MS-102 Free Practice Test

- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain. You deploy an Azure AD tenant.
Another administrator configures the domain to synchronize to Azure AD.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All the other user accounts synchronized successfully.
You review Azure AD Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Azure AD. Solution: From Azure AD Connect, you modify the Azure AD credentials. Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: B
The question states that “all the user account synchronizations completed successfully”. Therefore, the Azure AD credentials are configured correctly in Azure AD Connect. It is likely that the 10 user accounts are being excluded from the synchronization cycle by a filtering rule.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering

- (Exam Topic 5)
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.

You perform the following actions:
Provision the private store in Microsoft Store for Business.
Add an app named App1 to the private store.
Set Private store availability for App1 to Specific groups, and then select Group3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Solution:
Text Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-store/app-inventory-management-microsoft-store-for-business#priva

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 5)
You have a Microsoft 365 E5 subscription.
All users have Mac computers. All the computers are enrolled in Microsoft Endpoint Manager and onboarded
to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You need to configure Microsoft Defender ATP on the computers.
What should you create from the Endpoint Management admin center?

1. A. a device configuration profile
2. B. an update policy for iOS
3. C. a Microsoft Defender ATP baseline profile
4. D. a mobile device management (MDM) security baseline profile

Correct Answer: A
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure

- (Exam Topic 5)
From the Security & Compliance admin center, you create a content export as shown in the exhibit. (Click the Exhibit tab.)

What will be excluded from the export?

1. A. a 10-MB XLSX file
2. B. a 5-MB MP3 file
3. C. a 5-KB RTF file
4. D. an 80-MB PPTX file

Correct Answer: B
Unrecognized file formats are excluded from the search.
Certain types of files, such as Bitmap or MP3 files, don't contain content that can be indexed. As a result, the search indexing servers in Exchange and SharePoint don't perform full-text indexing on these types of files. These types of files are considered to be unsupported file types.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/partially-indexed-items-in-content-search?view=o3 https://docs.microsoft.com/en-us/office365/securitycompliance/export-a-content-search-report

- (Exam Topic 5)
You have a Microsoft 365 subscription that contains a user named User1. User1 requires admin access to perform the following tasks:
Manage Microsoft Exchange Online settings.
Create Microsoft 365 groups.
You need to ensure that User1 only has admin access for eight hours and requires approval before the role assignment takes place.
What should you use?

1. A. zure AD Identity Protection
2. B. Microsoft Entra Verified ID
3. C. Conditional Access
4. D. Azure AD Privileged Identity Management (PJM)

Correct Answer: D
Privileged Identity Management provides time-based and approval-based role activation to mitigate the risks of excessive, unnecessary, or misused access permissions on resources that you care about. Here are some of the key features of Privileged Identity Management:
Provide just-in-time privileged access to Azure AD and Azure resources Assign time-bound access to resources using start and end dates Require approval to activate privileged roles
Enforce multi-factor authentication to activate any role Use justification to understand why users activate
Get notifications when privileged roles are activated Conduct access reviews to ensure users still need roles Download audit history for internal or external audit
Prevents removal of the last active Global Administrator and Privileged Role Administrator role assignments. Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure