ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 237 discussion

Actual exam question from Microsoft's MS-102
Question #: 237
Topic #: 1
[All MS-102 Questions]

HOTSPOT
-


Overview
-

Litware, Inc. is a consulting company that has a main office in Montreal and a branch office in Seattle.

Litware collaborates with a third-party company named A. Datum Corporation.


Environment
-


On-Premises Environment
-

The network of Litware contains an Active Directory domain named litware.com. The domain contains three organizational units (OUs) named LitwareAdmins, Montreal Users, and Seattle Users and the users shown in the following table.



The domain contains 2,000 Windows 10 Pro devices and 100 servers that run Windows Server 2019.


Cloud Environment
-

Litware has a pilot Microsoft 365 subscription that includes Microsoft Office 365 Enterprise E3 licenses and Azure AD Premium P2 licenses.

The subscription contains a verified DNS domain named litware.com.

Azure AD Connect is installed and has the following configurations:

• Password hash synchronization is enabled.
• Synchronization is enabled for the LitwareAdmins OU only.

Users are assigned the roles shown in the following table.



Self-service password reset (SSPR) is enabled.

The Azure AD tenant has Security defaults enabled.


Problem Statements
-

Litware identifies the following issues:

• Admin1 cannot create conditional access policies.
• Admin4 receives an error when attempting to use SSPR.
• Users access new Office 365 service and feature updates before the updates are reviewed by Admin2.


Requirements
-


Planned Changes
-

Litware plans to implement the following changes:

• Implement Microsoft Intune.
• Implement Microsoft Teams.
• Implement Microsoft Defender for Office 365.
• Ensure that users can install Office 365 apps on their device.
• Convert all the Windows 10 Pro devices to Windows 10 Enterprise ES.
• Configure Azure AD Connect to sync the Montreal Users OU and the Seattle Users OU.


Technical Requirements
-

Litware identifies the following technical requirements:

• Administrators must be able to specify which version of an Office 365 desktop app will be available to users and to roll back to previous versions.
• Only Admin2 must have access to new Office 365 service and feature updates before they are released to the company.
• Litware users must be able to invite A. Datum users to participate in the following activities:
• Join Microsoft Teams channels.
• Join Microsoft Teams chats.
• Access shared files.
• Just in time access to critical administrative roles must be required.
• Microsoft 365 incidents and advisories must be reviewed monthly.
• Office 365 service status notifications must be sent to Admin2.
• The principle of least privilege must be used.


You are evaluating the use of multi-factor authentication (MFA).

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by Paul_white at Oct. 6, 2023, 9:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Paul_white
Highly Voted 1 year, 6 months ago
Just noticed that Tenant has Security defaults enabled! Security defaults: Requiring all users and admins to register for MFA using the Microsoft Authenticator app. Challenging users with MFA, mostly when they show up on a new device or app, but more often for critical roles and tasks. https://learn.microsoft.com/en-us/microsoft-365/business-premium/m365bp-conditional-access?view=o365-worldwide#security-defaults Require all users to register for Azure AD Multi-Factor Authentication All users in your tenant must register for multifactor authentication (MFA) in the form of the Azure AD Multi-Factor Authentication. Users have 14 days to register for Azure AD Multi-Factor Authentication by using the Microsoft Authenticator app. https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults Answer: YES, YES, NO
upvoted 37 times
justITtopics
2 months, 2 weeks ago
After July 29, 2024, new tenants and existing tenants had the 14-day grace period for users to register for MFA removed. https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults#require-all-users-to-register-for-microsoft-entra-multifactor-authentication
upvoted 2 times
...
Krayzr
3 months, 1 week ago
Y N N **Security defaults** Security defaults were designed to help protect your company's user accounts from the start. When turned on, security defaults provide secure default settings that help keep your company safe by: * Requiring all users and admins to register for MFA using the Microsoft Authenticator app or any third-party application using OATH TOTP. * Challenging users with MFA, mostly when they show up on a new device or app, but more often for critical roles and tasks. * Disabling authentication from legacy authentication clients that can't do MFA. * Protecting admins by requiring extra authentication every time they sign in. https://learn.microsoft.com/en-us/microsoft-365/business-premium/m365bp-turn-on-mfa?view=o365-worldwide&tabs=secdefaults#security-defaults-1
upvoted 4 times
...
60ed5c2
1 year, 5 months ago
It doesn't have to be MS Auth - "or any app supporting OATH TOTP" https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults Yes, No, No is correct
upvoted 14 times
BigO76
3 months, 3 weeks ago
i believe the answers are correct YES-NO-NO because, YES - The 14-day grace period is enforced by Security Defaults. NO - Other methods, such as SMS and phone calls, can also be used for MFA. NO - MFA is required only when conditions such as risky sign-ins or access from untrusted devices/locations occur.
upvoted 1 times
BigO76
3 months, 1 week ago
sorry i stand corrected i see it was changed in October 2024 ! ugh.. so it is Y-Y-N
upvoted 3 times
...
...
...
sergioandreslq
1 year, 5 months ago
Thanks, I didn't remember that sentence which force MS Authenticator. I was thinking on the authentication methods where we can choose different options but security default change the answer for item 2. Thanks,
upvoted 1 times
...
...
Tr619899
Most Recent 6 months, 3 weeks ago
1. Users will have 14 days to register for MFA after they sign in for the first time: YES. Users are typically given a grace period to register for MFA. 2. Users must use the MS Auth App to complete MFA: NO. While the Microsoft Authenticator app is one option, users can use various methods for MFA, including SMS, phone calls, and others. 3. After registering, users must use MFA for every sign-in: NO. Depending on the configuration, users may be able to bypass MFA on trusted devices or networks.
upvoted 2 times
...
APK1
8 months, 2 weeks ago
YNN my selection too
upvoted 2 times
...
de0e20a
11 months, 3 weeks ago
So the issue is that you can click on a link when your setting up the Microsoft authenticator in the web portal "use other authentication device" and it will generate a code for use in other authenticators, this means that you do not require Microsoft's specific authenticator to enforce mfa.
upvoted 1 times
...
Festus365
1 year, 4 months ago
Multi factor authentication every sign in requirement ===>> After registering for Multi-Factor Authentication (MFA), a user will not necessarily need to use MFA for every sign-in. Generally, MFA is required the first time a user signs into a new app or device, or after they’ve changed their password Microsoft authenticator app requirement for MFA ===>> No, a user is not required to use the Microsoft Authenticator app to complete Multi-Factor Authentication (MFA). While the Microsoft Authenticator app is a commonly used option, users can choose different methods for verification. These methods may include text messages, phone calls, or other authenticator apps.(Answers: Y/N/N)
upvoted 2 times
...
Paul_white
1 year, 6 months ago
YES, NO, NO https://www.examtopics.com/discussions/microsoft/view/83963-exam-ms-100-topic-16-question-1-discussion/
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago