You have an Azure AD tenant and an Azure web app named App.

You have a Microsoft Entra tenant that contains the groups shown in the following table.

A. Group1 only

B. Group1 and Group2 only

C. Group1 and Group3 only

D. Group3 and Group4 only

E. Group1. Group2. Group3. and Group4

Your company has an Azure Active Directory (Azure AD) tenant named contosri.com. The company has the business partners shown in the following table.

A. 1

B. 2

C. 3

D. 4

You have an Azure subscription.
You need to use Microsoft Entra Permissions Management to automatically monitor permissions and create and implement right-size roles. The solution must follow the principle of least privilege.
Which role should you assign to the service principal of Permissions Management?

A. Reader

B. Contributor

C. Owner

D. User Access Administrator

You have an Azure AD tenant that contains a user named Admin1.
Admin1 uses the Require password change for high-risk user’s policy template to create a new Conditional Access policy.
Who is included and excluded by default in the policy assignment? To answer, drag the appropriate options to the correct target. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

You configure Azure Active Directory (Azure AD) Password Protection as shown in the exhibit. (Click the Exhibit tab.)

A. Pr0jectlitw@re and T@ilw1nd only

B. C0nt0s0 only

C. C0nt0s0, Pr0jectlitw@re, and T@ilw1nd

D. C0nt0s0 and T@ilw1nd only

E. C0nt0s0 and Pr0jectlitw@re only

You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are assigned to individual users.
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5 licenses to the users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of administrative effort.
What should you use?

A. the Set -KindohsProductKcy cmdlct

B. the Update-MgGroup cmdlet

C. the Set-HgUserLicense cmdlet

D. the Update-MgUser cmdlet

You have an Azure subscription that contains a user named User! and two resource groups named RG1 and RG2.
You need to ensure that User1 can perform the following tasks:

• View all resources.
• Restart virtual machines.
• Create virtual machines in RG1 only.
• Create storage accounts in RG1 only.

A. 1

B. 2

C. 3

D. 4

Your network contains an Active Directory forest named contoso.com that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com by using Azure AD Connect.
Attire AD Connect is installed on a server named Server 1.
You deploy a new server named Server? that runs Windows Server 2019.
You need to implement a failover server for Azure AD Connect. The solution must minimize how long it takes to fail over if Server1 fails.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You have an Azure AD tenant that has multi-factor authentication (MFA) enforced and selfservice password reset (SSPR) enabled.
You enable combined registration in interrupt mode.
You create a new user named User1.
Which two authentication methods can User1 use to complete the combined registration process? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. a FID02 security key

B. a hardware token

C. a one-time passcode email

D. Windows Hello for Business

E. the Microsoft Authenticator app

You have a Microsoft Entra tenant that contains the users shown in the following table.

You have an Azure AD tenant contains the users shown in the following table.