MS-100 : Microsoft 365 Identity and Services : Part 03

MS-100 : Microsoft 365 Identity and Services : Part 03

1. You have been tasked with migrating your company’s on-premises Microsoft Exchange Server 2013 organization to Microsoft 365.

   You plan to make use of the cutover migration method.

   Which of the following is the maximum recommended number of mailboxes that you should migrate?

   • 2000
   • 1000
   • 150
   • 75

2. You have recently created a Microsoft 365 Enterprise subscription and assigned all users licenses for all products.

   You want to configure all Microsoft Office 365 ProPlus installations to be done via a network share. You also want to make sure that users are prevented from using the Internet to install Office 365 ProPlus.

   Which of the following is the type of file that you should create?

   NOTE: Each correct selection is worth one point.

   • An HTML download file.
   • An XML download file.
   • An HTTP download file.
   • An EXE download file.

3. You have recently created a Microsoft 365 subscription.

   You have prepared an XML file for the upcoming Microsoft Office 365 ProPlus deployment.

   The Channel attribute for the OfficeClientEdition attribute is set to Broad, while the Channel attribute for the Updates element is set to Targeted.

   Which of the following the following is the frequency with which the installation of Office 365 ProPlus feature updates will occur?

   • Weekly.
   • Monthly
   • Six monthly
   • Annually

4. You have recently created a Microsoft 365 subscription.

   You have prepared an XML file for the upcoming Microsoft Office 365 ProPlus deployment.

   The Channel attribute for the OfficeClientEdition attribute is set to Broad, while the Channel attribute for the Updates element is set to Targeted.

   Which of the following the following are the months of the year that security updates will be installed?

   • January and July.
   • March and September
   • June and December
   • April and October

5. Your company’s network contains two Active Directory forests, with two domains configured per forest. All workstations are domain-joined and have Windows 10 installed.

   You have created a Microsoft Azure Active Directory (Azure AD) tenant in preparation for configuring Hybrid Azure AD join for the workstations.

   You want to make sure that the tenant can be discovered by the workstations.

   Which of the following should you create in each forest?

   • A migration endpoint.
   • A new conditional access policy.
   • A new trust relationship.
   • A new service connection point (SCP).

6. After your company acquires a Microsoft 365 subscription, they instruct you to move all email data from their corporate Gmail to Microsoft Exchange Online.

   The migration will be done via the Exchange admin center.

   Which of the following is the migration method you should use?

   • Exchange Hybrid
   • IMAP migration
   • Cutover
   • Express migration

7. After your company acquires a Microsoft 365 subscription, they instruct you to move all email data from their corporate Gmail to Microsoft Exchange Online.

   The migration will be done via the Exchange admin center.

   Which of the following is TRUE with regards to the data included in the migration?

   • All data will be migrated.
   • Only email data will be migrated.
   • Email and task data will be migrated.
   • Email and contact data will be migrated.

8. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

   After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

   Your company has a Microsoft Office 365 tenant.

   You suspect that several Office 365 features were recently updated.

   You need to view a list of the features that were recently updated in the tenant.

   Solution: You use the View service requests option in the Microsoft 365 admin center.

   Does this meet the goal?

   • Yes
   • No

   Explanation:

   A service request is a support ticket. Therefore, the View service requests option in the Microsoft 365 admin center displays a list of support tickets. It does not display a list of the features that were recently updated in the tenant so this solution does not meet the goal.

   To meet the goal, you need to use Message center in the Microsoft 365 admin center.

9. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

   After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

   Your company has a Microsoft Office 365 tenant.

   You suspect that several Office 365 features were recently updated.

   You need to view a list of the features that were recently updated in the tenant.

   Solution: You use Dashboard in Security & Compliance.

   Does this meet the goal?

   • Yes
   • No
   Explanation:

   Depending on what your organization’s Office 365 subscription includes, the Dashboard in Security & Compliance includes several widgets, such as Threat Management Summary, Threat Protection Status, Global Weekly Threat Detections, Malware, etc. It does not display a list of the features that were recently updated in the tenant so this solution does not meet the goal.

   To meet the goal, you need to use Message center in the Microsoft 365 admin center.

10. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your company has a Microsoft Office 365 tenant.

    You suspect that several Office 365 features were recently updated.

    You need to view a list of the features that were recently updated in the tenant.

    Solution: You use Message center in the Microsoft 365 admin center.

    Does this meet the goal?

    • Yes
    • No
    Explanation:
    The Message center in the Microsoft 365 admin center is where you would go to view a list of the features that were recently updated in the tenant. This is where Microsoft posts official messages with information including new and changed features, planned maintenance, or other important announcements.

11. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your company has a Microsoft Office 365 tenant.

    You suspect that several Office 365 features were recently updated.

    You need to view a list of the features that were recently updated in the tenant.

    Solution: You review the Security & Compliance report in the Microsoft 365 admin center.

    Does this meet the goal?

    • Yes
    • No
    Explanation:

    The Security & Compliance reports in the Microsoft 365 admin center are reports regarding security and compliance for your Office 365 Services. For example, email usage reports, Data Loss Prevention reports etc. They do not display a list of the features that were recently updated in the tenant so this solution does not meet the goal.

    To meet the goal, you need to use Message center in the Microsoft 365 admin center.

12. You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase.

    You want the members of two groups named IT and Managers to be able to use the features shown in the following table.

    

    The IT group contains 50 users. The Managers group contains 200 users.

    You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs.

    Which licenses should you recommend?

    • 250 Microsoft 365 E3 only
    • 50 Microsoft 365 E3 and 200 Microsoft 365 E5
    • 250 Microsoft 365 E5 only
    • 200 Microsoft 365 E3 and 50 Microsoft 365 E5
    Explanation:
    Microsoft Azure Active Directory Privileged Identity Management requires an Azure AD Premium P2 license. This license comes as part of the Microsoft 365 E5 license. Therefore, we need 50 Microsoft 365 E5 licenses for the IT group.
    Conditional Access requires the Azure AD Premium P1 license. This comes as part of the Microsoft E3 license. Therefore, we need 200 Microsoft 365 E3 licenses for the Managers group.

13. You have a Microsoft 365 tenant that contains Microsoft Exchange Online.

    You plan to enable calendar sharing with a partner organization named adatum.com. The partner organization also has a Microsoft 365 tenant.

    You need to ensure that the calendar of every user is available to the users in adatum.com immediately.

    What should you do?

    • From the Exchange admin center, create a sharing policy.
    • From the Exchange admin center, create a new organization relationship.
    • From the Microsoft 365 admin center, modify the Organization profile settings.
    • From the Microsoft 365 admin center, configure external site sharing.
    Explanation:
    You need to set up an organization relationship to share calendar information with an external business partner. Office 365 admins can set up an organization relationship with another Office 365 organization or with an Exchange on-premises organization.

14. DRAG DROP

    Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

    You purchase a domain named contoso.com from a registrar and add all the required DNS records.

    You create a user account named User1. User1 is configured to sign in as [email protected].

    You need to configure User1 to sign in as [email protected].

    Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

    

    

    Explanation:

    The first step is to add the contoso.com domain to Office 365. You do this by adding a custom domain. When you add a custom domain to office 365, you can use the domain as your email address or to sign in to Office 365.

    The second step is to verify the custom domain. This is to prove that you own the domain. You can verify the custom domain by adding a DNS record to the domain DNS zone.

    When you have added and verified the domain, you can configure the user accounts to use it. To configure User1 to sign in as [email protected], you need to change the username of User1. In Office 365, the username is composed of two parts. The first part is the actual username (User1) and the second part is the domain. You need to modify the username of User1 by selecting the contoso.com domain from the dropdown list of domains. The dropdown list of domains contains the <domain>.onmicrosoft.com domain and any custom domains that have been added.

15. Your company has an on-premises Microsoft Exchange Server 2016 organization and a Microsoft 365 Enterprise subscription.

    You plan to migrate mailboxes and groups to Exchange Online.

    You start a new migration batch.

    Users report slow performance when they use the on-premises Exchange Server organization.

    You discover that the migration is causing the slow performance.

    You need to reduce the impact of the mailbox migration on the end-users.

    What should you do?

    • Create a mail flow rule.
    • Configure back pressure.
    • Modify the migration endpoint settings.
    • Create a throttling policy.
    Explanation:
    The migration is causing the slow performance. This suggests that the on-premise Exchange server is struggling under the load of copying the mailboxes to Exchange Online. You can reduce the load on the on-premise server by reducing the maximum number of concurrent mailbox migrations. Migrating just a few mailboxes at a time will have less of a performance impact than migrating many mailboxes concurrently.

16. You have a Microsoft 365 subscription.

    You need to prevent phishing email messages from being delivered to your organization.

    What should you do?

    • From the Exchange admin center, create an anti-malware policy.
    • From the Security & Compliance admin center, create a DLP policy.
    • From the Security & Compliance admin center, create a new threat management policy.
    • From the Exchange admin center, create a spam filter policy.
    Explanation:

    Anti-phishing protection is part of Office 365 Advanced Threat Protection (ATP). To prevent phishing email messages from being delivered to your organization, you need to configure a threat management policy.

    ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 Enterprise, Microsoft 365 Business, Office 365 Enterprise E5, Office 365 Education A5, etc.

17. Your company has a Microsoft 365 subscription. All identities are managed in the cloud.

    The company purchases a new domain name.

    You need to ensure that all new mailboxes use the new domain as their primary email address.

    What are two possible ways to achieve the goal? Each correct answer presents a complete solution.

    NOTE: Each correct selection is worth one point.

    • Run the Update-EmailAddressPolicy Windows PowerShell command
    • From the Exchange admin center, select mail flow, and then configure the email address policies.
    • From the Microsoft 365 admin center, select Setup, and then configure the domains.
    • Run the Set-EmailAddressPolicy Windows PowerShell command.
    • From the Azure Active Directory admin center, configure the custom domain names.
    Explanation:

    Email address policies define the rules that create email addresses for recipients in your Exchange organization whether this is Exchange on-premise or Exchange online.

    You can configure email address policies using the graphical interface of the Exchange Admin Center or by using PowerShell with the Set-EmailAddressPolicy cmdlet.

    The Set-EmailAddressPolicy cmdlet is used to modify an email address policy. The Update-EmailAddressPolicy cmdlet is used to apply an email address policy to users.

18. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.

    

    Group2 is a member of Group1.

    You assign a Microsoft Office 365 Enterprise E3 license to Group1.

    How many Office 365 E3 licenses are assigned?

    • 1
    • 2
    • 3
    • 4
    Explanation:

    Group-based licensing currently does not support groups that contain other groups (nested groups). If you apply a license to a nested group, only the immediate first-level user members of the group have the licenses applied. Therefore, User2 will not be assigned a license.

    When Azure AD assigns group licenses, any users without a specified usage location inherit the location of the directory. Therefore, User3 will be assigned a license and his usage location will be set to the location of the directory.

19. You have a Microsoft 365 subscription.

    A new corporate security policy states that you must automatically send DLP incident reports to the users in the legal department.

    You need to schedule the email delivery of the reports. The solution must ensure that the reports are sent as frequently as possible.

    How frequently can you schedule the delivery of the reports?

    • hourly
    • monthly
    • weekly
    • daily
    Explanation:
    From the Dashboard in the Security and Compliance center, you can view various reports including the DLP Incidents report. From there you can configure a schedule to email the reports. In the schedule configuration, there are two choices for the frequency: Weekly or Monthly. Therefore, to ensure that the reports are sent as frequently as possible, you need to select Weekly.

20. Your company has a Microsoft 365 subscription.

    You need to identify all the users in the subscription who are licensed for Microsoft Office 365 through a group membership. The solution must include the name of the group used to assign the license.

    What should you use?

    • the Licenses blade in the Azure portal
    • Reports in the Microsoft 365 admin center
    • Active users in the Microsoft 365 admin center
    • Reports in Security & Compliance admin center
    Explanation:
    In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. From there you need to click on the ‘Managed your purchased licenses link’. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the ‘Assignment Paths’ column, it will say ‘Direct’ for a license that has been assigned directly to a user or ‘Inherited (Group Name)’ for a license that has been assigned through a group.