Question 6 of 568

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.

After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.

To achieve this, the Per Enabled User setting must be set for the usage model.

Solution: You reconfigure the existing usage model via the Azure portal.

Does the solution meet the goal?

    Correct Answer: B

    The solution does not meet the goal. You cannot change the usage model (per enabled user or per authentication) after a Multi-Factor Authentication (MFA) provider is created in Azure. Instead, you need to create a new MFA provider with the desired usage model settings to accommodate the new employees.

Question 7 of 568

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company's Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.

After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.

To achieve this, the Per Enabled User setting must be set for the usage model.

Solution: You reconfigure the existing usage model via the Azure CLI.

Does the solution meet the goal?

    Correct Answer: B

    The solution does not meet the goal. Once a Multi-Factor Authentication provider is created, its usage model cannot be changed from 'Per Authentication' to 'Per Enabled User.' To achieve the goal of ensuring new employees use Multi-Factor Authentication under the 'Per Enabled User' setting, a new MFA provider would need to be created and activated with the new settings. Reconfiguring the existing usage model via the Azure CLI is not possible for changing the usage model.

Question 8 of 568

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company's Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.

After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.

To achieve this, the Per Enabled User setting must be set for the usage model.

Solution: You create a new Multi-Factor Authentication provider with a backup from the existing Multi-Factor Authentication provider data.

Does the solution meet the goal?

    Correct Answer: B

    Creating a new Multi-Factor Authentication provider does not meet the goal of changing the MFA usage model from 'Per Authentication' to 'Per Enabled User.' Azure AD MFA usage models are immutable once an MFA provider is created, and as of September 1, 2018, new MFA providers cannot be created. Thus, the existing setup must be used with appropriate licenses that include MFA features.

Question 9 of 568

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active

Directory domain.

You have a server named DirSync1 that is configured as a DirSync server.

You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.

Solution: You run the Start-ADSyncSyncCycle -PolicyType Initial PowerShell cmdlet.

Does the solution meet the goal?

    Correct Answer: B

    Running the Start-ADSyncSyncCycle -PolicyType Initial PowerShell cmdlet initiates a full synchronization cycle. While this does replicate user information from on-premises Active Directory to Azure AD, it is not the most efficient method for immediate replication. The initial synchronization can take a considerable amount of time, especially if there are many changes or a large directory. For immediate replication of the newly created user account, the Start-ADSyncSyncCycle -PolicyType Delta cmdlet should be used instead. This delta synchronization only replicates the changes since the last synchronization, making it faster and more suitable for immediate needs.

Question 10 of 568

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.

Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active

Directory domain.

You have a server named DirSync1 that is configured as a DirSync server.

You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.

Solution: You use Active Directory Sites and Services to force replication of the Global Catalog on a domain controller.

Does the solution meet the goal?

    Correct Answer: B

    The solution does not meet the goal because using Active Directory Sites and Services to force replication of the Global Catalog on a domain controller does not directly impact the synchronization process with Azure Active Directory. To replicate the new user information to Azure AD immediately, you should use Azure AD Connect, the synchronization tool designed for integrating on-premises Active Directory with Azure AD. A manual synchronization cycle needs to be triggered using Azure AD Connect to achieve the desired result.