• Home
  • Articles
  • [Q37-Q61] MS-100 Exam Brain Dumps - Study Notes and Theory [Mar-2024]

[Q37-Q61] MS-100 Exam Brain Dumps - Study Notes and Theory [Mar-2024]

Share

MS-100 Exam Brain Dumps - Study Notes and Theory [Mar-2024]

100% Guaranteed Results MS-100 Unlimited 431 Questions


Microsoft MS-100 certification exam is an essential step for IT professionals who want to advance their careers in Microsoft 365 administration. Microsoft 365 Identity and Services certification demonstrates that the candidate has the skills and expertise required to manage Microsoft 365 services, users, identities, and devices. MS-100 exam is recognized by employers worldwide and is valued in the IT industry as proof of the candidate's technical proficiency.


Microsoft MS-100 exam, also known as the Microsoft 365 Identity and Services exam, is designed for professionals who want to validate their skills in managing Microsoft 365 services, including identities, security, compliance, and supporting technologies. It is one of the required exams for earning the Microsoft 365 Certified: Enterprise Administrator Expert certification, which is a highly sought-after certification in the IT industry.

 

NEW QUESTION # 37
You have a Microsoft 365 subscription.
You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled devices enrolled on mobile device management (MDM).
What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/intune/advanced-threat-protection


NEW QUESTION # 38
You need to meet the security requirement for the vendors.
What should you do?

  • A. From Azure Cloud Shell, run the Set-MsolUserPrincipalName and specify the -tenantID parameter.
  • B. From the Azure portal, modify the authentication methods.
  • C. From Azure Cloud Shell, run the New-AzureADMSInvitation and specify the -InvitedIserEmailAddress cmdlet.
  • D. From the Azure portal, add an identity provider.

Answer: C

Explanation:
Explanation
* Vendors must be able to authenticate by using their Microsoft account when accessing Contoso resources.
You can invite guest users to the directory, to a group, or to an application. After you invite a user through any of these methods, the invited user's account is added to Azure Active Directory (Azure AD), with a user type of Guest. The guest user must then redeem their invitation to access resources. An invitation of a user does not expire.
The invitation will include a link to create a Microsoft account. The user can then authenticate using their Microsoft account. In this question, the vendors already have Microsoft accounts so they can authenticate using them.
In this solution, we are creating guest account invitations by using the New-AzureADMSInvitation cmdlet and specifying the -InvitedUserEmailAddress parameter.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/add-users-administrator
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureadmsinvitation?view=azureadps-2.0


NEW QUESTION # 39
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
* Users passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
This solution meets the following requirement:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. (this is because the authentication is performed by Azure Active Directory).
This solution does not meet the following requirement:
* Users passwords must be 10 characters or more.
To meet this requirement, you would need to configure the Default Domain Policy in the on-premise Active Directory.
Azure Password Protection can prevent users from using passwords from a 'banned password' list but it cannot be configured to require that passwords must be 10 characters or more.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization


NEW QUESTION # 40
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Administrator role. From the Exchange admin center, you add User2 to the View-Only Organization Management role.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B


NEW QUESTION # 41
You have a Microsoft 365 subscription that contains the users shown in the following table.

You have the named locations shown in the following table.

You create a conditional access policy that has the following configurations:
Users and groups:
Include: Group1
Exclude: Group2
Cloud apps: Include all cloud apps
Conditions:
Include: Any location
Exclude: Montreal
Access control: Grant access, Require multi-factor authentication
User1 is on the multi-factor authentication (MFA) blocked users list.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings


NEW QUESTION # 42
Your company has a Microsoft 365 subscription.
You plan to move several archived PST files to Microsoft Exchange Online mailboxes.
You need to create an import job for the PST files.
Which three actions should you perform before you create the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Create a PST import mapping file.
  • B. From Security & Compliance, retrieve the SAS key.
  • C. Run azcopy.exe to copy the PST files to Microsoft Azure Storage
  • D. Create a Microsoft Azure Storage account.
  • E. Use Microsoft Azure Storage Explorer to copy the PST files to Azure Storage.

Answer: A,B,C

Explanation:
Explanation
The first step is to download and install the Azure AzCopy tool, which is the tool that you run in Step 2 to upload PST files to Office 365. You also copy the SAS URL for your organization. This URL is a combination of the network URL for the Azure Storage location in the Microsoft cloud for your organization and a Shared Access Signature (SAS) key. This key provides you with the necessary permissions to upload PST files to your Azure Storage location.
Now you're ready to use the AzCopy.exe tool to upload PST files to Office 365. This tool uploads and stores them in an Azure Storage location in the Microsoft cloud.
After the PST files have been uploaded to the Azure Storage location for your Office 365 organization, the next step is to create a comma-separated value (CSV) file that specifies which user mailboxes the PST files will be imported to. You'll submit this CSV file when you create a PST Import job.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/use-network-upload-to-import-pst-files


NEW QUESTION # 43
You work at a company named Contoso, Ltd.
Contoso has a Microsoft 365 subscription that is configured to use the DNS domains shown in the following table.

Contoso purchases a company named Fabrikam, Inc.
Contoso plans to add the following domains to the Microsoft 365 subscription:
fabrikam.com
east.fabrikam.com
west.contoso.com
You need to ensure that the devices in the new domains can register by using Autodiscover.
How many domains should you verify, and what is the minimum number of enterpriseregistration DNS records you should add? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enroll


NEW QUESTION # 44
You have a Microsoft 365 tenant that contains the users shown in the following table.

Microsoft Exchange Online has the mail flow rules shown in the following table

Rule1 has the following settings:

Answer:

Explanation:


NEW QUESTION # 45
You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution.
You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. From the Azure AO Connect server, run the Register-AzureADCConnectHealthSyncAgent cmdlet.
  • B. From all the domain controllers, run the set-AdminAuditLogConfig cmdlet and specify the -LogiLevel parameter.
  • C. On a domain controller install Azure AD Connect Health for AD DS.
  • D. From all the AD FS servers, run audltpol.exe.
  • E. On an server, install Azure AD Connect Health for AD FS.

Answer: A,E

Explanation:
Explanation
To audit AD FS user authentication, you need to install Azure AD Connect Health for AD FS. The agent should be installed on an AD FS server. After the installation, you need to register the agent by running the Register-AzureADConnectHealthSyncAgent cmdlet.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-agent-install
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-adfs


NEW QUESTION # 46
You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com.
Corporate policy states that user passwords must not include the word Contoso.
What should you do to implement the corporate policy?

  • A. From Azure AD Identity Protection, configure a sign-in risk policy.
  • B. From the Azure Active Directory admin center, configure the Password protection settings.
  • C. From the Azure Active Directory admin center, create a conditional access policy.
  • D. From the Microsoft 365 admin center, configure the Password policy settings.

Answer: B

Explanation:
The Password protection settings allows you to specify a banned password list of phrases that users cannot use as part of their passwords.
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premisesoperations
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-configure
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad#custombanned-password-list


NEW QUESTION # 47
Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (Azure AD).
The on-premises network contains a Microsoft SharePoint Server 2019 farm.
The company purchases a Microsoft 365 subscription.
You have the users shown in the following table

You plan to assign User1 and User2 the required roles to run the SharePoint Hybrid Configuration Wizard.
User1 will be used for on-premises credentials and User2 will be used for cloud credentials.
You need to assign the correct role to User2. The solution must use the principle of least privilege.
Which role should you assign to User2?

  • A. Global administrator
  • B. SharePoint farm administrator
  • C. SharePoint administrator
  • D. Application administrator

Answer: A

Explanation:
Explanation
To run the SharePoint Hybrid Configuration Wizard, you need to provide credentials of a user (in this case User2) of a Global Administrator account in Azure Active Directory.
Reference:
https://www.c-sharpcorner.com/article/sharepoint-2019-enable-hybrid-experience/
https://docs.microsoft.com/en-us/sharepoint/hybrid/accounts-needed-for-hybrid-configuration-and-testing


NEW QUESTION # 48
Your company has a Microsoft 365 tenant named litwareinc.com.
The Guest access settings in Microsoft Teams are configured as shown in the following exhibit.

The External access settings in Microsoft Teams are configured as shown in the following exhibit.

The company has a third-party supplier named adventureworks.com. Users in litwareinc.com collaborate with the following users by using Microsoft Teams:
[email protected]
[email protected]
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/microsoftteams/set-up-guests
https://docs.microsoft.com/en-us/microsoftteams/communicate-with-users-from-other-organizations


NEW QUESTION # 49
You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution.
You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. From the Azure AD Connect server, run the
    Register-AzureADConnectHealthSyncAgentcmdlet.
  • B. From all the AD FS servers, run auditpol.exe.
  • C. From all the domain controllers, run the Set-AdminAuditLogConfigcmdlet and specify the -
    LogLevel parameter.
  • D. On an AD FS server, install Azure AD Connect Health for AD FS.
  • E. On a domain controller, install Azure AD Connect Health for AD DS.

Answer: A,D


NEW QUESTION # 50
Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant.
The on-premises network contains a file server named Server1. Server1 has a share named Share1 that contains company documents.
Your company purchases a Microsoft 365 subscription.
You plan to migrate data from Share1 to Microsoft 365. Only data that was created or modified during the last three months will be migrated.
You need to identify all the files in Share1 that were modified or created during the last 90 days.
What should you use?

  • A. Server Manager
  • B. Usage reports from the Microsoft 365 admin center
  • C. Resource Monitor
  • D. Microsoft SharePoint Migration Tool

Answer: D

Explanation:
You can use the Microsoft SharePoint Migration Tool to migrate files from a file server to SharePoint Online.
The Microsoft SharePoint Migration Tool has a number of filters you can use to define which files will be migrated. One filter setting is "Migrate files modified after". This setting will only migrate files modified after the selected date.
The first phase of a migration is to perform a scan of the source files to create a manifest of the files that will be migrated. You can use this manifest to identify all the files in Share1 that were modified or created during the last 90 days.
References:
https://docs.microsoft.com/en-us/sharepointmigration/spmt-settings


NEW QUESTION # 51
Your network contains an Active Directory forest named local.
You have a Microsoft 365 subscription. You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you verify the contoso.com domain name. You need to prepare the environment foe the planned directory synchronization solution.
What should you do first?

  • A. From the Microsoft 365 admin center, verify the contoso.com domain name.
  • B. From Active Directory Users and Computers, modify the UPN suffix for all users.
  • C. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix
  • D. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.

Answer: C


NEW QUESTION # 52
You have a Microsoft 365 subscription that uses a default named contoso.com.
Three files were created on February 1, 2019, as shown in the following table.

On March 1, 2019, you create two retention labels named Label1 and label2.
The settings for Label1 are configured as shown in the Label1 exhibit. (Click the Label1 tab.) Label 1

The settings for Label2 are configured as shown in the Label1 exhibit. (Click the Label2 tab.) Label 2

You apply the retention labels to Exchange email, SharePoint sites, and OneDrive accounts.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: No
Retention overrides deletion.
Box 2: No
Content in a document library will be moved to the first-stage Recycle Bin within 7 days of disposition, and then permanently deleted another 93 days after that. Thus 100 days in total.
Box 3: No
Items in an Exchange mailbox will be permanently deleted within 14 days of disposition.
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/labels
https://docs.microsoft.com/en-us/office365/securitycompliance/disposition-reviews


NEW QUESTION # 53
Your network contains an Active Directory domain named contoso.com. The domain contains 1000 Windows
8.1 devices.
You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices.
You need to recommend a Windows 10 deployment method.
What should you recommend?

  • A. Windows Autopilot
  • B. an in-place upgrade
  • C. a provisioning package
  • D. Wipe and load refresh

Answer: D

Explanation:
Explanation
To deploy a custom image, you must use the wipe and load refresh method. You cannot deploy a custom image by using an in-place upgrade, Windows Autopilot or a provisioning package.
Reference:
https://docs.microsoft.com/en-us/windows/deployment/windows-10-deployment-scenarios


NEW QUESTION # 54
You need to configure the Office 365 service status notifications and limit access to the service and feature updates. The solution must meet the technical requirements.
What should you configure in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/briefing/be-admin
https://docs.microsoft.com/en-us/microsoft-365/admin/manage/release-options-in-office-365?view=o365-worldwide
Topic 4, NEW Case Study
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the question. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, n...... that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to ret........ to the question.
Existing Environment
Microsoft 365
Contoso identifies the following business goals:
* Utilize core functionality of apps whenever possible.
* Reduce app development costs.
* Minimize training costs for end users.
Microsoft SharePoint/Microsoft Exchange
Contoso has a Microsoft 365 subscription that uses a domain named contoso.com. Each user is assigned a Microsoft 365 Enterprise E5 licence.
Problem Statement
Contoso moves all email accounts to Microsoft 365.
Contoso migrates the SharePoint Server 2013 intranet sites of the research department to SharePoint Online.
Requirements
Business Goals
Contoso identifies the following issues:
* Users in the sales department report that prepanng quotations is time-consuming as it requires manually copying and pasting data from multiple sources.
* Users in the HR department must use multiple apps to manage the hiring process.
* The solution to claim expenses requires multiple manual steps.
Planned Changes
Contoso identifies the following business goals:
* Utilize core functionality of apps whenever possible.
* Reduce app development costs.
* Minimize training costs for end users.
Technical Requirements
Contoso plans to implement the following changes;
* Redesign the SharePoint Online sites of the research department to provide users with an expenence that is consistent with the Microsoft 365 portal. The research department has a third-party project management solution that uses the Microsoft identity platform in Azure AD.
* Create an email workflow solution for expense claims. Users will submit their expense claims and the system will email an approval request to their manager.
* Implement a bring your own device (BYOD) model that supports Windows 10, macOS, and Android devices.
* Develop a custom Microsoft 365 app named SalesApp for the sales department.
* Develop a custom Microsoft 365 app named HRApp for the HR department
Security Requirement
Contoso identifies the following technical requirements for app development:
* The expense claims solution must provide managers with claim information and the ability to manage the claim by using Microsoft Outlook. Outlook on the web, or Outlook for iOS and Android.
* HRApp must include a bot named HRBot that will answer HR questions. Users must be able to access the bot by mentioning HRBot in a Microsoft Teams channel or private chat.
* HRApp must enable users to query a third-party HR system by using a tab from within a Microsoft Teams channel.
* HRApp must include a messaging extension that enables users to search jobs by job title or job ID.
* SalesApp must be integrated with Microsoft Word and must combine images and text from multiple sources to create a quotation as a DOCX file.
* The distribution of SalesApp must be automatic and require minimal user interaction.
* Solutions for SharePoint Online and Microsoft Office must follow the current Office user interface (Ul) design.
* Development tools and solutions must support Windows and non-Windows devices.
* Development effort must be minimized.
HRApp Manifest
All solutions must support the Microsoft identity platform in Azure AD.
Intranet components must not share access tokens.


NEW QUESTION # 55
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Compliance Management role.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: B

Explanation:
Section: [none]
Explanation:
* User2 must be able to view reports and schedule the email delivery of security and compliance reports.
The Security Reader role can view reports.
The Compliance Management role can schedule the email delivery of security and compliance reports.
Reference:
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo


NEW QUESTION # 56
You need to recommend the development environment and tools for the redesign of the research department's SharePoint Online sites.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:


NEW QUESTION # 57
Your network contains an Active Directory domain named contoso.com.
You have a Microsoft 365 subscription.
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You implement directory synchronization.
The developers at your company plan to build an app named App1. App1 will connect to the Microsoft Graph API to provide access to several Microsoft Office 365 services.
You need to provide the URI for the authorization endpoint that App1 must use.
What should you provide?

  • A. https://myapps.microsoft.com
  • B. https://contoso.com/contoso.onmicrosoft.com/app1
  • C. https://login.microsoftonline.com/contoso.onmicrosoft.com/
  • D. https://login.microsoftonline.com/

Answer: C


NEW QUESTION # 58
You have retention policies in Microsoft 365 as shown in the following table.

Policy1 is configured as shown in the Policy1 exhibit. (Click the
Policy1

Policy1 is configured as shown in the Policy2 exhibit. (Click the
Policy2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/office365/securitycompliance/retention-policies#the-principles-of-retention-or-


NEW QUESTION # 59
You are developing a single-page application (SPA) named App1 that will be used by the public.
Many users of App1 restrict pop-up windows from opening in their browser.
You need to authenticate the users by using the Microsoft identity platform. The solution must meet the following requirements:
* Ensure that App1 can read the profile of a user.
* Minimize user interaction during authentication.
* Prevent App1 from requiting admin consent for any permissions.
How should you complete the code? To answer, select the appropriate options in the answer area.

Answer:

Explanation:


NEW QUESTION # 60
Your network contains the servers shown in the following table.

You purchase Microsoft 365 Enterprise E5 and plan to move all workloads to Microsoft 365 by using a hybrid identity solution and a hybrid deployment for all workloads.
You need to identify which server must be upgraded before you move to Microsoft 365.
What should you identify?

  • A. Server4
  • B. Server3
  • C. Server2
  • D. Server1
  • E. Server5

Answer: B

Explanation:
Section: [none]
Explanation:
Exchange Server 2007 is not supported for a hybrid deployment.
Reference:
https://docs.microsoft.com/en-us/exchange/hybrid-deployment-prerequisites


NEW QUESTION # 61
......


The MS-100 exam is aimed at IT professionals who work with Microsoft 365 services, including administrators and architects. MS-100 exam covers a wide range of topics, including identity management, device management, access management, and security management. Candidates who pass the exam will demonstrate their ability to manage and maintain Microsoft 365 services, ensuring that organizations can operate efficiently and securely.

 

MS-100 Dumps PDF - Want To Pass MS-100 Fast: https://tesking.pass4cram.com/MS-100-dumps-torrent.html

Related Articles

more
Microsoft MS-100 Certification Practice Exam

The most valid exam cram is the best study and review material for your upcoming IT exam. With the useful and accurate pass4cram study material, you will pass your exam with a high core.

Latest Valid Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Pass4cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy