Explore Password Management Flashcards
What is the default password expiration cycle in Microsoft 365?
90 days
What is the default password expiration notification window in Microsoft 365?
14 days
What powershell parameter can be used to disable password expiration in Microsoft 365?
PasswordNeverExpires
What are the two options available for resetting a Global Administrator password?
- As another Global Administrator
2. Reset your own password from sign-in page
Which Microsoft 365 administrator role can change the password of a user who’s assigned to the Microsoft 365 Global administrator role?
Global Administrator
On what server should the first connector for pass-through authentication be installed?
Same server with Azure AD Connect
What subscription level is needed for writeback?
Azure AD Premium
When passwords are changed in Microsoft 365, they can be written back to the on-premises Active Directory. Which of the following requirements must be met to enable this feature?
- You need an Azure Active Directory Premium license
Your domain controllers must - be at least Windows Server 2003 - You need a Microsoft 365 E5 license
You need an Azure Active Directory Premium license
What does Azure AD Smart Lockout do?
Locks out bad actors who are trying to guess user’s passwords
What are two considerations for using Smart Lockout with Pass-through authentication?
- Azure AD lockout threshold is less than the Active Directory threshold.
- Azure AD lockout duration must be longer than Active Directory lockout counter.
If an account is locked by Smart Lockout, what are the two ways to unlock the account?
- Wait for the lockout duration to expire.
2. Use SSPR
As the Enterprise Administrator for Tailspin Toys, you’re investigating the default password policy settings for Microsoft 365 users. Which of the following statements accurately reflects the Microsoft 365 password policy settings?
A. Passwords expire after 60 days, and users receive an expiration notification 10 days before it occurs
B. Passwords expire after 45 days, and users receive an expiration notification 7 days before it occurs
C. Passwords expire after 90 days, and users receive an expiration notification 14 days before it occurs
C
As the Enterprise Administrator for Tailspin Toys, you’re interested in making self-service password reset functionality available to Tailspin’s users. To implement self-service password reset, which of the following conditions must be in place?
A. Password reset is only available for Microsoft 365 users with cloud identities that have passwords that aren’t linked to the on-premises AD DS
B. Password reset enables users to reset their own password after the Password administrator starts the transaction
C. To reset a password, either a Global administrator or a Password administrator must first authenticate the user’s identity
A
