Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Palo Alto Networks
Salesforce
SAP
All Vendors
  1. Home
  2. Microsoft
  3. MS-102

Microsoft MS-102 Exam (page: 1)
Microsoft 365 Administrator
Updated on: 11-Aug-2025

Viewing Page 1 of 53
MS-102 PDF 416 Questions

Overview
General Overview
Litware, Inc. is a consulting company that has a main office in Montreal and a branch office in Seattle. Litware collaborates with a third-party company named ADatum Corporation.

Environment
On-Premises Environment
The network of Litware contains an Active Directory domain named litware.com. The domain contains three organizational units (OUs) named LitwareAdmins, Montreal Users, and Seattle Users and the users shown in the following table.


The domain contains 2,000 Windows 10 Pro devices and 100 servers that run Windows Server 2019.

Cloud Environment
Litware has a pilot Microsoft 365 subscription that includes Microsoft 365 E3 licenses. The subscription contains a verified DNS domain named litware.com.
Microsoft Entra Connect is installed and has the following configurations:
Password hash synchronization is enabled. Synchronization is enabled for the LitwareAdmins OU only.
Users are assigned the roles shown in the following table.


Self-service password reset (SSPR) is enabled.
The Microsoft Entra tenant has Security defaults enabled.

Problem Statements
Litware identifies the following issues:
Admin1 cannot create conditional access policies. Admin4 receives an error when attempting to use SSPR.
Users access new Microsoft 365 service and feature updates before the updates are reviewed by Admin2.
Requirements Planned Changes
Litware plans to implement the following changes:
Implement Microsoft Intune. Implement Microsoft Teams.
Implement Microsoft Defender for Office 365.
Ensure that users can install Microsoft 365 apps on their device. Convert all the Windows 10 Pro devices to Windows 10 Enterprise E5.
Configure Microsoft Entra Connect Sync to sync the Montreal Users OU and the Seattle Users OU.

Technical Requirements
Litware identifies the following technical requirements:
Administrators must be able to specify which version of a Microsoft 365 desktop app will be available to users and to roll back to previous versions.
Only Admin2 must have access to new Microsoft 365 service and feature updates before they are released to the company.
Litware users must be able to invite ADatum users to participate in the following activities:
- Join Microsoft Teams channels.
- Join Microsoft Teams chats.
- Access shared files.
Just in time access to critical administrative roles must be required. Microsoft 365 incidents and advisories must be reviewed monthly. Microsoft 365 service status notifications must be sent to Admin2 The principle of least privilege must be used.

HOTSPOT (Drag and Drop is not supported)
You need to configure the Microsoft 365 service status notifications and limit access to the service and feature updates. The solution must meet the technical requirements.
What should you configure in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Briefing email
You need to configure the Office 365 service status notifications and.. Scenario: Office 365 service status notifications must be sent to Admin2.
To sign up for email notifications of new incidents that affect your tenant and status changes for an active incident, select Preferences > Email, click Send me service heath notifications in email, and then specify: Up to two email addresses. Whether you want notifications for incidents or advisories.
Note: As the admin, you can configure Briefing email for your organization at the user or tenant level. You can set the default state for all users in your tenant as opted in or opted out in the Microsoft 365 admin center, or you can enable or disable the Briefing email for a specific user or multiple users with PowerShell.
Box 2: Release preferences
.. limit access to the service and feature updates. Set up the Standard or Targeted release options.
Set up the release option in the admin center.
You can change how your organization receives Microsoft 365 updates by following these steps. You have to be a global admin in Microsoft 365 to opt in.
In the admin center, go to the Settings > Org Setting, and under the Organization profile tab, choose Release preferences.
To disable targeted release, select Standard release, then select Save changes.
To enable targeted release for all users in your organization, select Targeted release for everyone, then select Save changes.
To enable targeted release for some people in your organization, select Targeted release for selected users, then select Save changes.
Choose Select users to add users one at a time, or Upload users to add them in bulk.
6. When you're done adding users, select Save changes.
Scenario:
Users access new Office 365 service and feature updates before the updates are reviewed by Admin2. Implement Microsoft Defender for Office 365.
Administrators must be able to specify which version of an Office 365 desktop app will be available to users and to roll back to previous versions.
Only Admin2 must have access to new Office 365 service and feature updates before they are released to the company.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/enterprise/view-service-health https://learn.microsoft.com/en-us/viva/insights/personal/briefing/be-admin https://learn.microsoft.com/en-us/microsoft-365/admin/manage/release-options-in-office-365




Overview
General Overview
Litware, Inc. is a consulting company that has a main office in Montreal and a branch office in Seattle. Litware collaborates with a third-party company named ADatum Corporation.

Environment
On-Premises Environment
The network of Litware contains an Active Directory domain named litware.com. The domain contains three organizational units (OUs) named LitwareAdmins, Montreal Users, and Seattle Users and the users shown in the following table.


The domain contains 2,000 Windows 10 Pro devices and 100 servers that run Windows Server 2019.

Cloud Environment
Litware has a pilot Microsoft 365 subscription that includes Microsoft 365 E3 licenses. The subscription contains a verified DNS domain named litware.com.
Microsoft Entra Connect is installed and has the following configurations:
Password hash synchronization is enabled. Synchronization is enabled for the LitwareAdmins OU only.
Users are assigned the roles shown in the following table.


Self-service password reset (SSPR) is enabled.
The Microsoft Entra tenant has Security defaults enabled.

Problem Statements
Litware identifies the following issues:
Admin1 cannot create conditional access policies. Admin4 receives an error when attempting to use SSPR.
Users access new Microsoft 365 service and feature updates before the updates are reviewed by Admin2.
Requirements Planned Changes
Litware plans to implement the following changes:
Implement Microsoft Intune. Implement Microsoft Teams.
Implement Microsoft Defender for Office 365.
Ensure that users can install Microsoft 365 apps on their device. Convert all the Windows 10 Pro devices to Windows 10 Enterprise E5.
Configure Microsoft Entra Connect Sync to sync the Montreal Users OU and the Seattle Users OU.

Technical Requirements
Litware identifies the following technical requirements:
Administrators must be able to specify which version of a Microsoft 365 desktop app will be available to users and to roll back to previous versions.
Only Admin2 must have access to new Microsoft 365 service and feature updates before they are released to the company.
Litware users must be able to invite ADatum users to participate in the following activities:
- Join Microsoft Teams channels.
- Join Microsoft Teams chats.
- Access shared files.
Just in time access to critical administrative roles must be required. Microsoft 365 incidents and advisories must be reviewed monthly. Microsoft 365 service status notifications must be sent to Admin2 The principle of least privilege must be used.

You need to configure Microsoft Entra Connect Sync to support the planned changes for the Montreal Users and Seattle Users OUs.
What should you do?

  1. From PowerShell, run the Add-ADSyncConnectorAttributeInclusion cmdlet.
  2. From the Microsoft Entra Connect wizard, select Manage federation.
  3. From the Microsoft Entra Connect wizard, select Customize synchronization options.
  4. From PowerShell, run the Start-ADSyncSyncCycle cmdlet.

Answer(s): C

Explanation:

Scenario: Configure Microsoft Entra Connect to sync the Montreal Users OU and the Seattle Users OU.


Reference:

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/whatis-azure-ad-connect




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name to the tenant for the project.
Which DNS record should you recommend?

  1. alias (CNAME)
  2. host information (HINFO)
  3. host (A)
  4. text (TXT)

Answer(s): D

Explanation:

For this question these are the correct answers:
* mail exchanger (MX)
text (TXT)
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
For this question these are the incorrect answers:
* alias (CNAME)
* host (A)
* host (AAAA)
* host information (HINFO)
* name server (NS)
pointer (PTR)
Scenario: Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365. All users must be able to exchange email messages successfully during Project1 by using their current email address.
Explanations for correct answers:
mail exchanger (MX)
A DNS 'mail exchange' (MX) record directs email to a mail server. The MX record indicates how email messages should be routed in accordance with the Simple Mail Transfer Protocol (SMTP, the standard protocol for all email). Like CNAME records, an MX record must always point to another domain.
Example of an MX record:


text (TXT)


Reference:

https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns- hosting-provider




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project. Which DNS record should you recommend?

  1. mail exchanger (MX)
  2. alias (CNAME)
  3. host information (HINFO)
  4. host (AAAA)

Answer(s): A

Explanation:

For this question these are the correct answers:
* mail exchanger (MX)
text (TXT)
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
For this question these are the incorrect answers:
* alias (CNAME)
* host (A)
* host (AAAA)
* host information (HINFO)
* name server (NS)
pointer (PTR)
Scenario: Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365. All users must be able to exchange email messages successfully during Project1 by using their current email address.
Explanations for correct answers:
mail exchanger (MX)
A DNS 'mail exchange' (MX) record directs email to a mail server. The MX record indicates how email messages should be routed in accordance with the Simple Mail Transfer Protocol (SMTP, the standard protocol for all email). Like CNAME records, an MX record must always point to another domain.
Example of an MX record:


text (TXT)


Reference:

https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns- hosting-provider




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project. Which DNS record should you recommend?

  1. host (A)
  2. alias (CNAME)
  3. text (TXT)
  4. host (AAAA)

Answer(s): C

Explanation:

For this question these are the correct answers:
* mail exchanger (MX)
text (TXT)
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
For this question these are the incorrect answers:
* alias (CNAME)
* host (A)
* host (AAAA)
* host information (HINFO)
* name server (NS)
pointer (PTR)
Scenario: Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365. All users must be able to exchange email messages successfully during Project1 by using their current email address.
Explanations for correct answers:
mail exchanger (MX)
A DNS 'mail exchange' (MX) record directs email to a mail server. The MX record indicates how email messages should be routed in accordance with the Simple Mail Transfer Protocol (SMTP, the standard protocol for all email). Like CNAME records, an MX record must always point to another domain.
Example of an MX record:


text (TXT)


Reference:

https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns- hosting-provider




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project. Which DNS record should you recommend?

  1. host (A)
  2. host information (HINFO)
  3. text (TXT)
  4. pointer (PTR)

Answer(s): C

Explanation:

When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
Note:
There are several versions of this question in the exam. The question has two possible correct answers: Text (TXT)
Mail exchanger (MX)
incorrect answer options you may see on the exam include the following: alias (CNAME)
Host (A) host (AAA)
Pointer (PTR) Name Server (NS)
host information (HINFO) pointer (PTR)


Reference:

https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns- hosting-provider




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

Which role should you assign to User1?

  1. Hygiene Management
  2. Security Reader
  3. Security Administrator
  4. Records Management

Answer(s): B

Explanation:

A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.
Users with the Security Reader role have global read-only access on security-related features, including all information in Microsoft 365 security center, Microsoft Entra ID, Identity Protection, Privileged Identity Management, as well as the ability to read Microsoft Entra sign-in reports and audit logs, and in Office 365 Security & Compliance Center.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles




Overview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.

Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of
username@fabrikam.com.
Fabrikam does NOT plan to implement identity federation.

Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.

Technical Requirements
Fabrikam identifies the following technical requirements:
All users must be able to exchange email messages successfully during Project1 by using their current
email address.
Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal. Microsoft 365 Apps for enterprise applications must be installed from a network share only.
Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.

Security Requirements
Fabrikam identifies the following security requirements:
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
The principle of least privilege must be used.

You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project. Which DNS record should you recommend?

  1. name server (NS)
  2. host information (HINFO)
  3. text (TXT)
  4. pointer (PTR)

Answer(s): C

Explanation:

For this question these are the correct answers:
* mail exchanger (MX)
* text (TXT)
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
For this question these are the incorrect answers:
* alias (CNAME)
* host (A)
* host (AAAA)
* host information (HINFO)
* name server (NS)
pointer (PTR)
Scenario: Each office contains two domain controllers. All domain controllers are configured as DNS servers. The public zone for fabrikam.com is managed by an external DNS server.
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365. All users must be able to exchange email messages successfully during Project1 by using their current email address.
Explanations for correct answers:
mail exchanger (MX)
A DNS 'mail exchange' (MX) record directs email to a mail server. The MX record indicates how email messages should be routed in accordance with the Simple Mail Transfer Protocol (SMTP, the standard protocol for all email). Like CNAME records, an MX record must always point to another domain.
Example of an MX record:


text (TXT)


Reference:

https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns- hosting-provider
Deploy and manage a Microsoft 365 tenant Question Set 3



Viewing Page 1 of 53



Share your comments for Microsoft MS-102 exam with other users:

Matt 7/31/2025 11:44:40 PM

Great questions.
UNITED STATES