MS-100

1. You modify the migration endpoint settings.

2. You recommend the use of federation with Active Directory Federation Services (AD
FS) as the authentication strategy.
3. You configure the use of pass-through authentication only.
4. You configure the use of pass-through authentication and seamless SSO.
5. You start by creating a label and label policy via the Security & Compliance admin
center.
6. You use Message center in the Microsoft 365 admin center.
7. Define a Configuration Manager device collection as the pilot collection. Add Device1
to the collection.
8. From the Azure Active Directory admin center, you add fabrikam.com as a custom
domain. You instruct User2 to sign in as user2@fabrikam.com.
9. From the on-premises Active Directory domain, you set the UPN suffix for User2 to
@contoso.com. You instruct User2 to sign in as user2@contoso.com.
10. From Azure AD Connect, you modify the filtering settings.
11. You launch the Azure portal, and then review the Licenses blade.
12. From the Azure AD Connect server in contoso.com, you return the setup wizard and
include the west.contoso.com domain.
13. You design an authentication strategy that contains a pass-through authentication
model. You install an Authentication Agent on three servers and configure seamless
SSO.
14. Implement password hash synchronization and modify the password settings from
the Default Domain Policy in Active Directory.
15. From the Security & Compliance admin center, you create a threat management
policy.
16. From the Azure Active Directory admin center, you create a trusted location and a
conditional access policy.
17. In each branch office, you add a direct connection to the Internet.
18. From the Office 365 admin center, you assign User2 the Security Reader role. From
the Exchange admin center, you assign User2 the Compliance Management role.

Lab question: 98, 99, 102, 119, 181, 182, 183, 184, 185, 186,

187, 188, 189, 195, 196, 198, 199, 200, 250, 251,

252, 253, 254, 255, 256, 257, 258, 259, 271, 272,

273, 324, 325, 359,

Page 1 of 2
Sensitivity: Confidential
  Stoppe varsel om credit card number: Compliance, DLP, Policies, Default, Edit,
User notification -off.
 Stop brukere å sende mail ut av office: Excange, Mailflow, Remote domains,
Default, Edit reply types -None.
 Mail PST file: Exchange, Roles, Admin roles, Add a role
group, add Mailbox Import Export and Mail Recipients.
 Feil bruker tilgang mailbox, Lee må få varsel: Security, Policies & Rules, Alert Policy,
add Alert policy -Granted mailbox permission.
 Supervision: Complience, Communication complience,
+create, custum policy.
 Projector: Exchange, Reciptions, Recources, Add a
equipment mailbox. Manage delegate -Full.

Your network contains a single Active Directory domain and two Microsoft Azure Active
Directory (Azure AD) tenants.
You plan to implement directory synchronization for both Azure AD tenants. Each tenant will
contain some of the Active Directory users.
You need to recommend a solution for the planned directory synchronization.

1. A. Deploy two servers that run Azure AD Connect, and then filter the users for each
tenant by using attribute-based filtering.

2. A. Deploy two servers that run Azure AD Connect, and then filter the users for each
tenant by using organizational unit (OU)-based filtering.

Page 2 of 2
Sensitivity: Confidential