CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-100

Free MS-100 Exam Braindumps (page: 32)

Page 32 of 98
PDF with 464 Questions

Your network contains an Active Directory forest named contoso.local.
You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization. From the Microsoft 365 admin center, you successfully verify the contoso.com domain name. You need to prepare the environment for the planned directory synchronization solution.
What should you do rst?

  1. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.
  2. From Active Directory Domains and Trusts, add contoso.com as a UPN su x.
  3. From the Microsoft 365 admin center, verify the contoso.local domain name.
  4. From Active Directory Users and Computers, modify the UPN su x for all users.

Answer(s): B

Explanation:

The on-premise Active Directory domain is named contoso.local. Therefore, all the domain users accounts will have a UPN su x of contoso.local by default.
To enable directory synchronization that will use password hash synchronization, you need to con gure the domain user accounts to have the same UPN su x as the veri ed domain (contoso.com in this case). Before you can change the UPN su x of the domain user accounts to contoso.com, you need to add contoso.com as a UPN su x in the domain.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-userprincipalname



Your company has a Microsoft 365 subscription.
Your plan to add 100 newly hired temporary users to the subscription next week.
You create the user accounts for the new users.
You need to assign licenses to the new users.
Which command should you run?





Answer(s): B

Explanation:

The rst line gets all users from the Temp department that have a UsageLocation assigned and stores them in the $NewStaff variable. You cannot use PowerShell to assign a license to a user that does not have a UsageLocation con gured.
The second line adds the licenses to each user in the $NewStaff variable.


Reference:

https://docs.microsoft.com/en-us/o ce365/enterprise/powershell/assign-licenses-to-user-accounts-with-o ce-365-powershell



Your network contains an Active Directory domain and a Microsoft Azure Active Directory (Azure AD) tenant. The network uses a rewall that contains a list of allowed outbound domains.
You begin to implement directory synchronization.
You discover that the rewall con guration contains only the following domain names in the list of allowed domains:
*.microsoft.com
*.o ce.com

Directory synchronization fails.
You need to ensure that directory synchronization completes successfully.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

  1. From the rewall, allow the IP address range of the Azure data center for outbound communication.
  2. From Azure AD Connect, modify the Customize synchronization options task.
  3. Deploy an Azure AD Connect sync server in staging mode.
  4. From the rewall, create a list of allowed inbound domains.
  5. From the rewall, modify the list of allowed outbound domains.

Answer(s): E

Explanation:

Azure AD Connect needs to be able to connect to various Microsoft domains such as login.microsoftonline.com. Therefore, you need to modify the list of allowed outbound domains on the rewall.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports



Your network contains an on-premises Active Directory forest.
You are evaluating the implementation of Microsoft 365 and the deployment of an authentication strategy. You need to recommend an authentication strategy that meets the following requirements:
Allows users to sign in by using smart card-based certi cates
Allows users to connect to on-premises and Microsoft 365 services by using SSO Which authentication strategy should you recommend?

  1. password hash synchronization and seamless SSO
  2. federation with Active Directory Federation Services (AD FS)
  3. pass-through authentication and seamless SSO

Answer(s): B

Explanation:

Federation with Active Directory Federation Services (AD FS) is required to allow users to sign in by using smart card-based certi cates.
Federated authentication
When you choose this authentication method, Azure AD hands off the authentication process to a separate trusted authentication system, such as on-premises
Active Directory Federation Services (AD FS), to validate the user's password.
The authentication system can provide additional advanced authentication requirements. Examples are smartcard-based authentication or third-party multifactor authentication.


Reference:

https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn



Page 32 of 98



Post your Comments and Discuss Microsoft MS-100 exam with other Community members:

Elan commented on March 05, 2024
Nice to see this kind of websites. thanks
BAHRAIN
upvote

SYED NASEEMUDDIN commented on December 14, 2023
i need the 100 question and answer.
SAUDI ARABIA
upvote

Rotciv commented on June 13, 2023
MS-100 exam written and passed! I like the application as well
SOUTH AFRICA
upvote

Murchu commented on March 14, 2023
This dump was a lifesaver and gave me the confidence I needed to pass my exam.
UNITED STATES
upvote

George commented on March 02, 2022
My 4th purchase from this site and I have passed all my exams.
UNITED STATES
upvote

Rohit commented on February 28, 2021
The content of this study guide is very helpful. I really appreicate the free test engine. The Xengine App provided for free is a lifesaver.
INDIA
upvote

Hizkia commented on April 20, 2020
Very professional team. The support replied and answered my questions in less than 2 hours. Pretty impressed!
FRANCE
upvote