Managing Office 365 Identities and Requirements
Question No: 51 DRAG DROP – (Topic 2)
You have an Office 365 tenant that has an Enterprise E3 subscription.
You enable Azure Rights Management for users in the tenant. You need to define the methods that you can implement to encrypt and decrypt email message.
What should you do? To answer, drag the appropriate method to the correct action. Each method may be used once, more than once or not at all. You may need to drag the split bar between panes or scroll to view content.)
Send Encrypted email: Transport Rule https://technet.microsoft.com/en- us/library/dn569289.aspx
Receive encrypted email : Organization account https://technet.microsoft.com/en- us/library/dn569287.aspx
View encrypted email: organization account https://technet.microsoft.com/en- us/library/dn569287.aspx
Question No: 52 – (Topic 2)
You are implementing a hybrid deployment of Office 365.
You discover that users who have migrated to Office 365 cannot view the free/busy information of users who are hosted on the Microsoft Exchange Server on-premises environment.
The Exchange on-premises users can view the free/busy information of all users.
You need to ensure that the users who have Office 365 mailboxes can view the free/busy information of users who have Exchange on premises mailboxes.
Which node should you modify from the Exchange Management Console?
Microsoft Exchange On-Premises – Organization Configuration
Microsoft Exchange On-Premises – Server Configuration
Microsoft Exchange On-Premises – Recipient Configuration
Office 365 – Organization Configuration
Office 365 – Recipient Configuration
Answer: A Explanation:
Question No: 53 – (Topic 2)
You are the Microsoft Lync administrator for a company that uses Lync Online.
The company has mandated that employees may use Lync Online to communicate with contacts from approved external domains.
You need to configure Lync Online to allow Lync federation with only three specific domains.
You must achieve this goal by using the least amount of administrative effort.
Which two actions should you perform? Each correct answer presents part of the solution.
In the Lync admin center, set the External Access option to On except for blocked domains.
In the Office 365 admin center, add the three domains to the domain list and set the domain intent for each domain to Lync Online.
In the Lync admin center, set the External Access option to Off completely.
In the Lync admin center, set the External Access option to On only for allowed domains.
In the Lync admin center, configure the Presence Privacy Mode option to display presence information only to the users#39; contacts.
In the Lync admin center, add the three domains to the Blocked Or Allowed Domains list.
Answer: D,F Explanation:
Question No: 54 – (Topic 2)
A company has an Office 365 tenant that has an Enterprise E1 subscription. You configure the policies required for self-service password reset.
You need to ensure that all existing users can perform self-service password resets. Which Windows PowerShell cmdlet should you run?
Answer: C Explanation:
Self-service password reset with on-premises write-back is a Premium-only feature. Example:
The following command adds the Office 365 for enterprises license to the user.
Set-MsolUserLicense -UserPrincipalName email@example.com -AddLicenses quot;Contoso:ENTERPRISEPACKquot;
Note: The Set-MsolUserLicense cmdlet can be used to adjust the licenses for a user. This can include adding a new license, removing a license, updating the license options, or any combination of these actions.
Reference: Set-MsolUserLicense https://msdn.microsoft.com/en-us/library/azure/dn194094.aspx
Question No: 55 – (Topic 2)
The current SPF record for your organization’s custom DNS zone is configured as quot;v=spf1 mx include:tailspintoys.com ~all.quot;
What should be the value of the SPF record if you want to have some pilot users use Office 365 as the mailbox for email sent to their @tailspintoys.com email address?
quot;v=spf1 txt include:tailspintoys.com include:spf.protection.outlook.com ~allquot;
quot;v=spf1 txt include:tailspintoys.com include:spf.protection.tailspintoys.com ~allquot;
quot;v=spf1 mx include:tailspintoys.com include:spf.protection.tailspintoys.com ~allquot;
quot;v=spf1 mx include:tailspintoys.com include:spf.protection.outlook.com ~allquot;
Answer: D Explanation:
References: https://support.office.com/en-us/article/Pilot-Office-365-with-a-few-email- addresses-on-your-custom-domain-39cee536-6a03-40cf-b9c1-f301bb6001d7
Question No: 56 – (Topic 2)
You are the Office 365 administrator for your company. The company uses Active Directory Federation Services (AD FS) to provide single sign-on to cloud-based services. You enable multi-factor authentication.
Users must NOT be required to use multi-factor authentication when they sign in from the company#39;s main office location. However, users must be required to verify their identity with a password and token when they access resources from remote locations.
You need to configure the environment. What should you do?
Disable AD FS multi-factor authentication.
Configure an IP blacklist for the main office location.
Disable the AD FS proxy.
Configure an IP whitelist for the main office location.
Question No: 57 DRAG DROP – (Topic 2)
A company plans to use Office 365 to provide email services to employees. The company obtains a custom domain name to use with Office 365.
You need to add the domain name to Office 365.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Question No: 58 HOTSPOT – (Topic 2)
An organization has over 10,000 users and uses a SQL-based Active Directory Federation Services (AD FS) server farm.
You need to change the AD FS 2.0 service account password.
What should you do? Select the correct answer from each list in the answer area.
Question No: 59 – (Topic 2)
An organization plans to migrate to Office 365. You use the Windows Azure Active Directory (AD) Sync tool.
Several users will not migrate to Office 365. You must exclude these users from synchronization. All users must continue to authenticate against the on-premises Active Directory.
You need to synchronize the remaining users.
Which three actions should you perform to ensure users excluded from migration are not synchronized? Each correct answer presents part of the solution.
Populate an attribute for each user account.
Disable the user accounts in Active Directory.
Perform a full synchronization.
Configure the connection filter.
Run the Windows PowerShell command Set-MsolDirSyncEnabled -EnableDirSync
Question No: 60 – (Topic 2)
You create an Office 365 tenant. You assign administrative roles to other users. You hire a new user named User2.
User2 must NOT be able to change passwords for other users. You need to assign an administrative role to User2.
Which role should you assign?
https://support.office.com/en-US/Article/Assigning-admin-roles-eac4d046-1afd-4f1a-85fc- 8219c79e1504?ui=en-USamp;rs=en-USamp;ad=US# choose_an_admin
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|