Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to a Microsoft Entra tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Microsoft Entra for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Microsoft Entra.
Solution: You configure Microsoft Entra Password Protection.
Does this meet the goal?
Answer : B
Topic 5,
SIMULATIONS and TASK
You have an Azure subscription named Sub1.
You purchase a Microsoft Entra Permissions Management license.
You need to onboard Permissions Management.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE; Each correct selection is worth one point.
Answer : B, E
Your company has a Microsoft Entra tenant that contains a user named User 1.
The company has two departments named marketing and finance.
You need to grant permissions to User1 to manage only the users in the marketing department.
What should you create first?
Answer : A
You have an Azure subscription that contains the resources shown in the following table.
You need to grant permissions to the resources by using attribute-based access control (ABAC).
To which resource can you grant permissions?
Answer : A
You have a Microsoft Entra tenant that contains the users shown in the following table.
You have an administrative unit named Au1.Group1, User2, and User3are members of Au1.
User5 is assigned the User Administrator role for Au1.
For which users can User5 reset passwords?
Answer : B
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not initiate.
Solution: From the Microsoft Entra admin center, you configure the Notifications settings for multi-factor authentication (MFA).
Does this meet the goal?
Answer : B
You have a Microsoft 365 E5 subscription.
You need to be able to create a Microsoft Defender for Cloud Apps session policy.
What should you do first?
Answer : A