MS-100 無料問題集「Microsoft 365 Identity and Services」

You have a backend service that will access the Microsoft Graph API. The backend service is hosted on-premises. You need to configure the service to authenticate by using the most secure authentication method. What should you configure the service to use?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft Office 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
* Users must be able to authenticate during business hours only.
* Authentication requests must be processed successfully if a single server fails.
* When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
* Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that contains a pass-through authentication model. The solution contains two servers that have an Authentication Agent installed and password hash synchronization configured.
Does this meet the goal?

解説: (JPNTest メンバーにのみ表示されます)
You have a Microsoft Power Platform production environment that contains a custom model-driven Microsoft Power Apps app.
How many days will system backups be retained for the environment?

解説: (JPNTest メンバーにのみ表示されます)
You company has a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.

The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts.
You need to identify which users can perform the following administrative tasks:
Create guest user accounts.
Add User3 to Admin1.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:

Reference:
A User Administrator is the only role listed that can create user accounts included Guest user accounts. A Global Administrator can also create user accounts.
A User Administrator is also the only role listed that can modify the group membership of users.
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

Multi-factor authentication (MFA) is configured to use 131.107.50/24 for trusted IPs.
The tenant contains the named locations shown in the following table.

You create a conditional access policy that has the following configurations:
Users and groups assignment: All users
Cloud apps assignment: App1
Conditions: Include all trusted locations
Grant access: require multi-factor authentication
For each of the following statements, select Yes if the statement is true. otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
You have a Microsoft 365 subscription.
You use the Microsoft Office Deployment tool to install Office 365 ProPlus.
You create a configuration file that contains the following settings.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:

Reference:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool
Your network contains an on-premises Active Directory domain named contoso.com.
You have a hybrid Microsoft 365 tenant that uses Microsoft Teams.
You need to ensure that audio, video, and screen sharing is prioritized over other data types across the network.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

正解:A、C 解答を投票する
You have a single-page application (SPA) named TodoListSPA and a server-based web app named TodoUstServKe.
The permissions for the TodoListSPA API are configured as shown in the TodoUstSPA exhibit (Click the TodoUstSPA tab) The permissions for the TodoUstService API are configured as shown m the TodoListService exhibit (Click the TodoUstService tab.) You need to ensure that TodoUstService can access a Microsoft OneDnve file of the signed-in user. The solution must use the principle of least privilege.
Which permission request should you configure?

You have a Microsoft 365 subscription.
You add a domain named contoso.com.
When you attempt to verify the domain, you are prompted to send a verification email to [email protected].
D18912E1457D5D1DDCBD40AB3BF70D5D
You need to change the email address used to verify the domain.
What should you do?

解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role.
From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

解説: (JPNTest メンバーにのみ表示されます)
Your network contains an on-premises Active Directory domain. The domain contains 2,000 computers that run Windows 10.
You purchase a Microsoft 365 subscription.
You implement password hash synchronization and Azure Active Directory (Azure AD) Seamless Single Sign-On (Seamless SSO).
You need to ensure that users can use Seamless SSO from the Windows 10 computers.
What should you do?

解説: (JPNTest メンバーにのみ表示されます)
You are developing a single-page application (SPA) named App1 that will be used by the public.
Many users of App1 restrict pop-up windows from opening in their browser.
You need to authenticate the users by using the Microsoft identity platform. The solution must meet the following requirements:
* Ensure that App1 can read the profile of a user.
* Minimize user interaction during authentication.
* Prevent App1 from requiting admin consent for any permissions.
How should you complete the code? To answer, select the appropriate options in the answer area.
正解:

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡