CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-100

Free MS-100 Exam Braindumps (page: 51)

Page 51 of 98
PDF with 464 Questions

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft O ce 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
Users must be able to authenticate during business hours only.
Authentication requests must be processed successfully if a single server fails. When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that contains a pass-through authentication model. The solution contains two servers that have an Authentication
Agent installed and password hash synchronization con gured.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

This solution meets the following goals:
Users must be able to authenticate during business hours only.
Authentication requests must be processed successfully if a single server fails.
When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
However, the following goal is not met:
Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.

You would need to con gure Single-sign on (SSO) to meet the last requirement.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft O ce 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
Users must be able to authenticate during business hours only.
Authentication requests must be processed successfully if a single server fails. When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that contains a pass-through authentication model. You install an Authentication Agent on three servers and con gure seamless SSO.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): A

Explanation:

This solution meets all the requirements:
Users must be able to authenticate during business hours only. (This can be con gured by using Logon Hours in Active Directory. Pass- through authentication passes authentication to the on-premise Active Directory) Authentication requests must be processed successfully if a single server fails. (We have Authentication Agents running on three servers) When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. (This can be con gured in

Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory) Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. (This goal is met by seamless SSO)


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft O ce 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
Users must be able to authenticate during business hours only.
Authentication requests must be processed successfully if a single server fails. When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that uses password hash synchronization and seamless SSO. The solution contains two servers that have an
Authentication Agent installed.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

This solution meets the following requirements:
Users who connect to O ce 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Authentication requests must be processed successfully if a single server fails.

The following requirements are not met:
Users must be able to authenticate during business hours only.
When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
To meet these two requirements, you would have to con gure pass-through authentication.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn



HOTSPOT (Drag and Drop is not supported)
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.



Multi-factor authentication (MFA) is con gured to use 131.107.5.0/24 as trusted IPs.
The tenant contains the named locations shown in the following table.



You create a conditional access policy that has the following con gurations:
Users and groups assignment: All users
Cloud apps assignment: App1
Conditions: Include all trusted locations
Grant access: Require multi-factor authentication
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Yes
131.107.50.10 is in a Trusted Location so the conditional access policy applies. The policy requires MFA. However, User1's MFA status is disabled. The MFA requirement in the conditional access policy will override the user's MFA status of disabled. Therefore, User1 must use MFA.
Box 2: Yes.
131.107.20.15 is in a Trusted Location so the conditional access policy applies. The policy requires MFA so User2 must use MFA.
Box 3: Yes.
131.107.5.5 is an MFA Trusted IP so that counts as a Trusted Location in the conditional access policy. The All Trusted Locations setting includes MFA Trusted
IPs. Therefore, the conditional access policy applies so User2 must use MFA.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition



Page 51 of 98



Post your Comments and Discuss Microsoft MS-100 exam with other Community members:

Elan commented on March 05, 2024
Nice to see this kind of websites. thanks
BAHRAIN
upvote

SYED NASEEMUDDIN commented on December 14, 2023
i need the 100 question and answer.
SAUDI ARABIA
upvote

Rotciv commented on June 13, 2023
MS-100 exam written and passed! I like the application as well
SOUTH AFRICA
upvote

Murchu commented on March 14, 2023
This dump was a lifesaver and gave me the confidence I needed to pass my exam.
UNITED STATES
upvote

George commented on March 02, 2022
My 4th purchase from this site and I have passed all my exams.
UNITED STATES
upvote

Rohit commented on February 28, 2021
The content of this study guide is very helpful. I really appreicate the free test engine. The Xengine App provided for free is a lifesaver.
INDIA
upvote

Hizkia commented on April 20, 2020
Very professional team. The support replied and answered my questions in less than 2 hours. Pretty impressed!
FRANCE
upvote