Explore Password Management Flashcards

1
Q

What is the default password expiration cycle in Microsoft 365?

A

90 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the default password expiration notification window in Microsoft 365?

A

14 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What powershell parameter can be used to disable password expiration in Microsoft 365?

A

PasswordNeverExpires

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the two options available for resetting a Global Administrator password?

A
  1. As another Global Administrator

2. Reset your own password from sign-in page

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which Microsoft 365 administrator role can change the password of a user who’s assigned to the Microsoft 365 Global administrator role?

A

Global Administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

On what server should the first connector for pass-through authentication be installed?

A

Same server with Azure AD Connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What subscription level is needed for writeback?

A

Azure AD Premium

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When passwords are changed in Microsoft 365, they can be written back to the on-premises Active Directory. Which of the following requirements must be met to enable this feature?

  • You need an Azure Active Directory Premium license
    Your domain controllers must - be at least Windows Server 2003
  • You need a Microsoft 365 E5 license
A

You need an Azure Active Directory Premium license

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Azure AD Smart Lockout do?

A

Locks out bad actors who are trying to guess user’s passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are two considerations for using Smart Lockout with Pass-through authentication?

A
  1. Azure AD lockout threshold is less than the Active Directory threshold.
  2. Azure AD lockout duration must be longer than Active Directory lockout counter.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If an account is locked by Smart Lockout, what are the two ways to unlock the account?

A
  1. Wait for the lockout duration to expire.

2. Use SSPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

As the Enterprise Administrator for Tailspin Toys, you’re investigating the default password policy settings for Microsoft 365 users. Which of the following statements accurately reflects the Microsoft 365 password policy settings?

A. Passwords expire after 60 days, and users receive an expiration notification 10 days before it occurs
B. Passwords expire after 45 days, and users receive an expiration notification 7 days before it occurs
C. Passwords expire after 90 days, and users receive an expiration notification 14 days before it occurs

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

As the Enterprise Administrator for Tailspin Toys, you’re interested in making self-service password reset functionality available to Tailspin’s users. To implement self-service password reset, which of the following conditions must be in place?

A. Password reset is only available for Microsoft 365 users with cloud identities that have passwords that aren’t linked to the on-premises AD DS
B. Password reset enables users to reset their own password after the Password administrator starts the transaction
C. To reset a password, either a Global administrator or a Password administrator must first authenticate the user’s identity

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly