MS-100 Microsoft 365 Identity and Services (beta) - Practice Questions

Question 13 (Mixed Questions)

You are managing a Microsoft 365 subscription for your organization.

Your company has implemented an Active Directory Federation Services (AD FS) solution.

The goal is to configure the environment to enable auditing of AD FS user authentication processes.

Which two actions should you perform to achieve this? Each correct action is part of the solution.

Note: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

○ From all the AD FS servers, run auditpol.exe.
○ From all the domain controllers, run the Set-AdminAuditLogConfig cmdlet and specify the –LogLevel parameter.
○ On a domain controller, install Azure AD Connect Health for AD DS.
○ From the Azure AD Connect server, run the Register-AzureADConnectHealthSyncAgent cmdlet.
○ On an AD FS server, install Azure AD Connect Health for AD FS.

Question 14 (New Update)

Note: This question is part of a series that presents the same scenario. Each question in the series offers a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might have none.

After answering a question in this section, you will NOT be able to return to it, and these questions will not appear in the review screen.

Your company plans to deploy various Microsoft Office 365 services.

You need to design an authentication strategy for the planned deployment that fulfills the following requirements:

Users should be able to authenticate only during business hours.
Authentication requests must be successful if any single server fails.
When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
Users connecting to Office 365 services from domain-joined devices on the internal network must be signed in automatically.

Solution: You design an authentication strategy that includes a pass-through authentication model with two servers having Authentication Agent installed and password hash synchronization configured.

Does this meet the goal?

Select an option, then click Submit answer.

○ Yes
○ No

Question 15 (New Update)

You have a Microsoft 365 E5 subscription that includes Microsoft Teams and SharePoint Online. You create a team and a SharePoint Online site for a new project named Project1. You need to manage access to the team and site while ensuring the following:

Members of Project1 can control access to the team and site.
Only users within the subscription can request access to the team and site.
Access to the team and site is removed after 12 months.
Access is reviewed monthly.

What should you create first?

Select an option, then click Submit answer.

○ a catalog
○ an access review
○ a Conditional Access policy
○ an access package

MS-100 – Microsoft 365 Identity and Services (beta)