NEW QUESTION 1

Your company recently purchased a Microsoft 365 subscription.
You enable Microsoft Azure Multi-Factor Authentication (Ml A) for all 500 users in the Azure Active Directory (Azure AD) tenant.
You need to generate a report that lists all the users who completed the Azure MFA registration process. What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

• A. From Azure Cloud Shell, run the Get-AzureADUser cmdlet.
• B. From Azure Cloud Shell, run the Get-MsolUser cmdlet
• C. From the Azure Active Directory admin center, use the MFA Server blade.
• D. From the Azure Active Directory admin center, use the Risky sign-ins blade.

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

NEW QUESTION 2

You have a Microsoft 365 Enterprise subscription.
You create a password policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad

NEW QUESTION 3

Note: This question it part of a series of questions that present the same scenario. Cacti question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 36S tenant.
You suspect that several Office 365 features were recently updated.
You need to view a last of the features that were recently updated in the tenant. Solution: You use Dashboard in Security & Compliance.
Does this meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 4

Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
Ensure that users can access Microsoft 365 by using their on-premises credentials.
Use the existing server infrastructure only.
Store all user passwords on-premises only.
Be highly available.
Which authentication strategy should you identify?

• A. pass-through authentication and seamless SSO
• B. pass-through authentication and seamless SSO with password hash synchronization
• C. password hash synchronization and seamless SSO
• D. federation

Answer: A

NEW QUESTION 5

You have a Microsoft 365 Enterprise subscription.
You have a conditional access policy to force multi factor .mthentication when accessing Microsoft SharePoint from a mobile device
You need to view which users authenticated by using multi factor authentication. What should you do?

• A. From the Microsoft 36S admin center, view the Security Compliance reports.
• B. From the Azure Active Directory admin center, view the user sign-ins.
• C. From the Microsoft 365 admin center, view the Usage reports.
• D. From the Azure Active Directory admin center, view the audit logs.

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

NEW QUESTION 6

Your company has an on-premises Microsoft Exchange Server 2013 organization. The company has 100 users.
The company purchases Microsoft 365 and plans to move its entire.- infrastructure to the cloud.
The company does NOT plan to sync the on-premises Active Directory domain to Microsoft Azure Active Directory (Azure AD).
You need to recommend which type of migration to use to move all email messages, contacts, and calendar items to Exchange Online.
What should you recommend?

• A. cutover migration
• B. IMAP migration
• C. remote move migration
• D. staged migration

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/exchange/mailbox-migration/cutover-migration-to-office-365

NEW QUESTION 7

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

Group2 is a member of Group1.
You assign a Microsoft Office 365 Enterprise E3 license to Group1. You need to identity how many Office 365 E3 licenses are assigned. What should you identify?

• A. 1
• B. 2
• C. 3
• D. 4

Answer: C

NEW QUESTION 8

You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution. You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A. From all the AD FS servers, run audltpol.exe.
• B. From all the domain controllers, run the set-AdminAuditLogConfig cmdlet and specify the –LogiLevel parameter.
• C. On a domain controller install Azure AD Connect Health for AD DS.
• D. From the Azure AO Connect server, run the Register-AzureADCConnectHealthSyncAgent cmdlet.
• E. On an server, install Azure AD Connect Health (or AD FS.

Answer: DE

NEW QUESTION 9

Your company has a hybrid deployment of Microsoft 36S.
Users authenticate by using pass-through authentication. Several Microsoft A/wt AD Connect Authentication Agents are deployed.
You need to verify whether all the Authentication Agents are used for authentication.
What should you do?

• A. From the Azure portal, use the Troubleshoot option on the Pass-through authentication page.
• B. From Performance Monitor, use the #PTA authentications counter.
• C. From the Azure portal use the Diagnostics settings on the Monitor blade.
• D. From Performance Monitor, use the Kerberos authentications counter.

Answer: A

NEW QUESTION 10

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains a user named User1.
You suspect that an imposter is signing in to Azure AD by using the credentials of User1.
You need to ensure that an administrator named Admin1 can view all the sign in details of User 1 from the
past 24 hours.
To which three roles should you add Admin1? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A. Security administrator
• B. Password administrator
• C. User administrator
• D. Compliance administrator

Answer: ABC

NEW QUESTION 11

Your company has a Microsoft 365 subscription.
You upload several archive PST files to Microsoft 365 by using the Security & Compliance admin center. A month later, you attempt to run an import job for the PST files.
You discover that the PST files were deleted from Microsoft 365.
What is the most likely cause of the files being deleted? More than one answer choice may achieve the goal. Select the BEST answer.

• A. The PST files were corrupted and deleted by Microsoft 365 security features.
• B. PST files are deleted automatically from Microsoft 365 after 30 days.
• C. The size of the PST files exceeded a storage quota and caused the files to be deleted.
• D. Another administrator deleted the PST files.

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/faqimporting-pst-files-to-office-365

NEW QUESTION 12

You need to ensure that all the sales department users can authenticate successfully during Project1and Project2.
Which authentication strategy should you implement for the pilot projects?

• A. password hash synchronization and seamless SSO
• B. pass-through authentication
• C. password hash synchronization
• D. pass-through authentication and seamless SSO

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn

NEW QUESTION 13

To which Azure AD role should you add User4 to meet the security requirement?

• A. Password administrator
• B. Global administrator
• C. Security administrator
• D. Privileged role administrator

Answer: B

NEW QUESTION 14

You have a Microsoft 365 subscription.
You need to prevent phishing email messages from being delivered to your organization. What should you do?

• A. From the Exchange admin center, create an anti-malware policy.
• B. From Security & Compliance, create a DLP policy.
• C. From Security & Compliance, create a new threat management policy.
• D. From the Exchange admin center, create a spam filter policy.

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies

NEW QUESTION 15

You need to prepare the environment for Project1. You create the Microsoft 365 tenant.
Which three actions should you perform in sequence next? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 16

Your network contains an on-premises Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD) as shown in the following exhibit.

An on-premises Active Directory user account named Allan Yoo is synchronized to Azure AD. You view Allan’s account from Microsoft 365 and notice that his username is set to Allan@contoso.onmicrosoft.com.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 17

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
Your company has a main office and three branch offices. All the branch offices connect to the main office by using a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to the Internet by using the main office connection.
Users use Microsoft Outlook 2021 to connect to 4 Microsoft Exchange Server mailbox hosted in the main
office.
The users report that when the WAN link in their office becomes unavailable, they cannot access their mailbox.
You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.
You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN link fails.
Solution: For each device, you configure an additional Outlook profile that uses IMAP. Does this meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 18

Your company has a Microsoft 365 subscription.
You plan to move several archived PST files to Microsoft Exchange Online mailboxes. You need to create an import job for the PST files.
Which three actions should you perform before you create the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Create a Microsoft Azure Storage account.
• B. From Security & Compliance, retrieve the SAS key.
• C. Run azcopy.exe to copy the PST files to Microsoft Azure Storage
• D. Use Microsoft Azure Storage Explorer to copy the PST files to Azure Storage.
• E. Create a PST import mapping file.

Answer: BCE

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/use-network-upload-to-import-pst-files

NEW QUESTION 19

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As m result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirement.
Solution: From the Office 36S admin center, you assign User2 the Records Management role. From the Exchange 3dmm center, you assign User2 the Help Desk role.
Does that meet the goal?

• A. Yes
• B. NO

Answer: B

NEW QUESTION 20

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users shown in the following table.

You need to identify which users can perform the following administrative tasks:
Reset the password of User4.
Modify the value for the manager attribute of User4.
Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles

NEW QUESTION 21

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest. You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
Users passwords must be 10 characters or more.
Solution: Implement password hash synchronization and modify the password settings from the Default Domain Policy in Active Directory.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 22
......