• support@dumpspool.com
SPECIAL LIMITED TIME DISCOUNT OFFER. USE DISCOUNT CODE TO GET 20% OFF DP2021

PDF Only

$35.00 Free Updates Upto 90 Days

  • MS-100 Dumps PDF
  • 428 Questions
  • Updated On June 04, 2024

PDF + Test Engine

$55.00 Free Updates Upto 90 Days

  • MS-100 Question Answers
  • 428 Questions
  • Updated On June 04, 2024

Test Engine

$45.00 Free Updates Upto 90 Days

  • MS-100 Practice Questions
  • 428 Questions
  • Updated On June 04, 2024
Check Our Free Microsoft MS-100 Online Test Engine Demo.

How to pass Microsoft MS-100 exam with the help of dumps?

DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Microsoft MS-100 Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.

How Do I Know Microsoft MS-100 Dumps are Worth it?

Did we mention our latest MS-100 Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.

You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Microsoft Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!

IT Students Are Using our Microsoft 365 Identity and Services Dumps Worldwide!

It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Microsoft 365 Identity and Services Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.

How to Get MS-100 Real Exam Dumps?

Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the MS-100 exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!

Frequently Asked Questions

Microsoft MS-100 Sample Question Answers

Question # 1

You have a Microsoft 365 subscription that contains the domains shown in the following exhibit.Which domain name suffixes can you use when you create users?

A. only Sub1.Contoso1919.onmicrosoft.com
B. only Contoso1919.onmicrosoft.com and Sub2.Contoso1919.onmicrosoft.com
C. only Contoso1919.onmicrosoft.com, Sub1.Contoso1919.onmicrosoft.com, and
D. Sub2.Contoso1919.onmicrosoft.com all the domains in the subscription

Question # 2

You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.Corporate policy states that user passwords must not include the word ContosoWhat should you do to implement the corporate policy?

A. From the Azure Active Directory admin center, configure the Password protection settings.
B. From the Microsoft 365 admin center, configure the Password policy settings.
C. From Azure AD Identity Protection, configure a sign-in risk policy.
D. From the Azure Active Directory admin center, create a conditional access policy.

Question # 3

You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.A temporary employee at your company uses an email address of user1@outlook.com.You need to ensure that the temporary employee can sign in to contoso.com by using the user1@outlook.com account.What should you do?

A. From the Azure Active Directory admin center, create a new user.
B. From the Microsoft 365 admin center, create a new contact.
C. From the Azure Active Directory admin center, create a new guest user.
D. From the Microsoft 365 admin center, create a new user.

Question # 4

You have a Microsoft 365 E5 subscription.All users are assigned a license to Microsoft 365 Apps for enterprise.The users report that they do not have the option to install Microsoft 365 apps on their device as shown in the following exhibit. You need to ensure that the users can install Microsoft 365 apps from the Office 365 portalWhat should you do?

A. From the Microsoft 365 admin center, modify the user license settings.
B. From the Microsoft Endpoint Manager admin center, create a Microsoft 365 Apps app and assign the app to the devices.
C. From the Microsoft Endpoint Manager admin center, create a Microsoft 365 Apps app and assign the app to the users.
D. From the Microsoft 365 admin center, modify the Services & add-ins settings.

Question # 5

You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. The tenant includes a user named User1.You enable Azure AD Identity Protection.You need to ensure that User1 can review the list in Azure AD Identity Protection of users flagged for risk. The solution must use the principle of least privilege.To which role should you add User1? 

A. Security reader
B. User administrator
C. Service administrator
D. Reports reader

Question # 6

 Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table.  You configure Azure AD Connect to sync contoso.com to Azure Active Directory. Which objects will sync to Azure AD?

A. Group1, Used, and User2
B. Group1 and User1 only
C. User1 and User2 only
D. Group1 only

Question # 7

You have Windows 10 devices that are managed by using Microsoft Endpoint Manager. All the devices have Microsoft Office 365 apps installed.You need to configure the proofing tool settings for the Office 365 apps.From the Microsoft Endpoint Manager admin center, what should you create?

A. a device compliance policy
B. an app configuration policy
C. an app
D. a device configuration profile

Question # 8

Your company has an Azure Active Directory (Azure AD) tenant named contoso.com that contains 10,000 users.The company has a Microsoft 365 subscription.You enable Azure Multi-Factor Authentication (MFA) for all the users in contoso.com.You run the following query.search "SigninLogs" | where ResultDescription == "User did not pass the MFA challenge."The query returns blank results.You need to ensure that the query returns the expected results.What should you do?

A. From the Azure Active Directory admin center, configure the diagnostics settings to archive logs to an Azure Storage account.
B. From the Security & Compliance admin center, turn on auditing.
C. From the Security & Compliance admin center, enable Office 365 Analytics.
D. From the Azure Active Directory admin center, configure the diagnostics settings to send logs to an Azure Log Analytics workplace.

Question # 9

You have a Microsoft 365 subscription that contains the users shown in the following table.You plan to use Exchange Online to manage email for a DNS domain.An administrator adds the DNS domain to the subscription.The DNS domain has a status of incomplete setup.You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.Which user should you identify?

A. User1
B. User2
C. User3
D. User4

Question # 10

Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant.The on-premises network contains a file server named Server1. Server1 has a share named Share1 that contains company documents.Your company purchases a Microsoft 365 subscription.You plan to migrate data from Share1 to Microsoft 365. Only data that was created or modified during the last three months will be migrated.You need to identify all the files in Share1 that were modified or created during the last 90 days.What should you use?

A. Server Manager
B. Microsoft SharePoint Migration Tool
C. Resource Monitor
D. Usage reports from the Microsoft 365 admin center

Question # 11

Your network contains an on-premises Active Directory domain. The domain contains 2,000 computers that run Windows 10.You purchase a Microsoft 365 subscription.You implement password hash synchronization and Azure Active Directory (Azure AD) Seamless Single Sign-On (Seamless SSO).You need to ensure that users can use Seamless SSO from the Windows 10 computers.What should you do?

A. Create a conditional access policy in Azure AD.
B. Deploy an Azure AD Connect staging server.
C. Join the computers to Azure AD.
D. Modify the Intranet zone settings by using Group Policy

Question # 12

You have a DNS zone named contoso.com that contains the following records.You purchase a Microsoft 365 subscription.You plan to migrate mailboxes to Microsoft Exchange Online.You need to configure Sender Policy Framework (SPF) to support Exchange Online.What should you do?

A. Add an additional TXT record
B. Modify the TXT record.
C. Modify the expire interval of the SOA record.
D. Modify the default TTL of the SOA record.

Question # 13

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a hybrid deployment of Microsoft 365 that contains the objects shown in the following table.Azure AD Connect has the following settings:Password Hash Sync: EnabledPassword writeback: EnabledGroup writeback: EnabledYou need to add User2 to Group 2.Solution: You use the Security & Compliance admin center.Does this meet the goal?

A. Yes
B. No

Question # 14

A user receives the following message when attempting to sign in to https://myapps.microsoft.com:"Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location, device, or app. Before you can continue, we need to verify your identity. Please contact your admin." Which configuration prevents the users from signing in? 

A. Security & Compliance supervision policies
B. Security & Compliance data loss prevention (DLP) policies
C. Microsoft Azure Active Directory (Azure AD) conditional access policies
D. Microsoft Azure Active Directory (Azure AD) Identity Protection policies

Question # 15

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:Contoso.comEast.contoso.comAn Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.You deploy a new domain named west.contoso.com to the forest.You need to ensure that west.contoso.com syncs to the Azure AD tenant.Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to staging mode.Does this meet the goal?

A. Yes
B. No

Question # 16

Your network contains two on-premises Active Directory forests named contoso.com and fabrikam.com. Fabrikam.com contains one domain and five domain controllers. Contoso.com contains the domains shown in the following table. You need to sync all the users from both the forests to a single Azure Active Directory (Azure AD) tenant by using Azure AD Connect.What is the minimum number of Azure AD Connect sync servers required?

A. 1
B. 2
C. 3
D. 4

Question # 17

Your network contains three Active Directory forests.You create a Microsoft Azure Active Directory (Azure AD) tenant.You plan to sync the on-premises Active Directory (Azure AD).You need to recommend a synchronization solution. The solution must ensure that the synchronization cancomplete successfully and as quickly as possible if a single server fails.What should you include in the recommendation?

A. Three Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode
B. One Azure AD Connect sync servers one Azure AD Connect sync servers in staging mode
C. Three Azure AD Connect sync servers and one Azure AD Connect sync servers in staging mode
D. six Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode

Question # 18

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a hybrid deployment of Microsoft 365 that contains the objects shown in the following table. Azure AD Connect has the following settings:Password Hash Sync: EnabledPassword writeback: EnabledGroup writeback: EnabledYou need to add User2 to Group 2.Solution: You use the Azure Active Directory admin center.Does this meet the goal?

A. Yes
B. No

Question # 19

Your network contains an Active Directory domain named adatum.com that is synced to Microsoft Azure Active Directory (Azure AD).The domain contains 100 user accounts.The city attribute for all the users is set to the city where the user resides.You need to modify the value of the city attribute to the three-letter airport code of each city.What should you do?

A. From Active Directory Administrative Center, select the Active Directory users, and then modify the Properties settings.
B. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.
C. From Azure Cloud Shell, run the Get-MsolUser and Set-MSOluser cmdlets.
D. From Windows PowerShell on a domain controller, run the Get-AzureADUser and Set-AzureADUser cmdlets.

Question # 20

Your company uses email, calendar, contact, and task services in Microsoft Outlook.com.You purchase a Microsoft 365 subscription and plan to migrate all users from Outlook.com to Microsoft 365.You need to identify which user data can be migrated to Microsoft 365.Which type of data should you identify?

A. task
B. email
C. calendar
D. contacts

Question # 21

Your company has a Microsoft 365 subscription.Your plan to add 100 newly hired temporary users to the subscription next week.You create the user accounts for the new users.You need to assign licenses to the new users.Which command should you run?

A. Option A
B. Option B
C. Option C
D. Option D

Question # 22

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.You may now click next to proceed to the lab.Lab informationUse the following login credentials as needed:To enter your username, place your cursor in the Sign in box and click on the username below.To enter your password, place your cursor in the Enter password box and click on the password below.Microsoft 365 Username:admin@LODSe426243.onmicrosoft.comMicrosoft 365 Password: 3&YWyjse-6-dIf the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.The following information is for technical support purposes only:Lab Instance: 10887751Your company has a web application named App1.The company plans to publish App1 by using a URL of https://app1.contoso.com.You need to register App1 to your Microsoft Office 365 tenant.See explanation below. 

Question # 23

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.You sign up for Microsoft Store for Business.The tenant contains the users shown in the following table. Microsoft Store for Business has the following Shopping behavior settings:Allow users to shop is set to On.Make everyone a Basic Purchaser is set to Off.You need to identify which users can install apps from the Microsoft for Business private store.Which users should you identify?

A. A. user1, User2, User3, User4, and User5
B. User1 only
C. User1 and User2 only
D. User3 and User4 only
E. User1, User2, User3, and User4 only

Question # 24

Your network contains an Active Directory domain named contoso.com.All users authenticate by using a third-party authentication solution.You purchase Microsoft 365 and plan to implement several Microsoft 365 services.You need to recommend an identity strategy that meets the following requirements:Provides seamless SSOMinimizes the number of additional servers required to support the solutionStores the passwords of all the users in Microsoft Azure Active Directory (Azure AD)Ensures that all the users authenticate to Microsoft 365 by using their on-premises user accountYou are evaluating the implementation of federation.Which two requirements are met by using federation? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.

A. minimizes the number of additional servers required to support the solution
B. provides seamless SSO
C. stores the passwords of all the users in Azure AD
D. ensures that all the users authenticate to Microsoft 365 by using their on-premises user account.

Question # 25

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:Contoso.comEast.contoso.comAn Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant. You deploy a new domain named west.contoso.com to the forest. You need to ensure that west.contoso.com syncs to the Azure AD tenant.Solution: You install a new Azure AD Connect server in west.contoso.com and set AD Connect to active modeDoes this meet the goal?

A. Yes
B. No

Question # 26

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table. The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)User2 fails to authenticate to Azure AD when signing in as user2@fabrikam.com.You need to ensure that User2 can access the resources in Azure AD.Solution: From the Azure Active Directory admin center, you add fabrikam.com as a custom domain. You instruct User2 to sign in as user2@fabrikam.com.Does this meet the goal?

A. Yes
B. No

Question # 27

From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.) You need to reduce the likelihood that the sign-ins are identified as risky.What should you do?

A. From the Security & Compliance admin center, add the users to the Security Readers role group.
B. From the Conditional access blade in the Azure Active Directory admin center, create named locations.
C. From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.
D. From the Security & Compliance admin center, create a classification label.

Question # 28

You have a Microsoft 365 subscription.You add a domain named contoso.com.When you attempt to verify the domain, you are prompted to send a verification email to admin@contoso.com.D18912E1457D5D1DDCBD40AB3BF70D5DYou need to change the email address used to verify the domain.What should you do?

A. From the domain registrar, modify the contact information of the domain
B. Add a TXT record to the DNS zone of the domain
C. Modify the NS records for the domain
D. From the Microsoft 365 admin center, change the global administrator of the Microsoft 365 subscription

Question # 29

Your company has two offices. The offices are located in Seattle and New York.The company uses a third-party email system.You implement Microsoft 365.You move all the users in the Seattle office to Exchange Online. You configure Microsoft 365 to successfully receive all the email messages sent to the Seattle office users.All the users in the New York office continue to use the third-party email system.The users use the email domains shown in the following table. You need to ensure that all the email messages sent to the New York office users are delivered successfully. The solution must ensure that all the email messages for the users in both offices are routed through Microsoft 365.You create the required DNS records and Send connectors.What should you do next from Microsoft 365?

A. From Microsoft 365 admin center, set the default domain. From the Exchange admin center, create a transport rule for all the email messages sent to adatum.com
B. From Microsoft 365 admin center, add the adatum.com domain. From the Exchange admin center, configure adatum.com as an internal relay domain.
C. From Microsoft 365 admin center, add the adatum.com domain. From the Exchange admin center, configure adatum.com as an authoritative domain.
D. From Microsoft 365 admin center, set the default domain. From the Exchange admin center, configure adatum.com as a remote domain.

Question # 30

Which migration solution should you recommend for Project1? 

A. From the Microsoft 365 admin center, start a data migration and click Exchange as the data service.
B. From the Exchange admin center, start a migration and select Cutover migration.
C. From the Exchange admin center, start a migration and select Staged migration.
D. From the Microsoft 365 admin center, start a data migration and click Upload PST as the data service.

Question # 31

Which migration solution should you recommend for Project1? 

A. From the Exchange admin center, start a migration and select Staged migration.
B. From the Microsoft 365 admin center, start a data migration and click Exchange as the data service.
C. From the Microsoft 365 admin center, start a data migration and click Outlook as the data service.
D. From the Exchange admin center, start a migration and select Cutover migration.

Question # 32

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your company plans to deploy several Microsoft Office 365 services.You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:* Users must be able to authenticate during business hours only.* Authentication requests must be processed successfully if a single server fails.* When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.* Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.Solution: You design an authentication strategy that contains a pass-through authentication model. You install an Authentication Agent on three servers and configure seamless SSO.Does this meet the goal?

A. Yes
B. No

Question # 33

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.Your network contains an Active Directory domain named contoso.com that is synced to Microsoft AzureActive Directory (Azure AD).You manage Windows 10 devices by using Microsoft System Center Configuration Manager (CurrentBranch).You configure a pilot for co-management.You add a new device named Device1 to the domain. You install the Configuration Manager client onDevice1.You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.Solution: You add Device1 to an Active Directory group.Does this meet the goal?

A. Yes
B. No

Question # 34

In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments. Policy1 is configured as shown in the exhibit. (Click the Exhibit tab.) You need to ensure that internal users can email documents that contain US bank account numbers to externalusers who have an email suffix of contoso.com.What should you configure?

A. an action
B. a group
C. a condition
D. an exception

Question # 35

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have a Microsoft 365 subscription.You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users areconnected to your on-premises network.Solution: From the Microsoft 365 admin center, you configure the Organization profile settings.Does this meet the goal?

A. Yes
B. No

Question # 36

Your company has a Microsoft 365 subscription and a Microsoft Azure Active Directory (Azure AD) tenantnamed contoso.onmicrosoft.com.An external vendor has a Microsoft account that has a username of user1@outlook.com.You plan to provide user1@outlook.com with access to several resources in the subscription.You need to add the external user account to contoso.onmicrosoft.com. The solution must ensure that theexternal vendor can authenticate by using user1@outlook.com.What should you do?

A. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify –UserPrincipalNameuser1@outlook.com.
B. From the Microsoft 365 admin center, add a contact, and then specify user1@outlook.com as the emailaddress.
C. From the Azure portal, add a new guest user, and then specify user1@outlook.com as the email address.
D. From the Azure portal, add a custom domain name, and then create a new Azure AD user and useuser1@outlook.com as the username.

Question # 37

A user receives the following message when attempting to sign in to https://myapps.microsoft.com:"Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might besigning in from a new location, device, or app. Before you can continue, we need to verify your identity.Please contact your admin."Which configuration prevents the users from signing in?

A. Security & Compliance supervision policies
B. Security & Compliance data loss prevention (DLP) policies
C. Microsoft Azure Active Directory (Azure AD) conditional access policies
D. Microsoft Azure Active Directory (Azure AD) Identity Protection policies

Question # 38

You have a Microsoft 365 subscription.You configure a data loss prevention (DLP) policy.You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.You need to prevent the users from bypassing the DLP policy.What should you configure?

A. actions
B. exceptions
C. incident reports
D. user overrides

Question # 39

You have a Microsoft 365 subscription.Your company purchases a new financial application named App1.From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered apps page and discover thatmany applications have a low score because they are missing information about domain registration andconsumer popularity.You need to prevent the missing information from affecting the score.What should you configure from the Cloud Discover settings?

A. App tags
B. Score metrics
C. Organization details
D. Default behavior

Question # 40

You have a Microsoft 365 subscription.You need to prevent phishing email messages from being delivered to your organization.What should you do?

A. From the Exchange admin center, create an anti-malware policy.
B. From Security & Compliance, create a DLP policy.
C. From Security & Compliance, create a new threat management policy.
D. From the Exchange admin center, create a spam filter policy.

Question # 41

Your network contains an Active Directory domain named contoso.com.You have a Microsoft 365 subscription.You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.You implement directory synchronization.The developers at your company plan to build an app named App1. App1 will connect to the Microsoft GraphAPI to provide access to several Microsoft Office 365 services.You need to provide the URI for the authorization endpoint that App1 must use.What should you provide?

A. https://login.microsoftonline.com/
B. https://contoso.com/contoso.onmicrosoft.com/app1
C. https://login.microsoftonline.com/contoso.onmicrosoft.com/
D. https://myapps.microsoft.com

Question # 42

You have a Microsoft 365 subscription that contains a Microsoft Azure Directory (Azure AD) tenantContoso.com. The tenant includes a user named user1.You enable Azure AD Identity protection.You need to ensure that User1 can review the list in Azure AD identity protection of users flagged for risk.The solution must use the principle of least privilege.To which role should you add User1?

A. Security administrator
B. Report
C. Global reader
D. Owner

Question # 43

Your company has 20 employees, Each employees has a mailbox hosted in Outlook.com.The company purchases a Microsoft 365 subcription.You plan to migrate all the mailboxes to Microsoft 365.You need to recommend which type of migration to use for the mailboxes.What should recommend?

A. Cutover migration
B. Staged migration
C. IMAP migration
D. Minimal hybrid migration

Question # 44

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have a Microsoft 365 subscription.You discover that some external users accessed content on a Microsoft SharePoint site. You modify theSharePoint sharing policy to prevent sharing outside your organization.You need to be notified if the SharePoint policy is modified in the future.Solution: From the SharePoint admin center, you modify the sharing settings.Does this meet the goal?

A. Yes
B. No

Question # 45

Your network contains an Active Directory domain named contoso.com. The domain contains five domaincontrollers.You purchase Microsoft 365 and plan to implement several Microsoft 365 services.You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution mustmeet the following requirements:Ensure that users can access Microsoft 365 by using their on-premises credentials.Use the existing server infrastructure only.Store all user passwords on-premises only.Be highly available.Which authentication strategy should you identify?

A. pass-through authentication and seamless SSO
B. pass-through authentication and seamless SSO with password hash synchronization
C. password hash synchronization and seamless SSO
D. federation

Question # 46

You have a Microsoft 365 subscription.You plan to enable Microsoft Azure Information Protection.You need to ensure that only the members of a group named PilotUsers can protect content.What should you do?

A. Run the Add-AadrmRoleBaseAdministrator cmdlet.
B. Create an Azure Information Protection policy.
C. Configure the protection activation status for Azure Information Protection.
D. Run the Set-AadrmOnboardingControlPolicy cmdlet.

Question # 47

Your network contains an on-premises Active Directory domain.Your company has a security policy that prevents additional software from being installed on domaincontrollers.You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP).What should you do? More than once choice may achieve the goal. Select the BEST answer.

A. Deploy an Azure ATP standalone sensor, and then configure port mirroring.
B. Deploy an Azure ATP standalone sensor, and then configure detections.
C. Deploy an Azure ATP sensor, and then configure detections.
D. Deploy an Azure ATP sensor, and then configure port mirroring.

Question # 48

Your network contain*, an on-premises Active Directory forest.You are evaluating the implementation of Microsoft 365 and the deployment of authentication strategy.You need to recommend an authentication strategy that meets the following requirements:• Allows users to sign in by using smart card-based certificates• Allows users to connect to on premises and Microsoft 365 services by using SSOWhich authentication strategy should you recommend?

A. password hash synchronization and seamless SSO
B. federation with Active Directory Federation Services (AD FS)
C. pass-through authentication and seamless SSO

Question # 49

Note: This question is part of a series of questions that present the same scenario. Each question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result these questionswill not appear in the review screen.Your company has a main office and three branch offices. All the branch offices connect to the main office byusing a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to theInternet by using the main office connection.Users use Microsoft Outlook 2016 to connect to 4 Microsoft Exchange Server mailbox hosted in the mainoffice.The users report that when the WAN link in their office becomes unavailable, they cannot access theirmailbox.You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN linkfails.Solution: You deploy a site-to-site VPN from each branch office to Microsoft Azure.Does this meet the goal?

A. Yes
B. NO

Question # 50

Your network contains an Active Directory forest named local.You have a Microsoft 365 subscription. You plan to implement a directory synchronization solution that willuse password hash synchronization.From the Microsoft 365 admin center, you verify the contoso.com domain name. You need to prepare theenvironment foe the planned directory synchronization solution.What should you do first?

A. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.
B. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix
C. From the Microsoft 365 admin center, verify the contoso.com domain name.
D. From Active Directory Users and Computers, modify the UPN suffix for all users.

Question # 51

Your company has a Microsoft 365 E5 subscription.Users in the research department work with sensitive data.You need to prevent the research department users from accessing potentially unsafe websites by usinghyperlinks embedded in email messages and documents. Users in other departments must not be restricted.What should you do from the Security & Compliance admin center?

A. Create a data loss prevention (DLP) policy that has a Content contains condition.
B. Create a data loss prevention (DLP) policy that has a Content is shared condition.
C. Modify the default safe links policy.
D. Create a new safe links policy.

Question # 52

You have a Microsoft 365 subscription. You view the service advisories shown in the following exhibit. You need to ensure that users who administer Microsoft SharePoint Online can view the advisories to investigate health issues. Which role should you assign to the users?

A. SharePoint administrator
B. Message Center reader
C. Reports reader
D. Service administrator

Question # 53

Note: This question is part of a series of questions that present the same scenario. Each question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questionswill not appear in the review screen.Your network contains an Active Directory forest.You deploy Microsoft 365.You plan to implement directory synchronization.You need to recommend a security solution for the synchronized identities. The solution must meet thefollowing requirements:Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomesunavailable.Users passwords must be 10 characters or more.Solution: Implement password hash synchronization and configure password protection in the Azure ADtenant.Does this meet the goal?

A. Yes
B. No

Question # 54

You have a Microsoft 365 Enterprise E5 subscription.You need to enforce multi-factor authentication on all cloud-based applications for the users in the financedepartment.What should you do?

A. Create an activity policy.
B. Create a new app registration.
C. Create a conditional access policy.
D. Create a session policy.

Question # 55

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.Your network contains an Active Directory domain named contoso.com that is synced to Microsoft AzureActive Directory (Azure AD).You manage Windows 10 devices by using Microsoft System Center Configuration Manager (CurrentBranch).You configure a pilot for co-management.You add a new device named Device1 to the domain. You install the Configuration Manager client onDevice1.You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.Solution: You create a device configuration profile from the Intune admin center.Does this meet the goal?

A. Yes
B. No

Question # 56

Your company has 10 offices.The network contains an Active Directory domain named contoso.com. The domain contains 500 clientcomputers. Each office is configured as a separate subnet.You discover that one of the offices has the following:Computers that have several preinstalled applicationsComputers that use nonstandard computer namesComputers that have Windows 10 preinstalledComputers that are in a workgroupYou must configure the computers to meet the following corporate requirements:All the computers must be joined to the domain.All the computers must have computer names that use a prefix of CONTOSO.All the computers must only have approved corporate applications installed.You need to recommend a solution to redeploy the computers. The solution must minimize the deploymenttime.

A. a provisioning package
B. wipe and load refresh
C. Windows Autopilot
D. an in-place upgrade

Question # 57

You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenantnamed contoso.com. The tenant includes a user named User1You enable Azure AD Identity Protection.You need to ensure that User1 can review the list in Azure AD Identity Protection of users nagged for risk.The solution must use the principle of least privilege.To which role should you add User1?

A. Security reader
B. Compliance administrator
C. Reports reader
D. Global administrator

Question # 58

Your company has a Microsoft 365 subscription.You need to identify all the users in the subscription who are licensed for Microsoft Office 365 through agroup membership. The solution must include the name of the group used to assign the license.What should you use?

A. the Licenses blade in the Azure portal
B. Reports in the Microsoft 365 admin center
C. Active users in the Microsoft 365 admin center
D. Report in Security & Compliance

Question # 59

You publish an enterprise application named App1 that process financial data.You need to ensure that access to App1 is revoked for users who no longer require view the processedfinancial data.What should you configure?

A. An access review
B. An app protection policy
C. A conditional access policy
D. An owner

Question # 60

Your company has a main office and 20 branch offices in North America and Europe. Each branch officeconnects to the main office by using a WAN link. All the offices connect to the Internet and resolve externalhost names by using the main office connections.You plan to deploy Microsoft 365 and to implement a direct Internet connection in each office.You need to recommend a change to the infrastructure to provide the quickest possible access to Microsoft 365services.What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal.Select the BEST answer.

A. For all the client computers in the branch offices, modify the MTU setting by using a Group Policyobject (GPO).
B. In each branch office, deploy a proxy server that has user authentication enabled.
C. In each branch office, deploy a firewall that has packet inspection enabled.
D. In each branch office, configure name resolution so that all external hosts are redirected to public DNSservers directly.

Question # 61

Your company has 10,000 users who access all applications from an on-premises data center.You plan to create a Microsoft 365 subscription and to migrate data to the cloud.You plan to implement directory synchronization.User account and group accounts must sync to Microsoft Azure Directory (Azure AD) successfully.You discover that several user accounts fail to sync to Azure AD.You need to identify which user accounts failed to sync. You must resolve the issue as quickly as possible.What should you do?

A. From Active Directory Administrative Center, search for all the users, and then modify the properties ofthe user accounts.
B. Run idfix.exe, and then click Complete.
C. From Windows PowerShell, run the Start-AdSyncSyncCycle –PolicyType Delta command.
D. Run idfix.exe, and then click Edit.

Question # 62

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.You have a Microsoft 365 subscription.You discover that some external users accessed content on a Microsoft SharePoint site. You modify theSharePoint sharing policy to prevent sharing outside your organization.You need to be notified if the SharePoint policy is modified in the future.Solution: From the SharePoint site, you create an alert.Does this meet the goal?

A. Yes
B. No

Question # 63

You have an on premises web application that is published by using a URL of https://app.contoso.local.You purchase a Microsoft 36S subscription.Several external users must be able to connect to the web applicationYou need to recommend a solution for external access to the application. The solution must supportmulti-factor authentication.Which two actions should you recommend? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.

A. From an on-premises server, install a connector, and then publish the app.
B. From the Azure Active Directory admin center, enable an Application Proxy.
C. From the Azure Active Directory admin center, treate a conditional access policy.
D. From an on premises server, install an Authentication Agent.
E. Republish the web-application by using http//app.contoso.com

Question # 64

Note: This question is part of a series of questions that present the same scenario. Each question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questionswill not appear in the review screen.Your company plans to deploy several Microsoft Office 365 services.You need to design an authentication strategy for the planned deployment. The solution must meet thefollowing requirements:Users must be able to authenticate during business hours only.Authentication requests must be processed successfully if a single server fails.When the password for an on-premises user account expires, the new password must be enforced thenext time the user signs in.Users who connect to Office 365 services from domain-joined devices that are connected to the internalnetwork must be signed in automatically.Solution: You design an authentication strategy that uses federation authentication by using Active DirectoryFederation Services (AD FS). The solution contains two AD FS servers and two Web Application Proxies.Does this meet the goal?

A. Yes
B. No

Question # 65

Your company has a Microsoft 365 subscription.You upload several archive PST files to Microsoft 365 by using the Security & Compliance admin center.A month later, you attempt to run an import job for the PST files.You discover that the PST files were deleted from Microsoft 365.What is the most likely cause of the files being deleted? More than one answer choice may achieve the goal.Select the BEST answer.

A. The PST files were corrupted and deleted by Microsoft 365 security features.
B. PST files are deleted automatically from Microsoft 365 after 30 days.
C. The size of the PST files exceeded a storage quota and caused the files to be deleted.
D. Another administrator deleted the PST files.

Question # 66

Your company has a Microsoft 365 E3 subscription.All devices run Windows 10 Pro and are joined to Microsoft Azure Active Directory (Azure AD).You need to change the edition of Windows 10 to Enterprise the next time users sign in to their computer. Thesolution must minimize downtime for the users.What should you use?

A. Subscription Activation
B. Windows Update
C. Windows Autopilot
D. an in-place upgrade

Question # 67

Your company recently purchased a Microsoft 365 subscription.You enable Microsft Azure Multi-Factor Authentication (MFA) for all 500 users in the Azure ActiveDirectory (Azure tenant)You need to generate a report that lists all the users who Azure registeration process.What is the best approach to achieve the goal? More than one answer choice achieve the goal. Select the Bestanswer.

A. From Azure Cloud Shell, run the Get-Msoluser cndlet.
B. From the Azure Active Directory admin center, use the Risky sign-ins blade.
C. From the Azure Active Directory admin center, use the Multi-factor Authentication – Server Statusblade.
D. From Azure Cloud Shell, run the Get-AzureADUser cndlet.

Question # 68

Your network contains an Active Directory domain and a Microsoft Azure Active Directory (Azure AD)tenant.The network uses a firewall that contains a list of allowed outbound domains.You began to implement directory synchronization.You discover that the firewall configuration contains only the following domain names in the list of alloweddomains:• *.microsof.com• *.office.comDirectory synchronization fails.You need to ensure that directory synchronization completes successfully.What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select theBEST answer.

A. From the firewall, allow the IP address range of the Azure data center for outbound communication.
B. From Azure AD Connect, modify the Customize synchronization options task
C. Deploy an Azure AD Connect sync server in staging mode.
D. From the firewall, create a list of allowed inbound domains.
E. From the firewall, modify the list of allowed outbound domains.

Question # 69

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.Your network contains an Active Directory domain.You deploy a Microsoft Azure Active Directory (Azure AD) tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All theother user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user account synchronizations completedsuccessfully.You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: You run idfix.exe and report the 10 user accounts.Does this meet the goal?

A. Yes
B. No

Question # 70

Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (AzureAD).The on-premises network contains a Microsoft SharePoint Server 2019 farm.The company purchases a Microsoft 365 subscription. You plan to assign User1 and User2 the required roles to run the SharePoint Hybrid Configuration Wizard.User1 will be used for on-premises credentials and User2 will be used for cloud credentials.You need to assign the correct role to User2. The solution must use the principle of least privilege.Which role should you assign to User2?

A. Application administrator
B. SharePoint farm administrator
C. Global administrator
D. SharePoint administrator

Question # 71

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.Your network contains an Active Directory domain.You deploy a Microsoft Azure Active Directory (Azure AD) tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All theother user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user account synchronizations completedsuccessfully.You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: From Azure AD Connect, you modify the Azure AD credentials.Does this meet the goal?

A. Yes
B. No

Question # 72

Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have morethan one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen.Your company has a main office and three branch offices. All the branch offices connect to the main office byusing a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to theInternet by using the main office connections.Users use Microsoft Outlook 2016 to connect to a Microsoft Exchange Server mailbox hosted in the mainoffice.The users report that when the WAN link in their office becomes unavailable, they cannot access theirmailbox.You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN linkfails.Solution: You enable Cached Exchange Mode for all the Outlook profiles.Does this meet the goal?

A. Yes
B. No

Question # 73

Your network contains an Active Directory forest. The forest contains two domains named contoso.com andadatum.com.Your company recently purchased a Microsoft 365 subscription.You deploy a federated identity solution to the environment.You use the following command to configure contoso.com for federation.Convert-MsolDomaintoFederated –DomainName contoso.comIn the Microsoft 365 tenant, an administrator adds and verifies the adatum.com domain name.You need to configure the adatum.com Active Directory domain for federated authentication.Which two actions should you perform before you run the Azure AD Connect wizard? Each correct answerpresents part of the solution.NOTE: Each correct selection is worth one point.

A. From Windows PowerShell, run the Convert-MsolDomaintoFederated–DomainName contoso.com –SupportMultipleDomain command.
B. From Windows PowerShell, run the New-MsolFederatedDomain–SupportMultipleDomain -DomainName contoso.com command.
C. From Windows PowerShell, run the New-MsolFederatedDomain-DomainName adatum.com command.
D. From Windows PowerShell, run the Update-MSOLFederatedDomain–DomainName contoso.com –SupportMultipleDomain command.
E. From the federation server, remove the Microsoft Office 365 relying party trust.

Question # 74

Your company has an on-premises Microsoft Exchange Server 2013 organization.The company has 100 users.The company purchases Microsoft 365 and plans to move its entire.- infrastructure to the cloud.The company does NOT plan to sync the on-premises Active Directory domain to Microsoft Azure ActiveDirectory (Azure AD).You need to recommend which type of migration to use to move all email messages, contacts, and calendaritems to Exchange Online.What should you recommend?

A. cutover migration
B. IMAP migration
C. remote move migration
D. staged migration

Question # 75

You have a Microsoft 365 tenant that contains Microsoft Exchange Online.You plan to enable calendar sharing with a partner organization named adatum.com. The partner organizationalso has a Microsoft 365 tenant.You need to ensure that the calendar of every user is available to the users in adatum.com immediately.What should you do?

A. From the Exchange admin center, create a sharing policy.
B. From the Exchange admin center, create a new organization relationship
C. From the Microsoft 365 admin center, modify the Organization profile settings.
D. From the Microsoft 365 admin center, configure external site sharing.

Question # 76

You have a Microsoft 365 tenant.You have a line-of-business application named App1 that users access by using the My Apps portal.After some recent security breaches, you implement a conditional access policy for App1 that uses ConditionalAccess App Control.You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensurethat alerts are generated for App1 only.What should you do?

A. From Microsoft Cloud App Security, modify the impossible travel alert policy.
B. From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.
C. From the Azure Active Directory admin center, modify the conditional access policy.
D. From Microsoft Cloud App Security, create an app discovery policy.

Question # 77

Note: This question it part of a series of questions that present the same scenario. Cacti question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questionswill not appear in the review screen.Your company has a Microsoft Office 36S tenant.You suspect that several Office 365 features were recently updated.You need to view a last of the features that were recently updated in the tenant.Solution: You use Message center in the Microsoft 365 admin center.Does this meet the goal?

A. Yes
B. NO

Question # 78

Your company has a Microsoft 365 subscription.You need to identify which users performed the following privileged administration tasks:Deleted a folder from the second-stage Recycle Bin if Microsoft SharePointOpened a mailbox of which the user was not the ownerReset a user passwordWhat should you use?

A. Microsoft Azure Active Directory (Azure AD) audit logs
B. Microsoft Azure Active Directory (Azure AD) sign-ins
C. Security & Compliance content search
D. Security & Compliance audit log search

Question # 79

You have a Microsoft 365 Enterprise E5 subscription.You need to enforce multi-factor authentication on all cloud-based applications for the users in the financedepartment.What should you do?

A. Create on activity policy.
B. Create a Sign-in risk policy.
C. Create a session policy.
D. Create an app permission policy.

Question # 80

Note: This question it part of a series of questions that present the same scenario. Cacti question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questionswill not appear in the review screen.Your company has a Microsoft Office 36S tenant.You suspect that several Office 365 features were recently updated.You need to view a last of the features that were recently updated in the tenant.Solution: You use the View service requests option in the Microsoft 365 admin center.Does this meet the goal?

A. Yes
B. NO

Question # 81

Your company has a Microsoft Azure Active Directory (Azure AD) directory tenant namedcontoso.onmicrosoft.com.All users have client computers that run Windows 10 Pro and are joined to Azure AD.The company purchases a Microsoft 365 E3 subscription.You need to upgrade all the computers to Windows 10 Enterprise. The solution must minimize administrativeeffort.You assign licenses from the Microsoft 365 admin center.What should you do next?

A. Add a custom domain name to the subscription.
B. Deploy Windows 10 Enterprise by using Windows Autopilot.
C. Create provisioning package, and then deploy the package to all the computers.
D. Instruct all the users to log off of their computer, and then to log in again.

Question # 82

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains1,000 Windows 10 devices.You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP)for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to bestored in the United States.You plan to onboard all the devices to Windows Defender ATP data in Europe.What should you do first?

A. Create a workspace
B. Offboard the test devices
C. Delete the workspace
D. Onboard a new device

Question # 83

You have an on-premises Microsoft SharePoint Server 2016 environment.You create a Microsoft 365 tenant.You need to migrate some of the SharePoint sites to SharePoint Online. The solution must meet the followingrequirements:Microsoft OneDrive sites must redirect users to online content.Users must be able to follow both on-premises and cloud-based sites.Users must have a single SharePoint profile for both on-premises and on the cloud.When users search for a document by using keywords, the results must include online and on-premises results.From the SharePoint Hybrid Configuration Wizard, you select the following features:Hybrid business to business (B2B) sitesHybrid OneDriveHybrid SearchWhich two requirements are met by using the SharePoint Hybrid Configuration Wizard features? Each correctanswer presents a complete solution.NOTE: Each correct selection is worth one point.

A. Users must have a single SharePoint profile for both on-premises and on the cloud.
B. OneDrive sites must redirect users to online content.
C. Users must be able to follow both on-premises and cloud-based sites.
D. When users search for a document by using keywords, the results must include online and on-premisesresults.

Question # 84

Your company has a Microsoft 365 subscription.You plan to move several archived PST files to Microsoft Exchange Online mailboxes.You need to create an import job for the PST files.Which three actions should you perform before you create the import job? Each correct answer presents part ofthe solution.NOTE: Each correct selection is worth one point.

A. Create a Microsoft Azure Storage account.
B. From Security & Compliance, retrieve the SAS key.
C. Run azcopy.exe to copy the PST files to Microsoft Azure Storage
D. Use Microsoft Azure Storage Explorer to copy the PST files to Azure Storage.
E. Create a PST import mapping file.

Question # 85

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.comthat contains a user named User1.You suspect that an imposter is signing in to Azure AD by using the credentials of User1.You need to ensure that an administrator named Admin1 can view all the sign in details of User 1 from thepast 24 hours.To which three roles should you add Admin1? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.

A. Security administrator
B. Password administrator
C. User administrator
D. Compliance administrator
E. Reports reader
F. Security Reader

Question # 86

Note: This question is part of a series of questions that present the same scenario. Each question in the seriescontains a unique solution that might meet the stated goals. Some question sets might have more than onecorrect solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result these questionswill not appear in the review screen.Your company has a main office and three branch offices. All the branch offices connect to the main office byusing a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to theInternet by using the main office connection.Users use Microsoft Outlook 2016 to connect to 4 Microsoft Exchange Server mailbox hosted in the mainoffice.The users report that when the WAN link in their office becomes unavailable, they cannot access theirmailbox.You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN linkfails.Solution: For each branch office, you add a direct connection to the Internet.Does this meet the goal?

A. Yes
B. NO