- Email support@dumps4free.com
Topic 5, Misc. Questions
Your company has a Microsoft 365 E5 tenant that contains a user named User1.
You review the company’s compliance score.
You need to assign the following improvement action to User1:Enable self-service password reset.
What should you do first?
A.
From Compliance Manager, turn off automated testing.
B.
From the Azure Active Directory admin center, enable self-service password reset (SSPR).
C.
From the Microsoft 365 admin center, modify the self-service password reset (SSPR) settings.
D.
From the Azure Active Directory admin center, add User1 to the Compliance administrator role.
From the Azure Active Directory admin center, add User1 to the Compliance administrator role.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-managerimprovement-actions?view=o365-worldwide
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directoryusers-assign-role-azure-portal
Your network contains an Active Directory domain named adatum.com that is synced to Azure AD.
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?
A.
From Windows PowerShell on a domain controller, run the Gec-ADUser and Sec- ADUser cmdlets.
B.
From Azure Cloud Shell, run the Gec-ADUser and Sec-ADUser cmdlets.
C.
From Windows PowerShell on a domain controller, run the Gec-MgUser and Updace-MgUser cmdlets.
D.
From Azure Cloud Shell, run the Gec-MgUser and Update-MgUser cmdlets.
From Windows PowerShell on a domain controller, run the Gec-ADUser and Sec- ADUser cmdlets.
The user accounts are synced from the on-premise Active Directory to the Microsoft Azure
Active Directory (Azure AD). Therefore, the city attribute must be changed in the onpremise Active Directory.
You can use Windows PowerShell on a domain controller and run the Get-ADUser cmdlet to get the required users and pipe the results into Set-ADUser cmdlet to modify the city attribute.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
1. From Windows PowerShell on a domain controller, run the Get-ADUser and Set-ADUser cmdlets.
2. From Active Directory Administrative Center, select the Active Directory users, and then modify the Properties settings.
Other incorrect answer options you may see on the exam include the following:
1. From the Azure portal, select all the Azure AD users, and then use the User settings blade.
2. From Windows PowerShell on a domain controller, run the Get-AzureADUser and Set-AzureADUser cmdlets.
3. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.
4. From Azure Cloud Shell, run the Get-ADUser and Set-ADUser cmdlets.
You have a Microsoft 365 E5 tenant.
You need to create a policy that will trigger an alert when unusual Microsoft Office 365 usage patterns are detected.
What should you use to create the policy?
A.
the Microsoft 365 admin center
B.
the Microsoft Purview compliance portal
C.
the Microsoft Defender for Cloud Apps portal
D.
the Microsoft Apps admin center
the Microsoft Defender for Cloud Apps portal
You have a Microsoft 365 E5 tenant.
You need to evaluate compliance with European Union privacy regulations for customer data.
What should you do in the Microsoft 365 compliance center?
A.
Create a Data Subject Request (DSR)
B.
Create a data loss prevention (DLP) policy for General Data Protection Regulation (GDPR) data
C.
Create an assessment based on the EU GDPR assessment template
D.
Create an assessment based on the Data Protection Baseline assessment template
Create an assessment based on the EU GDPR assessment template
Reference:
https://docs.microsoft.com/en-us/compliance/regulatory/gdpr-action-plan
Your on-premises network contains an Active Directory domain.
You have a Microsoft 365 subscription.
You need to sync the domain with the subscription. The solution must meet the following requirements:
On-premises Active Directory password complexity policies must be enforced.
Users must be able to use self-service password reset (SSPR) in Azure AD.
What should you use?
A.
password hash synchronization
B.
Azure AD Identity Protection
C.
Azure AD Seamless Single Sign-On (Azure AD Seamless SSO)
D.
pass-through authentication
pass-through authentication
Azure Active Directory (Azure AD) Pass-through Authentication allows your users to sign in to both on-premises and cloud-based applications using the same passwords. This feature is an alternative to Azure AD Password Hash Synchronization, which provides the same benefit of cloud authentication to organizations. However, certain organizations wanting to enforce their on-premises Active Directory security and password policies, can choose to use Pass-through Authentication instead.
Note: Azure Active Directory (Azure AD) self-service password reset (SSPR) lets users reset their passwords in the cloud, but most companies also have an on-premises Active Directory Domain Services (AD DS) environment for users. Password writeback allows password changes in the cloud to be written back to an on-premises directory in real time by using either Azure AD Connect or Azure AD Connect cloud sync. When users change or reset their passwords using SSPR in the cloud, the updated passwords also written back to the on-premises AD DS environment.
Password writeback is supported in environments that use the following hybrid identity models:
Password hash synchronization
Pass-through authentication
Active Directory Federation Services
| Page 11 out of 62 Pages |
| Previous |