MS-100 無料問題集「Microsoft 365 Identity and Services」
Your company has a hybrid deployment of Microsoft 36S.
Users authenticate by using pass-through authentication. Several Microsoft Azure AD Connect Authentication Agents are deployed.
You need to verify whether all the Authentication Agents are used for authentication.
What should you do?
Users authenticate by using pass-through authentication. Several Microsoft Azure AD Connect Authentication Agents are deployed.
You need to verify whether all the Authentication Agents are used for authentication.
What should you do?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You need to ensure that Admin4 can use SSPR.
Which tool should you use, and which action should you perform? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Which tool should you use, and which action should you perform? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment
Topic 4, Contoso
Overview
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
Existing Environment
Microsoft 365
Contoso identifies the following business goals:
* Utilize core functionality of apps whenever possible.
* Reduce app development costs.
* Minimize training costs for end users.
Microsoft SharePoint/Microsoft Exchange
Contoso has a Microsoft 365 subscription that uses a domain named contoso.com. Each user is assigned a Microsoft 365 Enterprise E5 licence.
Problem Statement
Contoso moves all email accounts to Microsoft 365.
Contoso migrates the SharePoint Server 2013 intranet sites of the research department to SharePoint Online.
Requirements
Business Goals
Contoso identifies the following issues:
* Users in the sales department report that prepanng quotations is time-consuming as it requires manually copying and pasting data from multiple sources.
* Users in the HR department must use multiple apps to manage the hiring process.
* The solution to claim expenses requires multiple manual steps.
Planned Changes
Contoso identifies the following business goals:
* Utilize core functionality of apps whenever possible.
* Reduce app development costs.
* Minimize training costs for end users.
Technical Requirements
Contoso plans to implement the following changes;
* Redesign the SharePoint Online sites of the research department to provide users with an expenence that is consistent with the Microsoft 365 portal. The research department has a third-party project management solution that uses the Microsoft identity platform in Azure AD.
* Create an email workflow solution for expense claims. Users will submit their expense claims and the system will email an approval request to their manager.
* Implement a bring your own device (BYOD) model that supports Windows 10, macOS, and Android devices.
* Develop a custom Microsoft 365 app named SalesApp for the sales department.
* Develop a custom Microsoft 365 app named HRApp for the HR department
Security Requirement
Contoso identifies the following technical requirements for app development:
* The expense claims solution must provide managers with claim information and the ability to manage the claim by using Microsoft Outlook. Outlook on the web, or Outlook for iOS and Android.
* HRApp must include a bot named HRBot that will answer HR questions. Users must be able to access the bot by mentioning HRBot in a Microsoft Teams channel or private chat.
* HRApp must enable users to query a third-party HR system by using a tab from within a Microsoft Teams channel.
* HRApp must include a messaging extension that enables users to search jobs by job title or job ID.
* SalesApp must be integrated with Microsoft Word and must combine images and text from multiple sources to create a quotation as a DOCX file.
* The distribution of SalesApp must be automatic and require minimal user interaction.
* Solutions for SharePoint Online and Microsoft Office must follow the current Office user interface (Ul) design.
* Development tools and solutions must support Windows and non-Windows devices.
* Development effort must be minimized.
HRApp Manifest
All solutions must support the Microsoft identity platform in Azure AD.
Intranet components must not share access tokens.
You have a Microsoft 365 subscription that contains the users shown in the following table.
You plan to use Exchange Online to manage email for a DNS domain.
An administrator adds the DNS domain to the subscription.
The DNS domain has a status of incomplete setup.
You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.
Which user should you identify?
You plan to use Exchange Online to manage email for a DNS domain.
An administrator adds the DNS domain to the subscription.
The DNS domain has a status of incomplete setup.
You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.
Which user should you identify?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.
You have an on-premises web app named App
You configure an Azure Active Directory (Azure AD) Application Proxy.
You add an Application Proxy entry for AppA as shown the exhibit. (Click the Exhibit tab.)
You assign the AppA enterprise application in Azure to Group2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an on-premises web app named App
You configure an Azure Active Directory (Azure AD) Application Proxy.
You add an Application Proxy entry for AppA as shown the exhibit. (Click the Exhibit tab.)
You assign the AppA enterprise application in Azure to Group2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You use the Service health option in the Microsoft 365 admin center.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Office 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You use the Service health option in the Microsoft 365 admin center.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a Microsoft 365 tenant.
You have a line-of-business application named App1 that users access by using the My Apps portal.
After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.
You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.
What should you do?
You have a line-of-business application named App1 that users access by using the My Apps portal.
After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control.
You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.
What should you do?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You sign up for Microsoft Store for Business.
The tenant contains the users shown in the following table.
Microsoft Store for Business has the following Shopping behavior settings:
Allow users to shop is set to On.
Make everyone a Basic Purchaser is set to Off.
You need to identify which users can install apps from the Microsoft for Business private store.
Which users should you identify?
You sign up for Microsoft Store for Business.
The tenant contains the users shown in the following table.
Microsoft Store for Business has the following Shopping behavior settings:
Allow users to shop is set to On.
Make everyone a Basic Purchaser is set to Off.
You need to identify which users can install apps from the Microsoft for Business private store.
Which users should you identify?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are developing a single-page application (SPA) named App1 that will be used by the public.
Many users of App1 restrict pop-up windows from opening in their browser.
You need to authenticate the users by using the Microsoft identity platform. The solution must meet the following requirements:
* Ensure that App1 can read the profile of a user.
* Minimize user interaction during authentication.
* Prevent App1 from requiting admin consent for any permissions.
How should you complete the code? To answer, select the appropriate options in the answer area.
Many users of App1 restrict pop-up windows from opening in their browser.
You need to authenticate the users by using the Microsoft identity platform. The solution must meet the following requirements:
* Ensure that App1 can read the profile of a user.
* Minimize user interaction during authentication.
* Prevent App1 from requiting admin consent for any permissions.
How should you complete the code? To answer, select the appropriate options in the answer area.
正解:
Your network contains an on-premises Active Directory domain named Contoso.com.
Your company purchases a Microsoft 365 subscription and establishes a hybrid deployment of Azure Directory (Azure AD) by using password hash synchronization.
You create a new user User10 on-premises and a new user named User20 in Azure AD.
You need to identify where an administrator can reset the password of each new user.
What should you identify? To answer select the appropriate option in the answer area.
NOTE: Each correct selection is worth one point.
Your company purchases a Microsoft 365 subscription and establishes a hybrid deployment of Azure Directory (Azure AD) by using password hash synchronization.
You create a new user User10 on-premises and a new user named User20 in Azure AD.
You need to identify where an administrator can reset the password of each new user.
What should you identify? To answer select the appropriate option in the answer area.
NOTE: Each correct selection is worth one point.
正解:
You need to recommend the development environment and tools for the development of SalesApp.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Reference:
https://docs.microsoft.com/en-us/office/dev/add-ins/overview/office-add-ins
https://n8d.at/5-reasons-or-thoughts-on-fluent-ui-web
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected]
Microsoft 365 Password: m3t^We$Z7&xy
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 11440873
You need to ensure that all the users in your organization are prompted to change their password every 60 days. The solution must ensure that the users are reminded that their password must be changed 10 days before the required change.
To answer, sign in to the Microsoft 365 portal.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected]
Microsoft 365 Password: m3t^We$Z7&xy
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 11440873
You need to ensure that all the users in your organization are prompted to change their password every 60 days. The solution must ensure that the users are reminded that their password must be changed 10 days before the required change.
To answer, sign in to the Microsoft 365 portal.
正解:
See explanation below
Explanation:
You need to configure the Password Expiration Policy.
1. Sign in to the Microsoft 365 Admin Center.
2. In the left navigation pane, expand the Settings section then select the Settings option.
3. Click on Security and Privacy.
4. Select the Password Expiration Policy.
5. Ensure that the checkbox labelled "Set user passwords to expire after a number of days" is ticked.
6. Enter 60 in the "Days before passwords expire" field.
7. Enter 10 in the "Days before a user is notified about expiration" field.
8. Click the 'Save changes' button.
Explanation:
You need to configure the Password Expiration Policy.
1. Sign in to the Microsoft 365 Admin Center.
2. In the left navigation pane, expand the Settings section then select the Settings option.
3. Click on Security and Privacy.
4. Select the Password Expiration Policy.
5. Ensure that the checkbox labelled "Set user passwords to expire after a number of days" is ticked.
6. Enter 60 in the "Days before passwords expire" field.
7. Enter 10 in the "Days before a user is notified about expiration" field.
8. Click the 'Save changes' button.
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: oL9z0=?Nq@ox
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 11098651
You need to prevent users in your organization from receiving an email notification when they save a document that contains credit card numbers.
To answer the question, sign in to the Microsoft 365 portal.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password: oL9z0=?Nq@ox
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 11098651
You need to prevent users in your organization from receiving an email notification when they save a document that contains credit card numbers.
To answer the question, sign in to the Microsoft 365 portal.
正解:
See explanation below
Explanation:
You need to edit the Data Loss Prevention Policy to disable the email notifications.
1. Go to https://protection.office.com or navigate to the Security & Compliance admin center.
2. In the left navigation pane, expand Data Loss Protection and select Policy.
3. Select the Data Loss Prevention policy and click the Edit Policy button.
4. Click Policy Settings in the left navigation pane of the policy.
5. Select the policy rule and click the Edit Rule button.
6. Scroll down to the 'User notifications' section.
7. Toggle the slider labelled "Use Notifications to inform users...." to Off.
8. Click Save to save the changes to the policy rule.
9. Click Save to save the changes to the policy.
Explanation:
You need to edit the Data Loss Prevention Policy to disable the email notifications.
1. Go to https://protection.office.com or navigate to the Security & Compliance admin center.
2. In the left navigation pane, expand Data Loss Protection and select Policy.
3. Select the Data Loss Prevention policy and click the Edit Policy button.
4. Click Policy Settings in the left navigation pane of the policy.
5. Select the policy rule and click the Edit Rule button.
6. Scroll down to the 'User notifications' section.
7. Toggle the slider labelled "Use Notifications to inform users...." to Off.
8. Click Save to save the changes to the policy rule.
9. Click Save to save the changes to the policy.
Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
Ensure that users can access Microsoft 365 by using their on-premises credentials.
Use the existing server infrastructure only.
Store all user passwords on-premises only.
Be highly available.
Which authentication strategy should you identify?
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
Ensure that users can access Microsoft 365 by using their on-premises credentials.
Use the existing server infrastructure only.
Store all user passwords on-premises only.
Be highly available.
Which authentication strategy should you identify?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your company has a Microsoft 365 tenant.
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You use Reports from the Microsoft Purview compliance portal.
Does this meet the goal?
You suspect that several Office 365 features were recently updated.
You need to view a list of the features that were recently updated in the tenant.
Solution: You use Reports from the Microsoft Purview compliance portal.
Does this meet the goal?
正解:B
解答を投票する
Your company uses on-premises Windows Server File Classification Infrastructure 9FCI). Some documents on the on-premises file servers are classifies as Confidential.
You migrate the files from the on-premises file servers to Microsoft SharePoint Online.
You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.
What should you do first?
You migrate the files from the on-premises file servers to Microsoft SharePoint Online.
You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.
What should you do first?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices.
You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States.
You plan to onboard all the devices to Windows Defender ATP data in Europe.
What should you do first?
You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States.
You plan to onboard all the devices to Windows Defender ATP data in Europe.
What should you do first?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)