Microsoft MS-100 Exam Practice Test Instant Access

Question 1

You have a Microsoft 365 E5 subscription.

You need to ensure that users are prompted for multi-factor authentication (MFA) when they attempt to access Microsoft SharePoint Online resources. Users must NOT be prompted for MFA when they attempt to access other Microsoft 365 services.

What should you do?

AFrom the Microsoft Endpoint Manager admin center, create an app protection policy.

BFrom the multi-factor authentication page, configure the users settings.

CFrom the Azure Active Directory admin center, create a conditional access policy.

DFrom the Cloud App Security admin center, create an app access policy.

Answer : C

Multi-factor authentication (MFA) is configured through conditional access policies.

https://docs.microsoft.com/en-us/appcenter/general/configuring-aad-conditional-access

Question 2

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest.

You deploy Microsoft 365.

You plan to implement directory synchronization.

You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:

* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.

* User passwords must be 10 characters or more.

Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.

Does this meet the goal?

AYes

BNo

Answer : B

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization

Question 3

You have a Microsoft 365 subscription.

All users have their email stored in Microsoft Exchange Online

In the mailbox of a user named User, you need to preserve a copy of all the email messages that contain the word ProjectX.

What should you do first?

AFrom the Exchange admin center, start a mail flow message trace.

BFrom the Security & Compliance admin center, start a message trace.

CFrom the Security & Compliance admin center, create a label and label policy.

DFrom the Exchange admin center, create a mail flow rule.

Answer : C

When you configure conditions for a label, you can automatically assign a label to a document or email. In this case, we would create a label to label all email messages that contain the word ProjectX. We would then create a label policy to preserve a copy of all message that have the label assigned.

https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification

Question 4

You need to recommend which DNS record must be created before adding a domain name for the project.

You need to recommend which DNS record must be created before you begin the project.

Which DNS record should you recommend?

Aalias (CNAME)

Bhost information (HINFO)

Chost (A)

Dmail exchanger (MX)

Answer : C

When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.

https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-worldwide

Question 5

Your company has a Microsoft Azure Active Directory (Azure AD) directory tenant named contoso.onmicrosoft.com.

All users have client computers that run Windows 10 Pro and are joined to Azure AD.

The company purchases a Microsoft 365 E3 subscription.

You need to upgrade all the computers to Windows 10 Enterprise. The solution must minimize administrative effort.

You assign licenses from the Microsoft 365 admin center.

What should you do next?

AAdd a custom domain name to the subscription.

BDeploy Windows 10 Enterprise by using Windows Autopilot.

CCreate provisioning package, and then deploy the package to all the computers.

DInstruct all the users to log off of their computer, and then to log in again.

Answer : B

With Windows Autopilot the user can set up pre-configure devices without the need consult their IT administrator.

https://docs.microsoft.com/en-us/windows/deployment/windows-10-deployment-scenarios

https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot

Question 6

You have an on-premises Microsoft SharePoint Server 2016 environment.

You create a Microsoft 365 tenant.

You need to migrate some of the SharePoint sites to SharePoint Online. The solution must meet the following requirements:

Microsoft OneDrive sites must redirect users to online content.

Users must be able to follow both on-premises and cloud-based sites.

Users must have a single SharePoint profile for both on-premises and on the cloud.

When users search for a document by using keywords, the results must include online and on-premises results.

From the SharePoint Hybrid Configuration Wizard, you select the following features:

Hybrid business to business (B2B) sites

Hybrid OneDrive

Hybrid Search

Which two requirements are met by using the SharePoint Hybrid Configuration Wizard features? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

AUsers must have a single SharePoint profile for both on-premises and on the cloud.

BOneDrive sites must redirect users to online content.

CUsers must be able to follow both on-premises and cloud-based sites.

DWhen users search for a document by using keywords, the results must include online and on-premises results.

Answer : B, D

Hybrid OneDrive- Choosing this option will redirect on-premises My Sites/OneDrive for Business sites to SharePoint Online OneDrive for Business in Office 365. Once the wizard completes, any click of the OneDrive link from on-premises will redirect to OneDrive for Business in the cloud. This meets the following requirement: OneDrive sites must redirect users to online content.

Cloud hybrid search- Choosing this option creates a cloud Search service application in SharePoint Server and connects the cloud Search service application to your Office 365 tenant. This meets the following requirement: When users search for a document by using keywords, the results must include online and on-premises results.

https://docs.microsoft.com/en-us/sharepoint/hybrid/hybrid-picker-in-the-sharepoint-online-admin-center

Question 7

Your company has a Microsoft 365 E5 subscription.

Users in the research department work with sensitive data.

You need to prevent the research department users from accessing potentially unsafe websites by using

hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.

What should you do from the Security & Compliance admin center?

ACreate a data loss prevention (DLP) policy that has a Content contains condition.

BCreate a data loss prevention (DLP) policy that has a Content is shared condition.

CModify the default safe links policy.

DCreate a new safe links policy.

Answer : D

ATP Safe Links, a feature of Office 365 Advanced Threat Protection (ATP), can help protect your organization from malicious links used in phishing and other attacks. If you have the necessary permissions for the Office 365 Security & Compliance Center, you can set up ATP Safe Links policies to help ensure that when people click web addresses (URLs), your organization is protected. Your ATP Safe Links policies can be configured to scan URLs in email and URLs in Office documents.

https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-atp-safe-links-policies#policies-that-apply-to-specific-email-recipients

Microsoft 365 Identity and Services MS-100 Exam Practice Test