Free Microsoft MS-100 Exam Actual Questions

The questions for MS-100 were last updated On Apr 21, 2025

At ValidExamDumps, we consistently monitor updates to the Microsoft MS-100 exam questions by Microsoft. Whenever our team identifies changes in the exam questions,exam objectives, exam focus areas or in exam requirements, We immediately update our exam questions for both PDF and online practice exams. This commitment ensures our customers always have access to the most current and accurate questions. By preparing with these actual questions, our customers can successfully pass the Microsoft 365 Identity and Services exam on their first attempt without needing additional materials or study guides.

Other certification materials providers often include outdated or removed questions by Microsoft in their Microsoft MS-100 exam. These outdated questions lead to customers failing their Microsoft 365 Identity and Services exam. In contrast, we ensure our questions bank includes only precise and up-to-date questions, guaranteeing their presence in your actual exam. Our main priority is your success in the Microsoft MS-100 exam, not profiting from selling obsolete exam questions in PDF or Online Practice Test.

 

Question No. 1

You have a single-page application (SPA) named TodoListSPA and a server-based web app named TodoUstServKe.

The permissions for the TodoListSPA API are configured as shown in the TodoUstSPA exhibit (Click the TodoUstSPA tab)

The permissions for the TodoUstService API are configured as shown m the TodoListService exhibit (Click the TodoUstService tab.)

You need to ensure that TodoUstService can access a Microsoft OneDnve file of the signed-in user. The solution must use the principle of least privilege.

Which permission request should you configure?

Show Answer Hide Answer
Correct Answer: C

Question No. 2

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You discover that some external users accessed content on a Microsoft SharePoint site. You modify the

SharePoint sharing policy to prevent sharing outside your organization.

You need to be notified if the SharePoint policy is modified in the future.

Solution: From the SharePoint admin center, you modify the sharing settings.

Does this meet the goal?

Show Answer Hide Answer
Correct Answer: B

You need to create a threat management policy in the Security & Compliance admin center.


Question No. 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company plans to deploy several Microsoft Office 365 services.

You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:

* Users must be able to authenticate during business hours only.

* Authentication requests must be processed successfully if a single server fails.

* When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.

* Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.

Solution: You design an authentication strategy that contains a pass-through authentication model. You install an Authentication Agent on three servers and configure seamless SSO.

Does this meet the goal?

Show Answer Hide Answer
Correct Answer: A

This solution meets all the requirements:

Users must be able to authenticate during business hours only. (This can be configured by using Logon Hours in Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)

Authentication requests must be processed successfully if a single server fails. (We have Authentication Agents running on three servers)

When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. (This can be configured in Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)

Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. (This goal is met by seamless SSO)


https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn

Question No. 4

You have a hybrid deployment of Microsoft 365 that contains the users shown in the following table.

You plan to provide access to an on-premises app named App1 by using Azure AD Application Proxy. App1 will be managed by User4.

You need to identify which user can install the Application Proxy connector.

Which user should you identify?

Show Answer Hide Answer
Question No. 5

You need to meet the application requirement for App1.

Which three actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Answer Hide Answer
Correct Answer: A, B, C

An on-premises web application named App1 must allow users to complete their expense reports online.

Application Proxy is a feature of Azure AD that enables users to access on-premises web applications from a remote client. Application Proxy includes both the Application Proxy service which runs in the cloud, and the Application Proxy connector which runs on an on-premises server. Azure AD, the Application Proxy service, and the Application Proxy connector work together to securely pass the user sign-on token from Azure AD to the web application.

In this question, we need to add an enterprise application in Azure and configure a Microsoft AAD Application Proxy connector to connect to the on-premises web application (App1).


https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy#how-application-proxy-works