High Quality MS-100 Software 2021

NEW QUESTION 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.
Your company has a main office and three branch offices. All the branch offices connect to the main office by using a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to the Internet by using the main office connection.
Users use Microsoft Outlook 2021 to connect to 4 Microsoft Exchange Server mailbox hosted in the main
office.
The users report that when the WAN link in their office becomes unavailable, they cannot access their mailbox.
You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.
You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN link fails.
Solution: For each device, you configure an additional Outlook profile that uses IMAP. Does this meet the goal?

• A. Yes


• B. NO

Answer: B

NEW QUESTION 2

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created before you begin the project. Which DNS record should you recommend?

• A. mail exchanger (MX)


• B. alias (CNAME)


• C. host (A)


• D. host (AAA)

Answer: A

NEW QUESTION 3

Your network contains an Active Directory forest named adatum.local. The forest contains 500 users and uses adatum.com as a UPN suffix.
You deploy a Microsoft 365 tenant.
You implement directory synchronization and sync only 50 support users.
You discover that five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com. You need to ensure that all synchronized identities retain the UPN set in their on-premises user account. What should you do?

• A. From the Microsoft 365 admin center, add adatum.com as a custom domain name.


• B. From Windows PowerShell, run the Set-ADDomain –AllowedDNSSuffixes adatum.com command.


• C. From Active Directory Users and Computers, modify the UPN suffix of the five user accounts.


• D. From the Microsoft 365 admin center, add adatum.local as a custom domain name.

Answer: C

NEW QUESTION 4

You need to meet the security requirement for the vendors. What should you do?

• A. From the Azure portal, add an identity provider.


• B. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the –UserPrincipalName parameter.


• C. From the Azure portal, create guest accounts.


• D. From Azure Cloud Shell, run the New-AzureADUser cmdlet and specify the –UserType parameter.

Answer: C

NEW QUESTION 5

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest. You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
Users passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?

• A. Yes


• B. No

Answer: B

NEW QUESTION 6

Your network contain*, an on-premises Active Directory forest.
You are evaluating the implementation of Microsoft 365 and the deployment of authentication strategy. You need to recommend an authentication strategy that meets the following requirements:
• Allows users to sign in by using smart card-based certificates
• Allows users to connect to on premises and Microsoft 365 services by using SSO Which authentication strategy should you recommend?

• A. password hash synchronization and seamless SSO


• B. federation with Active Directory Federation Services (AD FS)


• C. pass-through authentication and seamless SSO

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn

NEW QUESTION 7

Your company has 500 client computers that run Windows 10.
You plan to deploy Microsoft Office 365 ProPlus to all the computers. You create the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 8

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements. Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

• A. Yes


• B. NO

Answer: B

NEW QUESTION 9

You have a Microsoft 365 subscription.
You view the service advisories shown in the following exhibit.

You need to ensure that users who administer Microsoft SharePoint Online can view the advisories to investigate health issues.
Which role should you assign to the users?

• A. SharePoint administrator


• B. Message Center reader


• C. Reports reader


• D. Service administrator

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/office365/admin/add-users/about-admin-roles?view=o365-worldwide

NEW QUESTION 10

You create the Microsoft 365 tenant.
You implement Azure AD Connect as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 11

Your company has an on-premises Microsoft Exchange Server 2013 organization. The company has 100 users.
The company purchases Microsoft 365 and plans to move its entire.- infrastructure to the cloud.
The company does NOT plan to sync the on-premises Active Directory domain to Microsoft Azure Active Directory (Azure AD).
You need to recommend which type of migration to use to move all email messages, contacts, and calendar items to Exchange Online.
What should you recommend?

• A. cutover migration


• B. IMAP migration


• C. remote move migration


• D. staged migration

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/exchange/mailbox-migration/cutover-migration-to-office-365

NEW QUESTION 12

You have a Microsoft 365 Enterprise subscription.
You have a conditional access policy to force multi factor .mthentication when accessing Microsoft SharePoint from a mobile device
You need to view which users authenticated by using multi factor authentication. What should you do?

• A. From the Microsoft 36S admin center, view the Security Compliance reports.


• B. From the Azure Active Directory admin center, view the user sign-ins.


• C. From the Microsoft 365 admin center, view the Usage reports.


• D. From the Azure Active Directory admin center, view the audit logs.

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-reporting

NEW QUESTION 13

Your network contains the servers shown in the following table.

You purchase Microsoft 365 Enterprise E5 and plan to move all workloads to Microsoft 365 by using a hybrid identity solution and a hybrid deployment for all workloads.
You need to identify which server must be upgraded before you move to Microsoft 365. What should you identify?

• A. Server 2


• B. Server 3


• C. Server 5


• D. Server 1


• E. Server 4

Answer: B

NEW QUESTION 14

You company has a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts. You need to identify which users can perform the following administrative tasks:
Create guest user accounts.
Add User3 to Admin1.
Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles

NEW QUESTION 15

You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company. You prepare the following XML file for the planned deployment.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2021-deployment-tool#updat https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus

NEW QUESTION 16

Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to identify an authentication strategy for the planned Microsoft 365 deployment. The solution must meet the following requirements:
Ensure that users can access Microsoft 365 by using their on-premises credentials.
Use the existing server infrastructure only.
Store all user passwords on-premises only.
Be highly available.
Which authentication strategy should you identify?

• A. pass-through authentication and seamless SSO


• B. pass-through authentication and seamless SSO with password hash synchronization


• C. password hash synchronization and seamless SSO


• D. federation

Answer: A

NEW QUESTION 17

Your company has a Microsoft 365 subscription. All identities are managed in the cloud. The company purchases a new domain name.
You need to ensure that all new mailboxes use the new domain as their primary email address. What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

• A. From Microsoft Exchange Online PowerShell, run the Update-EmailAddressPolicy policy command.


• B. From the Exchange admin center, click mail flow, and then configure the email address policies.


• C. From the Microsoft 365 admin center, click Setup, and then configure the domains.


• D. From Microsoft Exchange Online PowerShell, run the Set-EmailAddressPolicy policy command.


• E. From the Azure Active Directory admin center, configure the custom domain names.

Answer: BD

NEW QUESTION 18

Your network contains an on premises Active Directory domain named contoso.com. The domain contains five domain controllers.
Your company purchases Microsoft 365 and creates a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You plan to establish federation authentication between on premises Active Directory and the Azure AD tenant by using Active Directory Federation Services (AD FS).
You need to establish the federation.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 19

You have a Microsoft 36S subscription that contains several Microsoft SharePoint Online sites. You discover that users from your company can invite external users to access files on the SharePoint sites. You need to ensure that the company users can invite only authenticated guest users to the sites. What should you do?

• A. From the Microsoft 365 admin center, configure a partner relationship.


• B. From SharePoint Online Management Shell, run the set-SPOSite cmdlet.


• C. From the Azure Active Directory adman center, configure a conditional access policy.


• D. From the SharePoint admin center, configure the sharing settings.

Answer: D

NEW QUESTION 20

Your company has a hybrid deployment of Microsoft 36S.
Users authenticate by using pass-through authentication. Several Microsoft A/wt AD Connect Authentication Agents are deployed.
You need to verify whether all the Authentication Agents are used for authentication.
What should you do?

• A. From the Azure portal, use the Troubleshoot option on the Pass-through authentication page.


• B. From Performance Monitor, use the #PTA authentications counter.


• C. From the Azure portal use the Diagnostics settings on the Monitor blade.


• D. From Performance Monitor, use the Kerberos authentications counter.

Answer: A

NEW QUESTION 21

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes a user named User1.
You enable multi-factor authentication for contoso.com and configure the following two fraud alert settings: Set Allow users to submit fraud alerts: On
Automatically block users who report fraud: On
You need to instruct the users in your organization to use the fraud reporting features correctly. What should you tell the users to do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered


• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert

NEW QUESTION 22
......