MS-100 Online Practice Questions and Answers

SIMULATION

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality

(e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are

able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:[email protected]

Microsoft 365 Password: *yfLo7Ir2andy-

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 10811525

You plan to migrate data from an on-premises email system to your Microsoft 365 tenant.

You need to ensure that Debra Berger can import a PST file.

A. See explanation below.

DRAG DROP

Your on-premises network hosts an app named App1.

You have a hybrid Microsoft 365 environment that contains 100 users. The users are assigned Microsoft 36S E5 licenses.

You need to enable Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for App1

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the connect order.

Select and Place:

HOTSPOT

You have a Microsoft 365 subscription.

You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled devices enrolled on mobile device management (MDM).

What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 Enterprise E5 subscription.

You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.

You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.

Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.

Hot Area:

SIMULATION

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.

When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality

(e.g., copy and paste, ability to navigate to external websites) will not be possible by design.

Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.

Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are

able to complete the lab(s) and all other sections of the exam in the time provided.

Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.

You may now click next to proceed to the lab.

Lab information

Use the following login credentials as needed:

To enter your username, place your cursor in the Sign in box and click on the username below.

To enter your password, place your cursor in the Enter password box and click on the password below.

Microsoft 365 Username:[email protected]

Microsoft 365 Password: *yfLo7Ir2andy-

If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.

The following information is for technical support purposes only:

Lab Instance: 10811525

Your organization recently implemented a new data retention policy. The policy requires that all files stored in an employee's Microsoft OneDrive folders be retained for 60 days after the employee is terminated from the organization.

The human resources (HR) department of the organization deletes the user accounts of all terminated employees.

You need to ensure that the organization meets the requirements of the data retention policy.

A. See explanation below.

Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

Group2 is a member of Group1.

You assign a Microsoft Office 365 Enterprise E3 license to Group1.

You need to identity how many Office 365 E3 licenses are assigned.

What should you identify?

A. 1

B. 2

C. 3

D. 4

You have a Microsoft 365 subscription.

You need to add additional onmicrosoft.com domains to the subscription. The additional domains must be assignable as email addresses for users.

What is the maximum number of onmicrosoft.com domains the subscription can contain?

A. 1

B. 2

C. 5

D. 10

You have a Microsoft 365 E5 subscription.

Users access Microsoft 365 from both their laptop and a corporate Virtual Desktop infrastructure (VCH) solution.

From Azure AD Identity Protection, you enable a sign-in risk policy.

Users report that when they use the VDI solution, they are regularly blocked when they attempt to access Microsoft 365.

What should you configure?

A. the Microsoft 365 network connectivity settings

B. a Conditional Access policy exclusion

C. the Tenant restrictions settings in Azure AD

D. trusted location

From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.)

You need to reduce the likelihood that the sign-ins are identified as risky. What should you do?

A. From the Security and Compliance admin center, add the users to the Security Readers role group.

B. From the Conditional access blade in the Azure Active Directory admin center, create named locations.

C. From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.

D. From the Security and Compliance admin center, create a classification label.

You have a Microsoft 365 subscription.

Your company purchases a new financial application named App1.

From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered apps page and discover that many applications have a low score because they are missing information about domain registration and consumer popularity.

You need to prevent the missing information from affecting the score.

What should you configure from the Cloud Discover settings?

A. App tags

B. Score metrics

C. Organization details

D. Default behavior

Your network contains a single Active Directory domain and two Microsoft Azure Active Directory (Azure AD) tenants.

You plan to implement directory synchronization for both Azure AD tenants. Each tenant will contain some of the Active Directory users.

You need to recommend a solution for the planned directory synchronization.

What should you include in the recommendation?

A. Deploy two servers that run Azure AD Connect, and then filter the users for each tenant by using organizational unit (OU)-based filtering.

B. Deploy two servers that run Azure AD Connect, and then filter the users for each tenant by using domain-based filtering

C. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using organizational unit (OU)-based filtering.

D. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using domain-based filtering.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has 3,000 users. All the users are assigned Microsoft 365 E3 licenses.

Some users are assigned licenses for all Microsoft 365 services. Other users are assigned licenses for only certain Microsoft 365 services.

You need to determine whether a user named User1 is licensed for Exchange Online only.

Solution: You run the Get-MsolUser cmdlet.

Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 tenant that contains a Microsoft Power Platform environment.

You need to ensure that only specific users can create new environments.

What should you do in the Power Platform admin center?

A. From Data policies, create a new data policy.

B. From Data integration, create a new connection set.

C. From Power Platform settings, modify the Governance settings for the environment.

D. From Environments, modify the behaviour settings for the default environment.

You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You plan to import the Microsoft Power Platform Center of Excellence (CoE) Starter Kit You need to configure the HTTP with Azure AD connection. Which base resource URL should you use?

A. https://graph.microsoft.com

B. https://login.microsoftonline.com/contoso.onmicrosoft.com

C. https://contoso.onmicrosoft.com

D. https://login.Microsoftonlinc.com/common/v2.0/oauth2/token

You have a Microsoft 365 E5 subscription.

Users have Android or iOS devices and access Microsoft 365 resources from computers that run Windows 11 or MacOS.

You need to implement passwordless authentication. The solution must support all the devices.

Which authentication method should you use?

A. Windows Hello

B. Microsoft Authenticator app

C. FIDO2 compliant security keys