- (Exam Topic 2)
You need to implement the planned changes and technical requirements for the marketing department. What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Solution:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 4)
You have a Microsoft 365 tenant.
You have an Active Directory domain that syncs to the Azure Active Directory {Azure AD) tenant. Users connect to the internet by using a hardware firewall at your company. The users authenticate to the
firewall by using their Active Directory credentials.
You plan to manage access to external applications by using Azure AD.
You need to use the firewall logs to create a list of unmanaged external applications and the users who access them.
What should you use to gather the information?

1. A. Cloud App Discovery in Microsoft Defender for Cloud Apps
2. B. enterprise applications in Azure AD
3. C. access reviews in Azure AD
4. D. Application Insights in Azure Monitor

Correct Answer: A

- (Exam Topic 4)
You create a conditional access policy that blocks access when a user triggers a high-seventy sign-in alert. You need to test the policy under the following conditions;
• A user signs in from another country.
• A user triggers a sign-in risk.
What should you use to complete the test?

1. A. the Conditional Access What If tool
2. B. sign-ins logs in Azure AD
3. C. access reviews in Azure AD
4. D. the activity logs in Microsoft Defender for Cloud Apps

Correct Answer: A

- (Exam Topic 4)
Your company has a Microsoft 365 tenant.
The company has a call center that contains 300 users. In the call center, the users share desktop computers and might use a different computer every day. The call center computers are NOT configured for biometric identification.
The users are prohibited from having a mobile phone in the call center.
You need to require multi-factor authentication (MFA) for the call center users when they access Microsoft 365 services.
What should you include in the solution?

1. A. a named network location
2. B. the Microsoft Authenticator app
3. C. Windows Hello for Business authentication
4. D. FIDO2 tokens

Correct Answer: D
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless

- (Exam Topic 4)
Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using Azure AD Connect.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A