Provide Microsoft MS-100 Dumps Updated Apr 16, 2023 With 395 QA's [Q47-Q71]

Provide Microsoft MS-100 Dumps Updated Apr 16, 2023 With 395 QA's

Latest MS-100 Dumps for Success in Actual Microsoft Certified

NEW QUESTION 47
Your network contains a single Active Directory domain and two Microsoft Azure Active Directory (Azure AD) tenants.
You plan to implement directory synchronization for both Azure AD tenants. Each tenant will contain some of the Active Directory users.
You need to recommend a solution for the planned directory synchronization.
What should you include in the recommendation?

• A. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using organizational unit (OU)-based filtering.
• B. Deploy two servers that run Azure AD Connect, and then filter the users for each tenant by using organizational unit (OU)-based filtering.
• C. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using domain- based filtering.
• D. Deploy one server that runs Azure AD Connect, and then specify two sync groups.

Answer: B

Explanation:
There's a 1:1 relationship between an Azure AD Connect sync server and an Azure AD tenant. For each Azure AD tenant, you need one Azure AD Connect sync server installation.
Therefore, we need to deploy two servers that run Azure AD Connect for the two Azure AD tenants.
Each user account can only be synchronized to one Azure AD tenant. Therefore, we need a way of splitting the users between the two Azure AD tenants. Azure AD Connect offers three ways to filter which users get synchronized to an Azure AD tenant. You can use domain-based filtering if you have multiple domains in a forest, attribute-based filtering or OU-based filtering.
Note:
Other incorrect answers for this question include:
1. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using attribute- based filtering.
2. Deploy one server that runs Azure AD Connect, and then specify two sync groups.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-azure-ad- tenants
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering

 

NEW QUESTION 48
You have a Microsoft 365 subscription that uses a default domain named litwareinc.com. The subscription has a Microsoft SharePoint site collection named Collection1.
From the Azure Active Directory admin center, you configure the External collaboration settings as shown in the External Collaboration Settings exhibit. (Click the External Collaboration Settings tab.)

From the SharePoint admin center, you configure the sharing settings as shown in the SharePoint Sharing exhibit. (Click the SharePoint Sharing tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Yes
In the first exhibit, "Allow invitations to be sent to any domain (most inclusive) is enabled". Also, everyone is allowed to 'invite'. The Target Domains setting will have no effect. This would only apply if one of the Allow/Deny invitations to the specified domain options were selected.
There is a restriction that blocks invitations being sent to contoso.com. However, this restriction does not apply to Fabrikam.com. Therefore, you can share the files in Collection1 to [email protected].
Box 2: Yes
As noted above, external sharing is enabled for any domain except contoso.com. The Target Domains setting in the first exhibit will have no effect. Therefore, you can share Collection1 to [email protected].
Box 3: Yes
As noted above, external sharing is enabled for any domain except contoso.com. Blocking sharing to contoso.com does not block sharing to us.contoso.com. Therefore, you can share Collection1 to [email protected].
Reference:
https://docs.microsoft.com/en-us/sharepoint/turn-external-sharing-on-or-off

 

NEW QUESTION 49
You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company.
You prepare the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updates-element
https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus

 

NEW QUESTION 50
You need to meet the application requirements for the Office 365 ProPlus applications.
You create an XML files that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 51
Your company has an on premises Microsoft Exchange Server 2016 organization and a Microsoft 365 Enterprise subscription. You plan to migrate mailboxes and groups to Exchange Online.
You start a new migration batch.
Users report *low performance when they use the on premises Exchange Server organization.
You discover that the migration is causing the slow performance.
You need to reduce the impact of the mailbox migration on the end-users.
What should you do?

• A. Create a mail flow rule.
• B. Modify the migration endpoint setting
• C. Create a throttling policy.
• D. Configure back pressure

Answer: B

Explanation:
You can reduce the maximum number of concurrent mailbox migrations.

 

NEW QUESTION 52
Your company has 500 client computers that run Windows 10.
You plan to deploy Microsoft Office 365 ProPlus to all the computers.
You create the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1:
When the installation is complete, all users will be prompted to install several updates.
In the configuration file, the Updates Enabled element is set to True. This means that Office will check for updates after the installation.
The Channel element set to Broad means that all semi-annual channel updates will be installed.
Box 2:
Office 365 ProPlus will be installed only on the computers that run a 64-bit version of Windows 10.
The OfficeClientEdition element defines whether the 32-bit or 64-bit edition of Office 365 ProPlus is downloaded or installed. In the configuration file, it is set to '64'. The 64-bit version will only install on a
64-bit client computer.
Reference:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool

 

NEW QUESTION 53
You have a Microsoft 365 subscription.
You have a group named Support. Users in the Support group frequently send email messages to external users.
The manager of the Support group wants to randomly review messages that contain attachments.
You need to provide the manager with the ability to review messages that contain attachments sent from the Support group users to external users. The manager must have access to only 10 percent of the messages.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/supervision-policies

 

NEW QUESTION 54
You have a Microsoft 365 subscription.
You use the Microsoft Office Deployment tool to install Office 365 ProPlus.
You create a configuration file that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool

 

NEW QUESTION 55
You have a data loss prevention (DLP) policy.
You need to increase the likelihood that the DLP policy will apply to data that contains medical terms from the International Classification of Diseases (ICD-9-CM). The solution must minimize the number of false positives.
Which two settings should you modify? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
https://docs.microsoft.com/en-us/office365/securitycompliance/what-the-sensitive-information-types-look-for#international-classification-of-diseases-icd-9-cm

 

NEW QUESTION 56
You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company.
You prepare the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updat
https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus

 

NEW QUESTION 57
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.

The domain syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

User2 fails to authenticate to Azure AD when signing in as [email protected].
You need to ensure that User2 can access the resources in Azure AD.
Solution: From the on-premises Active Directory domain, you set the UPN suffix for User2 to @contoso.com. You instruct User2 to sign in as [email protected].
Does this meet the goal?

• A. Yes
• B. No

Answer: A

Explanation:
The on-premises Active Directory domain is named contoso.com. You can enable users to sign on using a different UPN (different domain), by adding the domain to Microsoft 365 as a custom domain. Alternatively, you can configure the user account to use the existing domain (contoso.com).

 

NEW QUESTION 58
Which migration solution should you recommend for Project1?

• A. From the Microsoft 365 admin center, start a data migration and click Exchange as the data service.
• B. From the Exchange admin center, start a migration and select Cutover migration.
• C. From the Microsoft 365 admin center, start a data migration and click Upload PST as the data service.
• D. From the Exchange admin center, start a migration and select Staged migration.

Answer: A

Explanation:
Explanation
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Fabrikam does NOT plan to implement identity federation.
All users must be able to exchange email messages successfully during Project1 by using their current email address.
During Project1, some users will have mailboxes in Microsoft 365 and some users will have mailboxes in Exchange on-premises. To enable users to be able to exchange email messages successfully during Project1 by using their current email address, we'll need to configure hybrid Exchange.
A new way to migrate mailboxes in a hybrid Exchange configuration is to use the Microsoft 365 data migration service. The data migration service can migrate Exchange, SharePoint and OneDrive. Therefore, we need to start a data migration and click Reference:
https://docs.microsoft.com/en-us/fasttrack/O365-data-migration
https://docs.microsoft.com/en-us/exchange/hybrid-deployment/move-mailboxes

 

NEW QUESTION 59
Your company recently purchased a Microsoft 365 subscription.
You enable Microsoft Azure Multi-Factor Authentication (MFA) for all 500 users in the Azure Active Directory (Azure AD) tenant.
You need to generate a report that lists all the users who completed the Azure MFA registration process.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

• A. From the Azure Active Directory admin center, use Risky sign-ins blade.
• B. From Azure Cloud Shell, run the Get-AzureADUsercmdlet.
• C. From Azure Cloud Shell, run the Get-MsolUsercmdlet.
• D. From the Azure Active Directory admin center, use the Multi-Factor Authentication - Server Status blade.

Answer: C

Explanation:
You can use the Get-MsolUsercmdlet to generate a report that lists all the users who completed the Azure MFA registration process. The full command would look like this:
Get-MsolUser -All | Where-Object {$_.StrongAuthenticationMethods.Count -eq 0} | Select-Object -Property UserPrincipalName Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

 

NEW QUESTION 60
You need to recommend which DNS record must be created before adding a domain name for the project.
You need to recommend which DNS record must be created before you begin the project.
Which DNS record should you recommend?

• A. mail exchanger (MX)
• B. alias (CNAME)
• C. host information (HINFO)
• D. host (A)

Answer: A

Explanation:
Explanation
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
Reference:
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-

 

NEW QUESTION 61
You have an Active Directory domain named Adatum.com that is synchronized to Azure Active Directory as shown in the exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Group Writeback is enabled in the Azure AD Connect configuration so groups created in Azure Active Directory will be synchronized to the on-premise Active Directory. A security group created in Azure Active Directory will be synchronized to the on-premise Active Directory as a security group.
Device Writeback is enabled in the Azure AD Connect configuration so computers joined to the Azure Active Directory will be synchronized to the on-premise Active Directory. They will sync to the RegisteredDevices container in the on-premise Active Directory.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback

 

NEW QUESTION 62
You need to Add the custom domain name* to Office 36S K> support the planned changes as quickly as possible.
What should you create to verify the domain names successfully?

• A. three text (TXT) record
• B. one text (TXT) record
• C. three alias (CNAME) record
• D. one alias (CNAME) record

Answer: A

Explanation:
Contoso plans to provide email addresses for all the users in the following domains:
East.adatum.com
Contoso.adatum.com
Humongousinsurance.com
To verify three domain names, you need to add three TXT records.
Reference:
https://docs.microsoft.com/en-us/office365/admin/setup/add-domain?view=o365-worldwide

 

NEW QUESTION 63
Your on-permission network contains the web application shown in the following table.

You purchase Microsoft 365, and the implement directory synchronization.
You plan to publish the web applications.
You need to ensure that all the applications are accessible by using the My Apps portal. The solution must minimize administrative effort.
What should you do first?

• A. Deploy one Application Proxy connector.
• B. Deploy one conditional access policy.
• C. Create four application registrations.
• D. Create a site-to-site VPN from Microsoft Azure to the on-premises network.

Answer: A

Explanation:
The Application Proxy connector is what connects the on-premises environment to the Azure Application Proxy.
Application Proxy is a feature of Azure AD that enables users to access on-premises web applications from a remote client. Application Proxy includes both the Application Proxy service which runs in the cloud, and the Application Proxy connector which runs on an on-premises server. Azure AD, the Application Proxy service, and the Application Proxy connector work together to securely pass the user sign-on token from Azure AD to the web application.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-connectors

 

NEW QUESTION 64
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
* Users passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
This solution meets the following requirement:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. (this is because the authentication is performed by Azure Active Directory).
This solution does not meet the following requirement:
* Users passwords must be 10 characters or more.
To meet this requirement, you would need to configure the Default Domain Policy in the on-premise Active Directory.
Azure Password Protection can prevent users from using passwords from a 'banned password' list but it cannot be configured to require that passwords must be 10 characters or more.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization

 

NEW QUESTION 65
You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company.
You prepare the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updates-element
https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus

 

NEW QUESTION 66
You have several devices enrolled in Microsoft Intune.
You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown in the following table.

The device type restrictions in Intune are configured as shown in the following table.

You add User3 as a device enrollment manager in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/intune/enrollment/enrollment-restrictions-set

 

NEW QUESTION 67
You need to meet the technical requirements for the user licenses.
Which two properties should you configure for each user? To answer, select the appropriate properties in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Topic 1, Fabrikam, Inc
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answer and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Overview Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.
Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication.
Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of [email protected].
Fabrikam does NOT plan to implement identity federation.
Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as a DNS server.
The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements
Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
* Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
* Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.
Technical Requirements
Fabrikam identifies the following technical requirements:
* All users must be able to exchange email messages successfully during Project1 by using their current email address.
* Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
* A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.
* Microsoft Office 365 ProPlus applications must be installed from a network share only.
* Disruptions to email address must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
* An on-premises web application named App1 must allow users to complete their expense reports online.
* The installation of feature updates for Office 365 ProPlus must be minimized.
Security Requirements
Fabrikam identifies the following security requirements:
* After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
* The memberships of UserLicenses must be validated monthly. Unused user accounts must be removed from the group automatically.
* After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
* The principle of least privilege must be used.

 

NEW QUESTION 68
You have a Microsoft 365 Enterprise E5 subscription.
You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.
You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.
Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Conditional-Access-now-in-the-new-Azure-portal/ba-p/250060

 

NEW QUESTION 69
Your company has an Azure Active Directory (Azure AD) tenant named contoso.com and a Microsoft 365 subscription.
Contoso.com contains the users shown in the following table.

You add an enterprise application named App1 to contoso.com.
You configure the following self-service settings for App1:
Allow users to request access to this application is set to Yes.
To which group should assigned users be added is set to Group1.
Who is allowed to approve access to this application is set to User2.
Require approval before granting access to this application is set to Yes.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-access

 

NEW QUESTION 70
Your company has a hybrid deployment of Microsoft 365.
An on-premises user named User1 is synced to Microsoft Azure Active Directory (Azure AD).
Azure AD Connect is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

 

NEW QUESTION 71
......

Who Can Opt for This Assessment?

This exam is designed for the Microsoft 365 Enterprise administrators who participate in planning, deploying, migrating, managing, and evaluating Microsoft 365 services. They also carry out Microsoft 365 tenant management tasks for the enterprise, such as their identities, compliance, security, and supporting technologies.

 

Changing the Concept of MS-100 Exam Preparation 2023: https://passcollection.actual4labs.com/Microsoft/MS-100-actual-exam-dumps.html