Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
You receive more than 100 email alerts each day for failed Azure AD user sign-in attempts.
You need to ensure that a new security administrator receives the alerts instead of you.
Solution: From Azure AD, you modify the Diagnostics settings.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 E5 subscription. You need to ensure that users are prompted to accept a custom terms of use (Toll) agreement when they sign in to the subscription. What should you configure?

A. an access package

B. a Conditional Access policy

C. a lifecycle workflow

D. an authentication method

You have a new Microsoft 365 tenant that uses a domain name of contoso.onmicrosoft.com.
You register the name contoso.com with a domain registrar.
You need to use contoso.com as the default domain name for new Microsoft 365 users.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You have an Azure subscription that contains a virtual machine named VM1. VM1 has the following configurations:

• Private IP address: 172.16.1.5
• Public IP address 10fl.143.16U5
• System-assigned managed identity status: On

You install an app named App1 on VM1.
You need to configure App1 to request a managed identity app-only access token. Which IP address should App1 use for the request?

A. 108.143.161.25

B. 127.0.0.1

C. 169.254.169.254

D. 172.1615

You plan to deploy a new Azure AD tenant.
Which multifactor authentication (MFA) method will be enabled by default for the tenant?

A. Microsoft Authenticator

B. SMS

C. voice call

D. email OTP

You have a Microsoft 365 E5 subscription.
You need to create a Microsoft Defender for Cloud Apps session policy.
What should you do first?

A. From the Microsoft Defender for Cloud Apps portal, select User monitoring.

B. From the Microsoft Defender for Cloud Apps portal, select App onboarding/maintenance

C. From the Azure Active Directory admin center, create a Conditional Access policy.

D. From the Microsoft Defender for Cloud Apps portal, create a continuous report.

You have an Azure Active Directory (Azure AD) tenant that has the default App registrations settings. The tenant contains the users shown in the following table.

You have an Azure subscription that containes a registered app named App1. You need to review the sign-in activity for App1. The solution must meet the following requirements:

• Identify the number of failed sign-ins.
• Identify the success rate of sign-ins.
• Minimize administrative effort.

What should you use?

A. Audit logs

B. Usage & insights

C. Access reviews

D. Sign-in logs

You have an Azure Active Directory (Azure AD) tenant that syncs to an Active Directory forest. The tenant-uses through authentication.

A. Server2

B. Server4

C. Server1

D. Server3

You have an Azure subscription that contains the resources shown in the following table.

For which resources can you create an access review?

A. Group1, App1, Contributor, and Role1

B. Hotel and Contributor only

C. Group1, Role1, and Contributor only

D. Group1 only

You have a Microsoft Exchange organization that uses an SMTP' address space of contoso.com.
Several users use their contoso.com email address for self-service sign up to Azure Active Directory (Azure AD).
You gain global administrator privileges to the Azure AD tenant that contains the selfsigned users.
You need to prevent the users from creating user accounts in the contoso.com Azure AD tenant for self-service sign-up to Microsoft 365 services.
Which PowerShell cmdlet should you run?

A. Set-MsolCompanySettings

B. Set-MsolDomainFederationSettings

C. Update-MsolfederatedDomain

D. Set-MsolDomain

You have an Azure subscription, a Google Cloud Platform (GCP) account, and an Amazon Web Services (AWS) account.
You need to recommend a solution to assess the risks associated with privilege assignments across all the platforms. The solution must minimize administrative effort.
What should you include in the recommendation?

A. Microsoft Sentinel

B. Microsoft Defender for Cloud Apps

C. Microsoft Entra ID Protection

D. Microsoft Entra Permissions Management