Free Microsoft MS-102 Practice Test & Real Exam Questions
Your company has a Microsoft 365 subscription.
You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license.
What should you use?
You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license.
What should you use?
Correct Answer: D
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Microsoft Entra ID (Microsoft Entra ID).
You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).
You configure a pilot for co-management.
You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.
You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.
Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Microsoft Entra ID (Microsoft Entra ID).
You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).
You configure a pilot for co-management.
You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.
You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.
Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection.
Does this meet the goal?
Correct Answer: B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
You have a Microsoft 365 tenant that contains 100 Windows 10 devices. The devices are managed by using Microsoft Endpoint Manager.
You plan to create two attack surface reduction (ASR) policies named ASR1 and ASR2. ASR1 will be used to configure Microsoft Defender Application Guard. ASR2 will be used to configure Microsoft Defender SmartScreen.
Which ASR profile type should you use for each policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to create two attack surface reduction (ASR) policies named ASR1 and ASR2. ASR1 will be used to configure Microsoft Defender Application Guard. ASR2 will be used to configure Microsoft Defender SmartScreen.
Which ASR profile type should you use for each policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-asr-policy
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain.
You deploy an Microsoft Entra tenant.
Another administrator configures the domain to synchronize to Microsoft Entra ID.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Microsoft Entra ID. All the other user accounts synchronized successfully.
You review Microsoft Entra Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Microsoft Entra ID.
Solution: You run idfix.exe and export the 10 user accounts.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain.
You deploy an Microsoft Entra tenant.
Another administrator configures the domain to synchronize to Microsoft Entra ID.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Microsoft Entra ID. All the other user accounts synchronized successfully.
You review Microsoft Entra Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Microsoft Entra ID.
Solution: You run idfix.exe and export the 10 user accounts.
Does this meet the goal?
Correct Answer: A
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
HOTSPOT
You have an Microsoft Entra tenant that contains the administrative units shown in the following table.
You have the following users:
A user named User1 that is assigned the Password Administrator for AU1 and AU2.
A user named User2 that is assigned the User Administrator for AU1.
A user named User3 that is assigned the User Administrator for the tenant.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Microsoft Entra tenant that contains the administrative units shown in the following table.
You have the following users:
A user named User1 that is assigned the Password Administrator for AU1 and AU2.
A user named User2 that is assigned the User Administrator for AU1.
A user named User3 that is assigned the User Administrator for the tenant.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Box 1: No
User1 is assigned the Password Administrator for AU1 and AU2.
User3 is in AU2. User3 is User Adminstrator.
Password administrators cannot reset User Administrators passwords.
Note: Password Administrator
Users with this role have limited ability to manage passwords. This role does not grant the ability to manage service requests or monitor service health. Whether a Password Administrator can reset a user ' s password depends on the role the user is assigned.
Box 2: Yes
Box 3: No
User1 is assigned the Password Administrator for AU1 and AU2.
User2 is in AU1. User2 is User Adminstrator.
Password administrators cannot reset User Administrators passwords.
Note: User Administrator
Can manage all aspects of users and groups, including resetting passwords for limited admins.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#who-can-reset-passwords
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
You have a Microsoft 365 E5 subscription.
You need to use Microsoft Defender for Cloud Apps to monitor user mailbox activities. What should you do?
You need to use Microsoft Defender for Cloud Apps to monitor user mailbox activities. What should you do?
Correct Answer: B
Vote an answer
You need to configure Microsoft Entra Connect Sync to support the planned changes for the Montreal Users and Seattle Users OUs.
What should you do?
What should you do?
Correct Answer: A
Vote an answer
You have a Microsoft 365 tenant that contains devices enrolled in Microsoft Intune. The devices are configured as shown in the following table.
You plan to perform the following device management tasks in Microsoft Endpoint Manager:
Deploy a VPN connection by using a VPN device configuration profile.
Configure security settings by using an Endpoint Protection device configuration profile.
You support the management tasks.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to perform the following device management tasks in Microsoft Endpoint Manager:
Deploy a VPN connection by using a VPN device configuration profile.
Configure security settings by using an Endpoint Protection device configuration profile.
You support the management tasks.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/vpn-settings-configure
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-macos
You have a Microsoft 365 E5 subscription that contains two users named [email protected] and [email protected] and a Microsoft SharePoint site named Site1.
You create a data loss prevention {DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.
DLP1 is applied to Site1.
You have the files shown in the following table.
You copy the files to Site1.
low many notifications will each user receive? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You create a data loss prevention {DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.
DLP1 is applied to Site1.
You have the files shown in the following table.
You copy the files to Site1.
low many notifications will each user receive? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
[email protected]: 2 notifications
[email protected]: 1 notification
[email protected]: 2 notifications
File3.pptx contains 4 IP addresses, which matches Rule1 (4 or more IP addresses), triggering a notification to User1.
File4.txt contains 6 IP addresses, which also matches Rule1, triggering another notification to User1.
Therefore, User1 receives 2 notifications.
[email protected]: 1 notification
File2.doc contains 3 IP addresses, which matches Rule3 (3 or more IP addresses), triggering a notification to User2. Therefore, User2 receives 1 notification.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Endpoint Management admin center, you create a device configuration profile.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Endpoint Management admin center, you create a device configuration profile.
Does this meet the goal?
Correct Answer: A
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
You have a Microsoft 365 E5 subscription that contains a user named Admin1.
Your company deploys a new branch office named Branch!
You need to provide Admin1 with the ability to manage Branch1. The solution must meet the following requirements:
* Admin1 must only be able to manage users that have Office location set to Branch1.
* Admin1 must be able to reset passwords, manage user licenses, and modify user attributes only for the users in Branch1.
What should you use to organize the Branch1 users, and which role should you assign to Admin1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your company deploys a new branch office named Branch!
You need to provide Admin1 with the ability to manage Branch1. The solution must meet the following requirements:
* Admin1 must only be able to manage users that have Office location set to Branch1.
* Admin1 must be able to reset passwords, manage user licenses, and modify user attributes only for the users in Branch1.
What should you use to organize the Branch1 users, and which role should you assign to Admin1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation:
