[Free] 2019(Nov) EnsurePass Microsoft MS-100 Dumps with VCE and PDF 21-30

Get Full Version of the Exam
http://www.EnsurePass.com/MS-100.html

Question No.21

HOTSPOT

You have the Microsoft Azure Active Directory (Azure AD) users shown in the following table.

image

Your company uses Microsoft Intune.

Several devices are enrolled in Intune as shown in the following table.

image

The device compliance policies in Intune are configured as shown in the following table.

image

You create a conditional access policy that has the following settings: The Assignments settings are configured as follows:

image

image

Users and groups: Group1 Cloud apps: Exchange Online

image

Conditions: Include All device state, exclude Device marked as compliant Access controls is set to Block access.

For each of the following statements, select yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

image

Correct Answer:

image

Question No.22

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result these questions will not appear in the review screen.

Your company has a main office and three branch offices. All the branch offices connect to the main office by using a WAN link. The main office has a high-speed Internet connection. All the branch offices connect to the Internet by using the main office connection.

Users use Microsoft Outlook 2016 to connect to 4 Microsoft Exchange Server mailbox hosted in the main office.

The users report that when the WAN link in their office becomes unavailable, they cannot access their mailbox.

You create a Microsoft 365 subscription, and then migrate all the user data to Microsoft 365.

You need to ensure that all the users can continue to use Outlook to receive email messages if a WAN link fails.

Solution: For each device, you configure an additional Outlook profile that uses IMAP. Does this meet the goal?

  1. Yes

  2. NO

Correct Answer: B

Question No.23

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.

You need to be notified if the SharePoint policy is modified in the future. Solution: From the SharePoint admin center, you modify the sharing settings. Does this meet the goal?

  1. Yes

  2. No

Correct Answer: B

Question No.24

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company has a Microsoft Office 365 tenant.

You suspect that several Office 365 features were recently updated.

You need to view a list of the features that were recently updated in the tenant.

Solution: You review the Security amp; Compliance report in the Microsoft 365 admin center. Does this meet the goal?

  1. Yes

  2. No

Correct Answer: B

Question No.25

Your network contains an Active Directory domain and a Microsoft Azure Active Directory (Azure AD) tenant.

The network uses a firewall that contains a list of allowed outbound domains. You began to implement directory synchronization.

You discover that the firewall configuration contains only the following domain names in the list of allowed domains:

*.microsof.com

*.office.com

Directory synchronization fails.

You need to ensure that directory synchronization completes successfully.

What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

  1. From the firewall, allow the IP address range of the Azure data center for outbound communication.

  2. From Azure AD Connect, modify the Customize synchronization options task

  3. Deploy an Azure AD Connect sync server in staging mode.

  4. From the firewall, create a list of allowed inbound domains.

  5. From the firewall, modify the list of allowed outbound domains.

Correct Answer: E

Question No.26

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.

Solution: From the Azure Active Directory admin center, you create a trusted location and a conditional access policy.

Does this meet the goal?

  1. Yes

  2. No

Correct Answer: A

Explanation:

Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.

References:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in- SharePoint-Onlineand-OneDrive-for/ba-p/46678

Question No.27

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).

You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).

You configure a pilot for co-management.

You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.

You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.

Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection.

Does this meet the goal?

  1. Yes

  2. No

Correct Answer: B

Question No.28

You have a Microsoft 365 tenant that contains Microsoft Exchange Online.

You plan to enable calendar sharing with a partner organization named adatum.com. The partner organization also has a Microsoft 365 tenant.

You need to ensure that the calendar of every user is available to the users in adatum.com immediately.

What should you do?

  1. From the Exchange admin center, create a sharing policy.

  2. From the Exchange admin center, create a new organization relationship

  3. From the Microsoft 365 admin center, modify the Organization profile settings.

  4. From the Microsoft 365 admin center, configure external site sharing.

Correct Answer: B

Explanation:

https://docs.microsoft.com/en-us/exchange/sharing/organization-relationships/create-an- organization-relationship

Question No.29

You have a Microsoft 365 subscription.

You plan to enable Microsoft Azure Information Protection.

You need to ensure that only the members of a group named PilotUsers can protect content. What should you do?

  1. Run the Add-AadrmRoleBaseAdministrator cmdlet.

  2. Create an Azure Information Protection policy.

  3. Configure the protection activation status for Azure Information Protection.

  4. Run the Set-AadrmOnboardingControlPolicy cmdlet.

Correct Answer: D

Explanation:

If you don#39;t want all users to be able to protect documents and emails immediately by using Azure Rights Management, you can configure user onboarding controls by using the Set- AadrmOnboardingControlPolicy

References:

https://docs.microsoft.com/en-us/azure/information-protection/activate-service

Question No.30

HOTSPOT

You have a Microsoft 365 subscription.

You are configuring permissions for Security amp; Compliance.

You need to ensure that the users can perform the tasks shown in the following table.

image

The solution must use the principle of least privilege.

To which role should you assign each user? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

image

Correct Answer:

image

Get Full Version of the Exam
MS-100 Dumps
MS-100 VCE and PDF