- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.
You need to be notified if the SharePoint policy is modified in the future. Solution: From the SharePoint admin center, you modify the sharing settings. Does this meet the goal?
Correct Answer:
B
You need to create a threat management policy in the Security & Compliance admin center.
- (Exam Topic 5)
When creating an sppkg package for deploying a web part you use the gulp command.
Instructions: Review the underlined text. If it makes the statement correct select "No change is needed/ If the statement is incorrect select the answer choice that makes the statement correct.
Correct Answer:
C
- (Exam Topic 5)
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab. Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: admin@LODSe426243.onmicrosoft.com Microsoft 365 Password: 3&YWyjse-6-d
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 10887751
You plan to allow the users in your organization to invite external users as guest users to your Microsoft 365 tenant.
You need to prevent the organization’s users from inviting guests who have an email address that uses a suffix of @gmail.com.
Solution:
You need to add gmail.com as a denied domain in the ‘External collaboration settings’.
* 1. Go to the Azure Active Directory admin center.
* 2. Select Users then select ‘User settings’.
* 3. Under External Users, select the ‘Manage external collaboration settings’.
* 4. Under ‘Collaboration restrictions’, select the ‘Deny invitations to the specified domains’ option.
* 5. Under, Target Domains, type in the domain name ‘gmail.com’
* 6. Click the Save button at the top of the screen to save your changes. References:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/allow-deny-list
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.
You have an on-premises web app named AppA. Group1 has permissions to access AppA. You configure an Azure Active Directory (Azure AD) Application Proxy.
You add an Application Proxy entry for AppA as shown the exhibit. (Click the Exhibit tab.)
You assign the AppA enterprise application in Azure to Group2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Solution:
Box 1: No
User1 is in Group2. The enterprise app is assigned to Group2. However, the authentication method is “Passthrough” so the authentication will be passed to the on-premises web app. Only Group1 has access to the web app. Therefore, User1 will not be able to access the web app.
Box 2: Yes.
User2 is in Group1 and Group2. The enterprise app is assigned to Group2. The authentication method is “Passthrough” so the authentication will be passed to the on-premises web app. Group1 has access to the web app. Therefore, User2 will be able to access the web app in MyApps.
Box 3: No
User3 is in Group1. Group1 has access to the web app so User3 could access the app on-premises. However, the enterprise app is assigned to Group2 which User3 is not a member of. Therefore, User3 will not be able to access the external URL of the web app.
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have a Microsoft 365 Enterprise E5 subscription.
You add a cloud-based app named App1 to the Microsoft Azure Active Directory (Azure AD) enterprise applications list.
You need to ensure that two-step verification is enforced for all user accounts the next time they connect to App1.
Which three settings should you configure from the policy? To answer, select the appropriate settings in the answer area.
Solution:
In the Cloud Apps section, you need to select the name of the app (App1) that the policy will apply to.
In the Grant section under Access Controls, there is a checkbox named “Require Multi-factor Authentication”. That checkbox needs to be ticked.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Conditional-Access-now-in-the-new-Azu
Does this meet the goal?
Correct Answer:
A
