2022年最新のGoShiken Microsoft MS-100問題集と試験テストエンジン
Microsoft MS-100問題集にはリアル試験問題解答
質問 179
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
* User passwords must be 10 characters or more.
Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.
Does this meet the goal?
- A. Yes
- B. No
正解: A
質問 180
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
A user named User1 has files on a Windows 10 device as shown in the following table.
In Azure Information Protection, you create a label named Label1 that is configured to apply automatically.
Label1 is configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
The phrase to match is "im" and it is case sensitive. The phrase must also appear at least twice.
Box 1: No
File1.docx contain the word "import" once only
Box 2: Yes
File2.docx contains two occurrences of the word "import" as well as the word "imported" Box 3: No File3.docx contains "IM" but his is not the correct letter case.
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification
質問 181
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain.
You deploy a Microsoft Azure Active Directory (Azure AD) tenant.
Another administrator configures the domain to synchronize to Azure AD.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All the other user accounts synchronized successfully.
You review Azure AD Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Azure AD.
Solution: From Azure AD Connect, you modify the filtering settings.
Does this meet the goal?
- A. Yes
- B. No
正解: A
質問 182
You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company.
You prepare the following XML file for the planned deployment.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updates-element
https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus
質問 183
You are configuring an enterprise application named TestApp in Microsoft Azure as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
References:
https://docs.microsoft.com/HYPERLINK "https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-configure-hard-coded-link-translation"en-us/azure/active-directory/manage-apps/application-proxy-configure-hard-coded-link-translation
質問 184
Your network contains an Active Directory forest named contoso.local.
You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you verify the contoso.com domain name.
You need to prepare the environment for the planned directory synchronization solution.
What should you do first?
- A. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix.
- B. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.
- C. From the Microsoft 365 admin center, verify the contoso.local domain name.
- D. From Active Directory Users and Computers, modify the UPN suffix for all users.
正解: A
解説:
Explanation/Reference:
Explanation:
The on-premise Active Directory domain is named contoso.local. Therefore, all the domain users accounts will have a UPN suffix of contoso.local by default.
To enable directory synchronization that will use password hash synchronization, you need to configure the domain user accounts to have the same UPN suffix as the verified domain (contoso.com in this case). Before you can change the UPN suffix of the domain user accounts to contoso.com, you need to add contoso.com as a UPN suffix in the domain.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-userprincipalname
質問 185
Your company uses on-premises Windows Server File Classification Infrastructure 9FCI). Some documents on the on-premises file servers are classifies as Confidential.
You migrate the files from the on-premises file servers to Microsoft SharePoint Online.
You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.
What should you do first?
- A. From the SharePoint admin center, configure hybrid search.
- B. From the SharePoint admin center, create a managed property.
- C. From the Security & Compliance Center PowerShell, run the
New-DlpComplianceRule cmdlet. - D. From the Security & Compliance Center PowerShell, run the
New-DataClassification cmdlet.
正解: C
解説:
Explanation
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-dlp/newdataclassification
質問 186
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?
- A. No
- B. Yes
正解: A
解説:
Section: [none]
Explanation:
* User2 must be able to view reports and schedule the email delivery of security and compliance reports.
The Security Reader role can view reports but not schedule the email delivery of security and compliance reports.
The Help Desk role cannot schedule the email delivery of security and compliance reports.
Reference:
https://docs.microsoft.com/en-us/exchange/permissions-exo/permissions-exo
質問 187
You have three devices enrolled in Microsoft Intune as shown in the following table.
The device compliance policies in Intune are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
質問 188
You need to prepare the environment for Project1.
You create the Microsoft 365 tenant.
Which three actions should you perform in sequence next? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
解説:
Explanation
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
All users must be able to exchange email messages successfully during Project1 by using their current email address.
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
This configuration requires a hybrid Exchange configuration during the pilot phase. This means that you will have mailboxes hosted in Exchange Online and mailboxes hosted in Exchange on-premise.
The first steps to configure Exchange hybrid are to Create the Azure AD tenant, add the Fabrikam.com domain as a custom domain, then configure directory synchronization to replicate the on-prem Active Directory user accounts to Azure Active Directory.
Reference:
https://docs.microsoft.com/en-us/exchange/exchange-hybrid
質問 189
Your company has 500 client computers that run Windows 10.
You plan to deploy Microsoft Office 365 ProPlus to all the computers.
You create the following XML file for the planned deployment.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
Box 1:
When the installation is complete, all users will be prompted to install several updates.
In the configuration file, the Updates Enabled element is set to True. This means that Office will check for updates after the installation.
The Channel element set to Broad means that all semi-annual channel updates will be installed.
Box 2:
Office 365 ProPlus will be installed only on the computers that run a 64-bit version of Windows 10.
The OfficeClientEdition element defines whether the 32-bit or 64-bit edition of Office 365 ProPlus is downloaded or installed. In the configuration file, it is set to '64'. The 64-bit version will only install on a 64-bit client computer.
Reference:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool
質問 190
You have a Microsoft 365 subscription that uses a default domain named contoso.com. The domain contains the users shown in the following table.
The domain contains conditional access policies that control access to a cloud app named App1. The policies are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Box 1: Yes.
User1 is in a group named Compliant. All the conditional access policies apply to Group1 so they don't apply to User1.
As there is no conditional access policy blocking access for the group named Compliant, User1 is able to access App1 using any device.
Box 2: Yes.
User2 is in Group1 so Policy1 applies first. Policy1 excludes compliant devices and Device1 is compliant.
Therefore, Policy1 does not apply so we move on to Policy2.
User2 is also in Group2. Policy2 excludes Group2. Therefore, Policy2 does not apply so we move on to Policy3.
Policy3 applies to Group1 so Policy3 applies to User2. Policy3 applies to 'All device states' so Policy3 applies to Device1. Policy3 grants access. Therefore, User2 can access App1 using Device1.
Box 3: No.
User2 is in Group1 so Policy1 applies. Policy1 excludes compliant devices but Devices is non-compliant.
Therefore, User2 cannot access App1 from Device2.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access
質問 191
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.
You need to be notified if the SharePoint policy is modified in the future.
Solution: From the Security & Compliance admin center, you create a threat management policy.
Does this meet the goal?
- A. Yes
- B. No
正解: A
解説:
We can create a threat management policy to alert us when the sharing policy is changed.
Create a new Alert policy > under Category select Threat Management > under 'Activity is' scroll down to the
'Site administration activities' and select 'Changed a sharing policy'.
質問 192
Your network contains an Active Directory domain named fabrikam.com. The domain contains the objects shown in the following table.
The group have the members shown in the following table.
You are configure synchronization between fabrikam.com and a Microsoft Azure Active Director (Azure AD) tenant.
You configure the domain/OU Filtering settings in Azure AD Connect as shown in the Domain>OU Filtering exhibit. (Click the Domain/OU Filtering tab.) You configure the Filtering in Azure Connect as shown in the Filtering exhibit. (Click the Filtering tab.) NOTE: Each correct selection is worth one point.
正解:
解説:
References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering#group-based-filtering
質問 193
Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant.
The on-premises network contains a file server named Server1. Server1 has a share named Share1 that contains company documents.
Your company purchases a Microsoft 365 subscription.
You plan to migrate data from Share1 to Microsoft 365. Only data that was created or modified during the last three months will be migrated.
You need to identify all the files in Share1 that were modified or created during the last 90 days.
What should you use?
- A. Usage reports from the Microsoft 365 admin center
- B. Server Manager
- C. Resource Monitor
- D. Microsoft SharePoint Migration Tool
正解: D
解説:
You can use the Microsoft SharePoint Migration Tool to migrate files from a file server to SharePoint Online.
The Microsoft SharePoint Migration Tool has a number of filters you can use to define which files will be migrated. One filter setting is "Migrate files modified after". This setting will only migrate files modified after the selected date.
The first phase of a migration is to perform a scan of the source files to create a manifest of the files that will be migrated. You can use this manifest to identify all the files in Share1 that were modified or created during the last 90 days.
References:
https://docs.microsoft.com/en-us/sharepointmigration/spmt-settings
質問 194
You create a Microsoft 365 subscription.
You plan to deploy Microsoft Office 365 ProPlus applications to all the client computers at your company.
You prepare the following XML file for the planned deployment.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation:
References:
https://docs.microsoft.com/en-us/deployoffice/configuration-options-for-the-office-2016-deployment-tool#updates-element
https://docs.microsoft.com/en-us/deployoffice/overview-of-update-channels-for-office-365-proplus
質問 195
......
2022年最新のGoShiken MS-100のPDFで最近更新された問題です:https://www.goshiken.com/Microsoft/MS-100-mondaishu.html
MS-100試験には保証が付きます。更新されたのは304問があります:https://drive.google.com/open?id=1e6ft0Dh6HkVFlnhtG9VEQB6jdNk_UxcE