You have a Microsoft 365 tenant.
In Microsoft Entra ID, you configure the terms of use.
You need to ensure that only users who accept the terms of use can access the resources in the tenant Other users must be denied access.
What should you configure?

A. an access policy in Microsoft Defender for Cloud Apps

B. a compliance policy in Microsoft Intune

C. Terms and conditions in Microsoft Intune

D. a conditional access policy in Microsoft Entra ID

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory domain.

The on-premises network contains a VPN server that authenticates to the on-premises Active Directory domain. The VPN server does NOT support Azure Multi-Factor Authentication (MFA).

You need to recommend a solution to provide Azure MFA for VPN connections.

What should you include in the recommendation?

A. Azure AD Application Proxy

B. an Azure AD Password Protection proxy

C. Network Policy Server (NPS)

D. a pass-through authentication proxy

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Active Directory forest that syncs to an Azure Active Directory (Azure AD) tenant.
You discover that when a user account is disabled in Active Directory, the disabled user can still authenticate to Azure AD for up to 30 minutes.
You need to ensure that when a user account is disabled in Active Directory, the user account is immediately prevented from authenticating to Azure AD.
Solution: You configure Azure AD Password Protection.
Does this meet the goal?

A. Yes

B. No

You have an Azure AD tenant that contains the users shown in the following table.

A. Admm1 only

B. Admm1 and Admin2 only

C. Admm1 Admm2 and Admin3 only

D. Admln1, Admin2. and User1 only

E. Admm1 Admm2. Admm3, and User1

You configure a new Microsoft 365 tenant to use a default domain name of contoso.com.
You need to ensure that you can control access to Microsoft 365 resources by using conditional access policies.
What should you do first?

A. Disable the User consent settings

B. Disable Security defaults

C. Configure a multi-factor authentication (MFA) registration policy.

D. Configure password protection for Windows Server Active Directory.

You have an Azure Active Directory (Azure AD) tenant.
You open the risk detections report.
Which risk detection type is classified as a user risk?

A. impossible travel

B. anonymous IP address

C. atypical travel

D. leaked credentials

You have an Azure AD tenant.
You perform the tasks shown in the following table.

You have an Azure Active Directory (Azure AD) tenant that contains Azure AD Privileged Identity Management (PIM) role settings for the User administrator role as shown in the following exhibit.

You have an Azure subscription named Sub1.
You plan to deploy Microsoft Entra Permissions Management.
You need to ensure that Permission Management can onboard Sub1. The solution must follow the principle of least privilege.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure AD Identity Protection policies enforced.
You create an Azure Sentinel instance and configure the Azure Active Directory connector.
You need to ensure that Azure Sentinel can generate incidents based on the risk alerts raised by Azure AD Identity Protection.
What should you do first?

A. Add an Azure Sentinel data connector.

B. Configure the Notify settings in Azure AD Identity Protection

C. Create an Azure Sentinel playbook

D. Modify the Diagnostics settings in Azure AD

You have an Azure AD tenant that contains a user named User1 and a registered app named App1.
User1 deletes the app registration of Appl.
You need to restore the app registration.
What is the maximum number of days you have to restore the app registration from when it was deleted?

A. 14

B. 30

C. 60

D. 180

You have a Microsoft Entra tenant that has a Microsoft Entra ID P1 license.
You need to review the Microsoft Entra ID sign-in logs to investigate sign-ins that occurred in the past.
For how long does Microsoft Entra ID store events in the sign-in logs?

A. 14 days

B. 30 days

C. 90 days

D. 365 days