You have a Microsoft 365 tenant.
You currently allow email clients that use Basic authentication to conned to Microsoft Exchange Online.
You need to ensure that users can connect t to Exchange only run email clients that use Modern authentication protocols.
What should you implement?
You need to ensure that use Modern authentication
You have a Microsoft 365 E5 subscription that contains three users named User1, User2, and User3.
You have two Azure AD roles that have the Activation settings shown in the following table.
The Azure AD roles have the Assignment settings shown in the following table.
The Azure AD roles have the eligible users shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure AD tenant that contains an access package named Package1 and a user named User1. Package1 is configured as shown in the following exhibit.
You need to ensure that User1 can modify the review frequency of Package1. The solution must use the principle of least privilege.
Which role should you assign to User1?
You need to meet the authentication requirements for leaked credentials.
What should you do?
You need to identify which roles to use for managing role assignments. The solution must meet the delegation requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE:Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.
The users have the devices shown in the following table.
You create the following two Conditional Access policies:
• Name: CAPolicy1
• Assignments
o Users or workload identities: Group 1
o Cloud apps or actions: Office 365 SharePoint Online
o Conditions
■Filter for devices: Exclude filtered devices from the policy
■Rule syntax: device.displayName -starts With "Device*"
o Access controls
■Grant: Block access
■Session: 0 controls selected
o Enable policy: On
• Name: CAPolicy2
• Assignments
o Users or workload identities: Group2
o Cloud apps or actions: Office 365 SharePoint Online
o Conditions: 0 conditions selected
• Access controls
o Grant: Grant access
■Require multifactor authentication
o Session:
0 controls selected
• Enable policy: On
All users confirm that they can successfully authenticate using MFA.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have 2,500 users who are assigned Microsoft Office 365 Enterprise E3 licenses. The licenses are
assigned to individual users.
From the Groups blade in the Azure Active Directory admin center, you assign Microsoft 365 Enterprise E5
licenses to the users.
You need to remove the Office 365 Enterprise E3 licenses from the users by using the least amount of
administrative effort.
What should you use?
You have an Azure Active Directory (Azure AD) tenant that contains the groups shown in the following table.
For which groups can you create an access review?
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
You configure Microsoft Entra Internet Access. Which users can manage Microsoft Entra Internet Access?
You have a Microsoft 365 tenant that contains the administrative units shown in the following table.
The subscription contains the administrators shown in the following table.
The subscription contains the users shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
TESTED 16 Sep 2025
