MS-100 Exam Dumps
Microsoft MS-100 This Week Result
They can't be wrong
Score in Real Exam at Testing Centre
Questions came word by word from this dumps
MS-100 Complete Exam Detail
| Detail | Information |
|---|---|
| Total Time | 120 minutes |
| Exam Fee | $165 USD (Price may vary by country/region) |
| Passing Marks | 700 out of 1000 |
| Available Languages | English, Japanese, Chinese (Simplified), Korean, Spanish, German, French, Portuguese (Brazil) |
| Exam Code | MS-100 |
| Exam Title | Microsoft 365 Identity and Services |
| Exam Format | Multiple choice, scenario-based |
| Skills Measured | - Design and implement Microsoft 365 services - Manage user identity and roles - Manage access and authentication - Plan Office 365 workloads and applications - Implement modern device services - Implement Microsoft 365 security and threat management |
| Prerequisites | Familiarity with Microsoft 365 workloads and networking fundamentals |
MS-100 COMPLETE EXAM TOPICS BREAKDOWN
| Exam Topic | Weightage (%) |
|---|---|
| Design and implement Microsoft 365 services | 25 |
| Manage user identity and roles | 25 |
| Manage access and authentication | 15 |
| Plan Office 365 workloads and applications | 25 |
| Implement modern device services | 10 |
| Implement Microsoft 365 security and threat management | 25 |
Best Microsoft MS-100 Dumps - pass your exam In First Attempt
Our MS-100 dumps are better than all other cheap MS-100 study material.
Only best way to pass your Microsoft MS-100 is that if you will get reliable exam study materials. We ensure you that realexamdumps is one of the most authentic website for Microsoft Microsoft 365 exam question answers. Pass your MS-100 Microsoft 365 Identity and Services with full confidence. You can get free Microsoft 365 Identity and Services demo from realexamdumps. We ensure 100% your success in MS-100 Exam with the help of Microsoft Dumps. you will feel proud to become a part of realexamdumps family.
Our success rate from past 5 year very impressive. Our customers are able to build their carrier in IT field.
Search
45000+ Exams
Buy
Desire Exam
Download
Exam
Related Exam
Realexamdumps Providing most updated Microsoft 365 Question Answers. Here are a few exams:
Sample Questions
Realexamdumps Providing most updated Microsoft 365 Question Answers. Here are a few sample questions:
Microsoft MS-100 Sample Question 1
You create a Microsoft 365 Enterprise subscription. You assign licenses for all products to all users. You need to ensure that all Microsoft Office 365 ProPlus installations occur from a network share. The solution must prevent the users from installing Office 365 ProPlus from the Internet. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Options:
Answer: B, D, E Explanation: Explanation: You can use the Office Deployment Tool (ODT) to download the installation files for Office 365 ProPlus from a local source on your network instead of from the Office Content Delivery Network (CDN).The first step is to create the configuration file. You can download an XML template file and modify that.The next step to install Office 365 ProPlus is to run the ODT executable in configure mode with a reference to the configuration file you just saved. In the following example, the configuration file is named installconfig.xml. setup.exe /configure installconfig.xmlAfter running the command, you should see the Office installation start.To prevent the users from installing Office 365 ProPlus from the Internet, you need to configure the Software download settings (disallow downloads) in the Microsoft 365 admin center.Reference: [Reference:, https://docs.microsoft.com/en-us/deployoffice/overview-of-the-office-2016-deployment-tool#download-the-installation-files-for-office-365-proplus-from-a-local-source, ]
Microsoft MS-100 Sample Question 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network. Solution: From the Microsoft 365 admin center, you configure the Organization profile settings. Does this meet the goal?
Options:
Answer: B Explanation: Explanation: Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.References:https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Onlineand-OneDrive-for/ba-p/46679
Microsoft MS-100 Sample Question 3
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time. When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesnât matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. You may now click next to proceed to the lab. Lab information Use the following login credentials as needed: To enter your username, place your cursor in the Sign in box and click on the username below. To enter your password, place your cursor in the Enter password box and click on the password below. Microsoft 365 Username: admin@LODSe426243.onmicrosoft.com Microsoft 365 Password: 3&YWyjse-6-d If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab. The following information is for technical support purposes only: Lab Instance: 10887751 You plan to allow the users in your organization to invite external users as guest users to your Microsoft 365 tenant. You need to prevent the organizationâs users from inviting guests who have an email address that uses a suffix of @gmail.com.
Options:
Answer: Answer: See explanation below. Explanation: Explanation: You need to add gmail.com as a denied domain in the âExternal collaboration settingsâ.1. Go to the Azure Active Directory admin center.2. Select Users then select âUser settingsâ.3. Under External Users, select the âManage external collaboration settingsâ.4. Under âCollaboration restrictionsâ, select the âDeny invitations to the specified domainsâ option.5. Under, Target Domains, type in the domain name âgmail.comâ6. Click the Save button at the top of the screen to save your changes.References:https://docs.microsoft.com/en-us/azure/active-dire ctory/b2b/allow-deny-lisu
Microsoft MS-100 Sample Question 4
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains a user named User1. You suspect that an imposter is signing in to Azure AD by using the credentials of User1. You need to ensure that an administrator named Admin1 can view all the sign in details of User1 from the past 24 hours. To which three roles should you add Admin1? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
Options:
Answer: A, E, F Explanation: Explanation: Users in the Security Administrator, Security Reader, Global Reader, and Report Reader roles can view thesign in details.Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins, , ]
Microsoft MS-100 Sample Question 5
You need to assign User2 the required roles to meet the security requirements and the technical requirements. To which two roles should you assign User2? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Options:
Answer: D, E Explanation: Explanation: User2 must be able to view reports and schedule the email delivery of security and compliance reports.The Security Reader role can view reports but not schedule the email delivery of security and compliance reports.The Exchange Online Compliance Management role can schedule the email delivery of security and compliance reports.Reference: [Reference:, https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo, ]
Microsoft MS-100 Sample Question 6
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You add an app named App1 to the enterprise applications in contoso.com. You need to configure self-service for App1. What should you do first?
Options:
Answer: C Explanation: Explanation: The provisioning mode (manual or automatic) needs to be configured for an app before you can enable self-service application access.References:https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/manage-self-service-accest
Microsoft MS-100 Sample Question 7
You need to meet the security requirement for Group1. What should you do?
Options:
Answer: D Explanation: Explanation: References:The members of Group1 must be required to answer a security question before changing their password.If SSPR (Self Service Password Reset) is enabled, you must select at least one of the following options for the authentication methods. Sometimes you hear these options referred to as "gates."Mobile app notificationMobile app codeEmailMobile phoneOffice phoneSecurity questionsYou can specify the required authentication methods in the Password reset properties of the Azure AD tenant. In this case, you should set the required authentication method to be âSecurity questionsâ.Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks, , ]
Microsoft MS-100 Sample Question 8
You need to Add the custom domain name* to Office 36S K> support the planned changes as quickly as possible. What should you create to verify the domain names successfully?
Options:
Answer: D Explanation: Explanation: Contoso plans to provide email addresses for all the users in the following domains:East.adatum.comContoso.adatum.comHumongousinsurance.comTo verify three domain names, you need to add three TXT records.Reference: [Reference:, https://docs.microsoft.com/en-us/office365/admin/setup/add-domain?view=o365-worldwide, ]
Microsoft MS-100 Sample Question 9
Note This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You need to assign User2 the required roles to meet the security requirements. Solution: From the Office 365 admin center, you assign User2 the Security Administrator role. From the Exchange admin center, you add User2 to the View-Only Management role. Does this meet the goal?
Options:
Answer: B Explanation: Explanation: User2 must be able to view reports and schedule the email delivery of security and compliance reports.The Security Administrator role can view reports but not schedule the email delivery of security and compliance reports.The View-Only Organization Management role cannot schedule the email delivery of security and compliance reports.Reference: [Reference:, https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo, ]
Microsoft MS-100 Sample Question 10
You need to configure just in time access to meet the technical requirements. What should you use?
Options:
Answer: C Explanation: Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure, , , ]
Microsoft MS-100 Sample Question 11
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As m result, these questions will not appear in the review screen. You need to assign User2 the required roles to meet the security requirement. Solution: From the Office 36S admin center, you assign User2 the Records Management role. From the Exchange 3dmm center, you assign User2 the Help Desk role. Does that meet the goal?
Options:
Answer: C
Microsoft MS-100 Sample Question 12
Which migration solution should you recommend for Project1?
Options:
Answer: A Explanation: Explanation: Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.Fabrikam does NOT plan to implement identity federation.All users must be able to exchange email messages successfully during Project1 by using their current email address.During Project1, some users will have mailboxes in Microsoft 365 and some users will have mailboxes in Exchange on-premises. To enable users to be able to exchange email messages successfully during Project1 by using their current email address, weâll need to configure hybrid Exchange.A new way to migrate mailboxes in a hybrid Exchange configuration is to use the Microsoft 365 data migration service. The data migration service can migrate Exchange, SharePoint and OneDrive. Therefore, we need to start a data migration and click Exchange as the service to be migrated.Reference: [Reference:, https://docs.microsoft.com/en-us/fasttrack/O365-data-migration, , https://docs.microsoft.com/en-us/exchange/hybrid-deployment/move-mailboxes, ]
Microsoft MS-100 Sample Question 13
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory forest. You deploy Microsoft 365. You plan to implement directory synchronization. You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements: * Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. * User passwords must be 10 characters or more. Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory. Does this meet the goal?
Options:
Answer: B Explanation: Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization, , ]
Microsoft MS-100 Sample Question 14
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy several Microsoft Office 365 services. You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements: * Users must be able to authenticate during business hours only. * Authentication requests must be processed successfully if a single server fails. * When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. * Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. Solution: You design an authentication strategy that uses password hash synchronization and seamless SSO. The solution contains two servers that have an Authentication Agent installed. Does this meet the goal?
Options:
Answer: B Explanation: Reference: [Reference:, https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn, , ]
Microsoft MS-100 Sample Question 15
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy several Microsoft Office 365 services. You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements: * Users must be able to authenticate during business hours only. * Authentication requests must be processed successfully if a single server fails. * When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. * Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. Solution: You design an authentication strategy that contains a pass-through authentication model. The solution contains two servers that have an Authentication Agent installed and password hash synchronization configured. Does this meet the goal?
Options:
Answer: B Explanation: Explanation: This solution meets the following goals:Users must be able to authenticate during business hours only.Authentication requests must be processed successfully if a single server fails.When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.However, the following goal is not met:Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.You would need to configure Single-sign on (SSO) to meet the last requirement.Reference: [Reference:, https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn, , , ]
Microsoft MS-100 Sample Question 16
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company plans to deploy several Microsoft Office 365 services. You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements: * Users must be able to authenticate during business hours only. * Authentication requests must be processed successfully if a single server fails. * When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. * Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. Solution: You design an authentication strategy that contains a pass-through authentication model. You install an Authentication Agent on three servers and configure seamless SSO. Does this meet the goal?
Options:
Answer: A Explanation: Explanation: This solution meets all the requirements:Users must be able to authenticate during business hours only. (This can be configured by using Logon Hours in Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)Authentication requests must be processed successfully if a single server fails. (We have Authentication Agents running on three servers)When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. (This can be configured in Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. (This goal is met by seamless SSO)Reference: [Reference:, https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn, ]
Microsoft MS-100 Sample Question 17
You need to meet the application requirement for App1. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Options:
Answer: A, B, C Explanation: Explanation: An on-premises web application named App1 must allow users to complete their expense reports online.Application Proxy is a feature of Azure AD that enables users to access on-premises web applications from a remote client. Application Proxy includes both the Application Proxy service which runs in the cloud, and the Application Proxy connector which runs on an on-premises server. Azure AD, the Application Proxy service, and the Application Proxy connector work together to securely pass the user sign-on token from Azure AD to the web application.In this question, we need to add an enterprise application in Azure and configure a Microsoft AAD Application Proxy connector to connect to the on-premises web application (App1).Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy#how-application-proxy-works, , ]
Microsoft MS-100 Sample Question 18
Which role should you assign to User1?
Options:
Answer: C Explanation: Explanation: A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.Users with the Security Reader role have global read-only access on security-related features, including all information in Microsoft 365 security center, Azure Active Directory, Identity Protection, Privileged Identity Management, as well as the ability to read Azure Active Directory sign-in reports and audit logs, and in Office 365 Security & Compliance Center.Reference: [Reference:, https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles, ]
Microsoft MS-100 Sample Question 19
You need to recommend which DNS record must be created before adding a domain name for the project. You need to recommend which DNS record must be created before you begin the project. Which DNS record should you recommend?
Options:
Answer: D Explanation: Explanation: When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.Reference: [Reference:, https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-worldwide, , ]