Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. An organization plans to migrate to Office 365. You use the Windows Azure Active Directory (AD) Sync tool.
Several users will not migrate to Office 365. You must exclude these users from synchronization. All users must continue to authenticate against the on-premises Active Directory.
You need to synchronize the remaining users.
Which three actions should you perform to ensure users excluded from migration are not synchronized? Each correct answer presents part of the solution.
A. Populate an attribute for each user account.
B. Disable the user accounts in Active Directory.
C. Perform a full synchronization.
D. Configure the connection filter.
E. Run the Windows PowerShell command Set-MsolDirSyncEnabled -EnableDirSync $false.
Answer: A,C,D
Q2. DRAG DROP
A company deploys an Office 365 tenant. All employees use Lync Online.
You need to configure the network firewall to support Lync Online.
Which ports must you open? To answer, drag the appropriate port number to the correct feature or features. Each port number may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q3. An organization implements single sign-on (SSO) for use with Office 365 services. You install an Active Directory Federation Services (AD FS) proxy server.
Users report that they are unable to authenticate. You launch the Event Viewer and view the event information shown in the following screen shot:
You need to ensure that users can authenticate to Office 365.
What should you do?
A. Re-enter the credentials used to establish the trust.
B. Verify the federation server proxy is trusted by the federation service.
C. Re-install the Secure Sockets Layer (SSL) certificate for the federation service.
D. Verify network connectivity between the Federation Service Proxy and federation server.
Answer: A
Q4. An organization plans to migrate to Office 365.
You need to estimate the post-migration network traffic.
Which tool should you use?
A. Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Kit
B. Microsoft Network Monitor
C. Lync 2013 Bandwidth Calculator
D. Microsoft Remote Connectivity Analyzer can open and view Office documents.
Answer: C
Explanation:
Reference: http://technet.microsoft.com/en-us/library/hh852542.aspx
Q5. You are the Office 365 administrator for your company. You prepare to install Active Directory Federation Services (AD FS).
You need to open the correct port between the AD FS proxy server and the AD FS federation server.
Which port should you open?
A. TCP 80
B. TCP 135
C. TCP 389
D. TCP 443
E. TCP 636
F. TCP 1723
Answer: D
Q6. Your company deploys an Office 365 tenant.
You need to ensure that you can view service health and maintenance reports for the past seven days.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A. Run the Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Kit.
B. View the service health current status page of the Office 365 admin center.
C. View the service settings page of the Office 365 admin center.
D. Subscribe to the Office 365 Service Health RSS Notifications feed.
Answer: B,D
Q7. A company with 75,000 employees has an Office 365 tenant.
You need to install the Azure Active Directory Synchronization (AAD Sync) tool by using the least amount of administrative effort.
Which versions of each product should you implement? (Select three)
Select three.
A. .Net 3.5
B. Net 4.0
C. .Net 4.5
D. .Net 4.5.1
E. PowerShell (PS1)
F. PowerShell (PS2)
G. PowerShell (PS3)
H. PowerShell (PS4)
I. SQL Server Express
J. SQL Server 2008
K. SQL Server 2012
L. SQL Server 2014
Answer: D,F,L
Explanation: * The following components need to be installed:
Net 4.5.1
PowerShell (PS3 or better is required)
*Azure AD Sync requires a SQL Server database to store identity data. By default a SQLExpress LocalDB (a light version of SQL Server Express) is installed and the service account for the service is created on the local machine. SQL Server Express has a 10GB size limit that enables you to manage approximately
100.000 objects. This is fine for the scenario in this question.
If you need to manager a higher volume of directory objects, you need to point the installation process to a different version of SQL Server..AAD Sync supports all flavors of Microsoft SQL Server from SQL Server 2008 to SQL Server 2014.
Reference: Install the Azure Active Directory Sync Service
https://msdn.microsoft.com/en-us/library/azure/dn757602.aspx
Q8. Contoso Ltd. uses Office 365 for collaboration. You are implementing Active Directory Federation Services (AD FS) for single sign-on (SSO) with Office 365 services. The environment contains an Active Directory domain and an AD FS federation server.
You need to ensure that the environment is prepared for the AD FS setup.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Configure Active Directory to use the domain contoso.com.
B. Configure Active Directory to use the domain contoso.local.
C. Create a server authentication certificate for the federation server by using fs.contoso.com as the subject name and subject alternative name.
D. Create a server authentication certificate for the federation server by using fs.contoso.local as the subject name and subject alternative name.
Answer: A,C
Q9. A company has an Office 365 tenant.
You must retrieve mailbox diagnostic data.
You need to provide a report with this data for all users.
Which report solution should you choose?
A. Office 365 admin center
B. downloadable spreadsheet
C. reporting Windows PowerShell cmdlets
D. REST reporting web service
Answer: D
Explanation: The Office 365 Reporting web service enables developers to integrate
information on email and spam, antivirus activity, compliance status, and Lync Online
activities into their custom service reporting applications and web portals.
Incorrect:
Not A: Office 365 admin center provide predefined charts and lists reports.
Not B: Detailed, flexible analysis of historical and live service data, for example in Microsoft
Excel-based score-cards.
Not C: reporting Windows PowerShell cmdlets: Precise data for periodically generated
reports in script-based IT maintenance tools.
Reference: Office 365 Reporting web service
https://msdn.microsoft.com/en-us/library/office/jj984325.aspx
Q10. You are the Office 365 administrator for your company.
Users report that they have received significantly more spam messages over the past month than they normally receive.
You need to analyze trends for the email messages received over the past 60 days.
From the Office 365 admin center, what should you view?
A. Messages on the Service health page
B. The Received mail report
C. The Office 365 Malware detections in sent mail report
D. The Mailbox content search and hold report
Answer: A
Q11. A company named Fabrikam, Inc. is deploying an Office 365 tenant. You install Active Directory Federation Services (AD FS) on a server that runs Windows Server 2012.
The company's environment is described in the following table:
You must obtain a certificate from a certification authority and install it on the federation servers.
You need to specify the subject name for the certificate.
Which name should you specify?
A. fs.fabnkam.com
B. serverl.fabrikam.com
C. fabrikam.com
D. server2.fabrikam.com
Answer: A
Q12. An organization purchases an Office 365 plan for 10,000 user accounts. You have a domain controller that runs Windows Server 2008 R2. The forest functional level is set to Windows Server 2000.
The organization must be able to synchronize user attributes from the on-premises Active Directory Domain Services environment to Office 365.
You need to prepare to install the Windows Azure Active Directory Sync tool.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Upgrade the domain controller to Windows Server 2012.
B. Install Microsoft .NET Framework 3.5 SP1 and Microsoft .NET Framework 4.0.
C. Install Windows Server 2012 Standard edition.
D. Raise the forest functional level to Windows Server 2008 R2.
E. Join a workstation to an Active Directory domain.
Answer: B,D
Explanation:
Reference: http://technet.microsoft.com/en-us/library/jj151831.aspx#BKMK_ComputerRequirements
Q13. You have an Exchange Online tenant. User1 reports that they are not able to check their email. Other users can check their email.
You remotely connect to User1's session.
You need to troubleshoot why the user cannot check his email.
What should you use?
A. POP Email test
B. Outlook Connectivity test
C. Microsoft Remote Connectivity Analyzer
D. Microsoft Connectivity Analyzer
E. Outlook Autodiscover test
F. IMAP Email test
Answer: C
Explanation:
Microsoft Remote Connectivity Analyzer (https://testconnectivity.microsoft.com/) can test incoming and outgoing e-mail.
Reference: https://testconnectivity.microsoft.com/
Q14. A company has an Office 365 tenant that has an Enterprise E1 subscription. Users currently sign in with credentials that include the contoso.com domain suffix.
The company is acquired by Fabrikam. Users must now sign in with credentials that include the fabrikam.com domain suffix.
You need to ensure that all users sign in with the new domain name.
Which Windows PowerShell cmdlet should you run?
A. Set-MsolUser
B. Redo-MsolProvisionUser
C. Set-MsolUserLicense
D. Set-MsolUserPrincipalName
E. Convert-MsolFederatedUser
F. Set-MailUser
G. Set-LinkedUser
H. New-MsolUser
Answer: D
Explanation: The Set-MsolUserPrincipalName cmdlet is used to change the User Principal Name (user ID) of a user. This cmdlet can be used to move a user between a federated and standard domain, which will result in their authentication type changing to that of the target domain.
The following command renames user1@contoso.com to CCole@contoso.com.
Set-MsolUserPrincipalName -UserPrincipalName User1@contoso.com -NewUserPrincipalName CCole@contoso.com
Incorrect:
Not A: The Set-MsolUser cmdlet is used to update a user object. This cmdlet should be used for basic properties only.
Not B: The Redo-MsolProvisionUser cmdlet can be used to retry the provisioning of a user object in Azure Active Directory when a previous attempt to create the user object resulted in a validation error.
Not C: The Set-MsolUserLicense cmdlet can be used to adjust the licenses for a user.
Not E: The Convert-MsolFederatedUser cmdlet is used to update a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. A new password must be provided for the user.
Not F: Use the Set-MailUser cmdlet, used for on premises Exchange Server (not Office 365), to modify the mail-related attributes of an existing user in Active Directory.
Not G: Use the Set-LinkedUser cmdlet to modify the properties of an existing linked user account. The Outlook Live Directory Sync (OLSync) service account is a linked user.
Not H: The New-MsolUser cmdlet is used to create a new user in the Microsoft Azure Active Directory (Microsoft Azure AD). In
Reference: Set-MsolUserPrincipalName
https://msdn.microsoft.com/en-us/library/azure/dn194096.aspx
Q15. You deploy Lync Online for a company that has offices in San Francisco and New York. The two offices both connect to the Internet. There is no private network link between the offices.
Users in the New York office report that they cannot transfer files to the users in the San Francisco office by using Lync Online.
You need to ensure that users in both offices can transfer files by using Lync Online.
What should you do?
A. Configure the firewall to open Transmission Control Protocol (TCP) ports 50060-50079.
B. Configure the firewall to open Transmission Control Protocol (TCP) ports 50040-50059.
C. Create a private network connection to share files.
D. Upgrade all of the Lync Online clients to use Lync 2013.
Answer: B
Q16. Your company has a hybrid deployment of Office 365. All mailboxes are hosted on Office
365. All users access their Office 365 mailbox by using a user account that is hosted on-premises. You need to delete a user account and its associated mailbox.
Which tool should you use?
A. The Remove-MSOLUser cmdlet
B. The Remove-Mailbox cmdlet
C. The Office 365 portal
D. Active Directory Users and Computers
Answer: D
Explanation:
When deleting accounts from Active Directory and directory synchronization runs the associated object will be deleted from Azure and also soft deleting the mailbox.
Q17. An organization deploys an Office 365 tenant.
User accounts must be synchronized to Office 365 by using the Windows Azure Active
Directory Sync tool.
You have the following password policies:
Passwords for the on-premises Active Directory Domain Services (AD DS) user accounts are at least six characters long.
Passwords for Office 365 user accounts are at least eight characters long.
You need to ensure that the user accounts will be synchronized. Which user accounts will be synchronized?
A. All user accounts
B. No user accounts
C. User accounts with a password length of at least 8 characters
D. User accounts with a password length of at least 14 characters
Answer: A
Explanation:
After deploying ADFS tenant password policies are handled by the local Active Directory Environment, and not Office 365 Azure. All users will be synchronized and will utilize the AD DS six character long password policy.
Reference: http://howdouc.blogspot.ca/2011/04/active-directory-federation-services.html
Q18. HOTSPOT
You manage an Office 365 tenant. The subscription details for the tenant are displayed in the following screenshot.
Use the drop-down menus to select the answer choice that answers each question. NOTE: Each correct answer is worth one point.
Answer: