate-service
QUESTION 9
Your company has a hybrid deployment of Microsoft 365.
An on-premises user named User1 is synced to Microsoft Azure Active Directory (Azure AD).
Azure AD Connect is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information
presented in the graphic. NOTE: Each correct selection is worth one point.
Hot Area:
User1 cannot change her password from any Microsoft portals because Password Writeback is disabled in the Azure
AD Connect configuration.
If the password for User1 is changed in Active Directory, the password will be synchronized to Azure AD because
Password Synchronization is enabled in the Azure AD Connect configuration.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-custom
QUESTION 10
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to
your on-premises network.
Solution: From the Device Management admin center, you a trusted location and compliance policy.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
You need to configure a conditional access policy, not a compliance policy.
Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.
Reference:
https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Online-andOneDrive-for/ba-p/46678
QUESTION 11
Your network contains three Active Directory forests.
You create a Microsoft Azure Active Directory (Azure AD) tenant.
You plan to sync the on-premises Active Directory to Azure AD.
You need to recommend a synchronization solution. The solution must ensure that the synchronization can complete
successfully and as quickly as possible if a single server fails.
What should you include in the recommendation?
A. three Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode
B. one Azure AD Connect sync server and one Azure AD Connect sync server in staging mode
C. three Azure AD Connect sync servers and one Azure AD Connect sync server in staging mode
D. six Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode
Correct Answer: B
Azure AD Connect can be active on only one server. You can install Azure AD Connect on another server for
redundancy but the additional installation would need to be in Staging mode. An Azure AD connect installation in
Staging mode is configured and ready to go but it needs to be manually switched to Active to perform directory
synchronization.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-custom
QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear on the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for synchronized identities. The solution must meet the following
requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
2.
User passwords must be 10 characters or more.
Solution: Implement password hash synchronization and modify the password settings from the Default Domain Policy
in Active Directory.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
This solution meets the requirements:
1.
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. (this
is because the authentication is performed by Azure Active Directory).
2.
The user’s passwords must be 10 characters or more. (the Default Domain Policy in the on-premise Active Directory can be
configured to require the password length)
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hashsynchronization
QUESTION 13
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few
minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a
live environment. While most functionality will be available to you as it would be in a live environment, some
functionality
(e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn\\’t matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as
much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you
are
able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to
the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign inbox and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: 3andYWyjse-6-d
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser
tab.
The following information is for technical support purposes only:
Lab Instance: 10887751
You have a user named Grady Archie. The solution must meet the following requirements:
Grady Archie must be able to add payment methods to your Microsoft Office 365 tenant.
The solution must minimize the number of licenses assigned to users.
The solution must use the principle of least privilege.
A. See below.
Correct Answer: A
You need to assign the ‘Billing Administrator’ role to Grady Archie.
1.
Go to the Azure Active Directory admin center.
2.
Select Users.
3.
Select the Grady Archie account to open the account properties page.
4.
Select ‘Assigned roles’.
5.
Click the ‘Add Assignments’ button.
6.
Select the Billing Administrator then click the Add button.
References: https://docs.microsoft.com/en-us/office365/admin/add-users/about-admin-roles?view=o365-worldwide
latest updated Microsoft MS-100 exam questions from the Lead4Pass MS-100 dumps! 100% pass the MS-100 exam! Download Lead4Pass MS-100 VCE and PDF dumps: https://www.leads4pass.com/ms-100.html (Q&As: 273 dumps)
Get free Microsoft MS-100 dumps PDF online: https://drive.google.com/file/d/1Ubgcah00q_f60KQLFu1-ZzIw7t1gpF8y/