Download Microsoft 365 Administrator.MS-102.PassLeader.2024-10-18.104q.vcex

Vendor: Microsoft
Exam Code: MS-102
Exam Name: Microsoft 365 Administrator
Date: Oct 18, 2024
File Size: 10 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
Your company has a Microsoft 365 subscription. 
You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license. 
What should you use? 
  1. Active users in the Microsoft 365 admin center 
  2. Reports in Microsoft Purview compliance portal 
  3. the Licenses blade in the Azure portal 
  4. Reports in the Microsoft 365 admin center  
Correct answer: C
Explanation:
In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. From there you need to click on the 'Managed your purchased licenses link'. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the 'Assignment Paths' column, it will say 'Direct' for a license that has been assigned directly to a user or 'Inherited (Group Name)' for a license that has been assigned through a group. Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-groups-assign 
In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. 
From there you need to click on the 'Managed your purchased licenses link'. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the 'Assignment Paths' column, it will say 'Direct' for a license that has been assigned directly to a user or 'Inherited (Group Name)' for a license that has been assigned through a group. 
Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-groups-assign 
Question 2
You have a Microsoft 365 subscription that contains the users shown in the following table. 
 
 
  
You need to configure group-based licensing to meet the following requirements:  
  • To all users, deploy an Office 365 E3 license without the Power Automate license option. 
  • To all users, deploy an Enterprise Mobility + Security E5 license. 
  • To the users in the research department only, deploy a Power BI Pro license. 
  • To the users in the marketing department only, deploy a Visio Plan 2 license.  
What is the minimum number of deployment groups required? 
  1.  
Correct answer: C
Explanation:
3 groups needed : Group 1: Allusers (deploy EMS+S E5 licence and O365 E3 licence with "PowerAutomate for Office 365" disabled. group 2: "Research group" : deploy Power Bi Pro Licence (not included in O365 E3 but in O365 E5). Group 3: "Marketing group" deploy Visio plan 2 Licence. 
3 groups needed : 
  • Group 1: Allusers (deploy EMS+S E5 licence and O365 E3 licence with "PowerAutomate for Office 365" disabled. 
  • group 2: "Research group" : deploy Power Bi Pro Licence (not included in O365 E3 but in O365 E5). 
  • Group 3: "Marketing group" deploy Visio plan 2 Licence. 
Question 3
Your network contains an Active Directory forest named contoso.local. 
You purchase a Microsoft 365 subscription. 
You plan to move to Microsoft 365 and to implement a hybrid deployment solution for the next 12 months. 
You need to prepare for the planned move to Microsoft 365. 
What is the best action to perform before you implement directory synchronization? More than one answer choice may achieve the goal. Select the BEST answer. 
 
  1. Purchase a third-party X.509 certificate. 
  2. Create an external forest trust. 
  3. Rename the Active Directory forest. 
  4. Purchase a custom domain name.  
Correct answer: D
Explanation:
The best action to take before implementing directory synchronization for a hybrid deployment with Microsoft 365 would be to purchase a custom domain name. When you set up Microsoft 365, you're prompted to provide your domain name. This domain should match the domain you use within your on-premises Active Directory environment to ensure a seamless user experience and email delivery. 
The best action to take before implementing directory synchronization for a hybrid deployment with Microsoft 365 would be to purchase a custom domain name. When you set up Microsoft 365, you're prompted to provide your domain name. This domain should match the domain you use within your on-premises Active Directory environment to ensure a seamless user experience and email delivery. 
Question 4
You have a Microsoft 365 subscription. 
You configure a new Azure AD enterprise application named App1. App1 requires that a user be assigned the Reports Reader role. 
Which type of group should you use to assign the Reports Reader role and to access App1?
  1. a Microsoft 365 group that has assigned membership 
  2. a Microsoft 365 group that has dynamic user membership 
  3. a security group that has assigned membership 
  4. a security group that has dynamic user membership  
Correct answer: C
Explanation:
You can not assign Azure AD roles to dynamic groups. And you don't need a mailbox/sharepoint/etc, so it is not a 365 group. 
You can not assign Azure AD roles to dynamic groups. And you don't need a mailbox/sharepoint/etc, so it is not a 365 group. 
Question 5
ave a new Microsoft 365 E5 tenant. 
You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected. 
What should you do first? 
 
  1. Enable auditing. 
  2. Enable Microsoft 365 usage analytics. 
  3. Create an Insider risk management policy. 
  4. Create a communication compliance policy.  
Correct answer: A
Explanation:
In order to monitor and get alerted on specific activities such as elevation of administrative privileges, auditing needs to be enabled in your Microsoft 365 environment. Auditing will record events such as changes in permissions and other administrative activities, which can then be monitored through alert policies to notify administrators when specific events occur. 
In order to monitor and get alerted on specific activities such as elevation of administrative privileges, auditing needs to be enabled in your Microsoft 365 environment. Auditing will record events such as changes in permissions and other administrative activities, which can then be monitored through alert policies to notify administrators when specific events occur. 
Question 6
You have a Microsoft 365 E5 subscription that contains a user named User1. 
User1 exceeds the default daily limit of allowed email messages and is on the Restricted entities list. 
You need to remove User1 from the Restricted entities list. 
What should you use? 
  1. the Exchange admin center 
  2. the Microsoft Purview compliance portal 
  3. the Microsoft 365 admin center 
  4. the Microsoft 365 Defender portal 
  5. the Microsoft Entra admin center  
Correct answer: D
Explanation:
Remove a user from the Restricted entities page in the Microsoft 365 Defender portal In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & collaboration > Review > Restricted entities. Or, to go directly to the Restricted entities page, use https://security.microsoft.com/restrictedentities. https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam?view=o365-worldwide 
Remove a user from the Restricted entities page in the Microsoft 365 Defender portal 
In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & collaboration > Review > Restricted entities. Or, to go directly to the Restricted entities page, use https://security.microsoft.com/restrictedentities
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam?view=o365-worldwide 
Question 7
You have a Microsoft 365 E5 subscription. 
You need to compare the current Safe Links configuration to the Microsoft recommended configurations. 
What should you use? 
  1. Microsoft Purview 
  2. Azure AD Identity Protection 
  3. Microsoft Secure Score 
  4. the configuration analyzer  
Correct answer: D
Explanation:
The goal of the configuration analyzer is to compare Exchange Online Protection policies (aka Threat Policies) currently configured with MS recommendations. There is two tabs named "Standard recommendations" & "Strict recommendations" that give the gap between current configuration & MS recommendations. https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies?view=o365-worldwide#use-the-configuration-analyzer-in-the-microsoft-365-defender-portal 
The goal of the configuration analyzer is to compare Exchange Online Protection policies (aka Threat Policies) currently configured with MS recommendations. 
There is two tabs named "Standard recommendations" & "Strict recommendations" that give the gap between current configuration & MS recommendations. 
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies?view=o365-worldwide#use-the-configuration-analyzer-in-the-microsoft-365-defender-portal 
Question 8
You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365. 
You need to ensure that users are prevented from opening or downloading malicious files from Microsoft Teams, OneDrive, or SharePoint Online. 
What should you do? 
  1. Create a new Anti-malware policy. 
  2. Configure the Safe Links global settings. 
  3. Create a new Anti-phishing policy. 
  4. Configure the Safe Attachments global settings.  
Correct answer: D
Explanation:
Microsoft Defender for Office 365 includes a feature known as Safe Attachments, which checks to see if email attachments or web downloads are malicious. When configured, Safe Attachments can scan and take action on potentially malicious files not only in email attachments but also in documents in SharePoint, OneDrive, and Microsoft Teams. 
Microsoft Defender for Office 365 includes a feature known as Safe Attachments, which checks to see if email attachments or web downloads are malicious. When configured, Safe Attachments can scan and take action on potentially malicious files not only in email attachments but also in documents in SharePoint, OneDrive, and Microsoft Teams. 
Question 9
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table. 
 
 
  
You configure Azure AD Connect to sync contoso.com to Azure AD. 
Which objects will sync to Azure AD? 
  1. Group1 only 
  2. User1 and User2 only 
  3. Group1 and User1 only 
  4. Group1, User1, and User2  
Correct answer: D
Explanation:
Global security groups from your on-premises AD are synchronized to Azure AD, and they retain their membership and other attributes during the synchronization process. This means that if you have global security groups defined in your on-premises AD and these groups contain users or other groups, the membership information will be replicated to Azure AD. Disabled user accounts are also synchronized: https://learn.microsoft.com/en-us/answers/questions/233667/will-azure-ad-connect-sync-disabled-user-accounts 
Global security groups from your on-premises AD are synchronized to Azure AD, and they retain their membership and other attributes during the synchronization process. This means that if you have global security groups defined in your on-premises AD and these groups contain users or other groups, the membership information will be replicated to Azure AD. 
Disabled user accounts are also synchronized: https://learn.microsoft.com/en-us/answers/questions/233667/will-azure-ad-connect-sync-disabled-user-accounts 
Question 10
You have a Microsoft 365 E5 subscription. 
You need to create Conditional Access policies to meet the following requirements:  
  • All users must use multi-factor authentication (MFA) when they sign in from outside the corporate network. 
  • Users must only be able to sign in from outside the corporate network if the sign-in originates from a compliant device. 
  • All users must be blocked from signing in from outside the United States and Canada. 
  • Only users in the R&D department must be blocked from signing in from both Android and iOS devices. 
  • Only users in the finance department must be able to sign in to an Azure AD enterprise application named App1. All other users must be blocked from signing in to App1.  
What is the minimum number of Conditional Access policies you should create? 
 
  1.  
Correct answer: B
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!