Free AZ-104 Exam Braindumps (page: 14)

Page 13 of 154

HOTSPOT (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users shown in the following table.


You enable password reset for contoso.onmicrosoft.com as shown in the Password Reset exhibit. (Click thePassword Reset tab.)


You configure the authentication methods for password reset as shown in the Authentication Methods exhibit. (Click the Authentication Methods tab.)


For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: No
Two methods are required.

Box 2: No
Self-service password reset is only enabled for Group2, and User1 is not a member of Group2.

Box 3: Yes
As a User Administrator, User3 can add security questions to the reset process.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/quickstart-sspr https://docs.microsoft.com/en-us/azure/active-directory/authentication/active-directory-passwords-faq



Your company has a main office in London that contains 100 client computers. Three years ago, you migrated to Azure Active Directory (Azure AD).

The company’s security policy states that all personal devices and corporate-owned devices must beregistered or joined to Azure AD.

A remote user named User1 is unable to join a personal device to Azure AD from a home network. You verify that User1 was able to join devices to Azure AD in the past.
You need to ensure that User1 can join the device to Azure AD. What should you do?

  1. Assign the User administrator role to User1.
  2. From the Device settings blade, modify the Maximum number of devices per user setting.
  3. Create a point-to-site VPN from the home network of User1 to Azure.
  4. From the Device settings blade, modify the Users may join devices to Azure AD setting.

Answer(s): B

Explanation:

The Maximum number of devices setting enables you to select the maximum number of devices that a user can have in Azure AD. If a user reaches this quota, they will not be able to add additional devices until one or more of the existing devices are removed.

Incorrect Answers:
C: Azure AD Join enables users to join their devices to Active Directory from anywhere as long as they have connectivity with the Internet.
D: The Users may join devices to Azure AD setting enables you to select the users who can join devices to Azure AD. Options are All, Selected and None. The default is All.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal http://techgenix.com/pros-and-cons-azure-ad-join/



HOTSPOT (Drag and Drop is not supported)
You have two Azure App Service app named App1 and App2. Each app has a production deployment slot and a test deployment slot.
The Backup Configuration settings for the production slots are shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



HOTSPOT (Drag and Drop is not supported)
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant is synced to the on-premises Active Directory domain. The domain contains the users shows in the following table.


You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication methods:
-Number of methods required to reset: 2
-Methods available to users: Mobile phone, Security questions
-Number of questions required to register: 3
-Number of questions required to reset: 3

You select the following security questions:
What is your favorite food?
In what city was your first job?
What was the name of your first pet?

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: No
Administrator accounts are special accounts with elevated permissions. To secure them, the following restrictions apply to changing passwords of administrators:
On-premises enterprise administrators or domain administrators cannot reset their password through Selfservice password reset (SSPR). They can only change their password in their on-premises environment. Thus, we recommend not syncing on-prem AD admin accounts to Azure AD. An administrator cannot use secret Questions & Answers as a method to reset password.
Box 2: Yes
Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset their passwords without needing to contact IT staff.
Box 3: Yes


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment






Post your Comments and Discuss Microsoft AZ-104 exam with other Community members:

AZ-104 Discussions & Posts