CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-100

Free MS-100 Exam Braindumps (page: 39)

Page 38 of 98
PDF with 464 Questions

HOTSPOT (Drag and Drop is not supported)
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains the users shown in the following table.



You need to identify which users can perform the following administrative tasks:
Reset the password of User4.
Modify the value for the manager attribute of User4.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1:
A Password Administrator or a User Administrator can reset the password non-administrative users.
Box 2: A User Administrator can con gure other attributes such as the Manager attribute of non-administrative users.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles



HOTSPOT (Drag and Drop is not supported)
Your company has offices in several cities and 100,000 users.
The network contains an Active Directory domain named contoso.com.
You purchase Microsoft 365 and plan to deploy several Microsoft 365 services. You are evaluating the implementation of pass-through authentication and seamless SSO. Azure AD Connect will NOT be in staging mode.
You need to identify the redundancy limits for the planned implementation.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Azure AD Connect can be active on only one server. You can install Azure AD Connect on another server for redundancy but the additional installation would need to be in Staging mode. An Azure AD connect installation in Staging mode is con gured and ready to go but it needs to be manually switched to Active to perform directory synchronization.
Azure authentication agents can be installed on as many servers as you like.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-quick-start



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
Contoso.com
East.contoso.com
An Azure AD Connect server is deployed to contoso.com. Azure AD Connect syncs to an Azure Active Directory (Azure AD) tenant.
You deploy a new domain named west.contoso.com to the forest.
You need to ensure that west.contoso.com syncs to the Azure AD tenant.
Solution: You create an Azure DNS zone for west.contoso.com. On the on-premises DNS servers, you create a conditional forwarder for west.contoso.com.
Does this meet the goal?

  1. Yes
  2. No

Answer(s): B



HOTSPOT (Drag and Drop is not supported)
Your company has a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.



The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts. External collaboration settings have default con guration.
You need to identify which users can perform the following administrative tasks:
Create guest user accounts
Add User3 to Admin1
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



A User Administrator is the only role listed that can create user accounts included Guest user accounts. A Global Administrator can also create user accounts.
A User Administrator is also the only role listed that can modify the group membership of users.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles






Post your Comments and Discuss Microsoft MS-100 exam with other Community members: