- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your company has 3,000 users. All the users are assigned Microsoft 365 E3 licenses.
Some users are assigned licenses for all Microsoft 365 services. Other users are assigned licenses for only certain Microsoft 365 services.
You need to determine whether a user named User1 is licensed for Exchange Online only. Solution: You run the Get-MsolUser cmdlet.
Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: B
The Get-MsolUser cmdlet will tell you if a user is licensed for Microsoft 365 but it does not tell you which licenses are assigned.
Reference:
https://docs.microsoft.com/en-us/powershell/module/msonline/get-msoluser?view=azureadps-1.0

- (Exam Topic 5)
You have a Microsoft 365 subscription.
You need to be notified to your personal email address when a Microsoft Exchange Online service issue occurs.
What should you do?

1. A. From the Microsoft Outlook client configure an Inbox rule.
2. B. From the Exchange admin center create a contact.
3. C. From the Microsoft 365 admin center, customize the Service health settings.
4. D. From the Microsoft 365 admin center, update the technical contact details

Correct Answer: A

- (Exam Topic 5)
You have a backend service that will access the Microsoft Graph API. The backend service is hosted
on-premises. You need to configure the service to authenticate by using the most secure authentication method. What should you configure the service to use?

1. A. a client secret
2. B. a certificate
3. C. a hash
4. D. a shared key

Correct Answer: B

- (Exam Topic 5)
Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
Contoso.com
East.contoso.com
The forest contains the users shown in the following table.

The forest syncs to an Azure Active Directory (Azure AD) tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
Box 1: Yes
The UPN of user1 is user1@contoso.com so he can authenticate to Azure AD by using the username user1@contoso.com.
Box 2: No
The UPN of user2 is user2@east.contoso.com so he cannot authenticate to Azure AD by using the username user2@contoso.com.
Box 3: No
The UPN of user3 is user3@fabrikam.com so he cannot authenticate to Azure AD by using the username user3@contoso.com.

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 5)
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains a user named User1.
You suspect that an imposter is signing in to Azure AD by using the credentials of User1.
You need to ensure that an administrator named Admin1 can view all the sign in details of User 1 from the past 24 hours.
To which three roles should you add Admin1? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

1. A. Security administrator
2. B. Password administrator
3. C. User administrator
4. D. Compliance administrator
5. E. Reports reader
6. F. Security Reader

Correct Answer: AEF
Users in the Security Administrator, Security Reader, Global Reader, and Report Reader roles can view the sign in details.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins