Skill 1.1

Question 1

how are Cloud-only users created and maanged

Answer 1

IN Azure AD

Question 2

Who can create new users

Answer 2

A Global Administrator or a User Administrator

Question 3

What are mandatory objects when creating a new user

Answer 3

username and the user’s name

Question 4

What can groups contain

Answer 4

groups, users, devices, or service principles

Question 5

What do Security Groups allow you to do

Answer 5

to share Azure resource access to a group of users, devices or service principles

Question 6

What does an office 365 group allow

Answer 6

access to a shared mailbox, calendar, sharepoint site and so on

Question 7

What are the group membership types

Answer 7

Assigned
Dynamic Users
Dynamic Device

Question 8

Assigned group membership type

Answer 8

Allows you to add and remove users manually

Question 9

Dynamic User

Answer 9

Allows you to use dynamic group rules to automatically add or remove members

Question 10

Dynamic Device

Answer 10

Allows you to use dynamic group rules to automatically add and remove devices

Question 11

What license do dynamic groups require

Answer 11

Azure AD Premium P1

Question 12

True or false: you can change the membership type of a group after it has been created

Answer 12

True

Question 13

What are the ways to manage devices

Answer 13

Browsing to your Azure AD tenant and selecting devices
Through the devices blade for an individual user

Question 14

Who can enable and disble individual devices

Answer 14

Global Administrator

Question 15

What does disabling a device do

Answer 15

prevents it from accessing your Azure AD resources and remove all details that are attached

Question 16

What are the steps to upload users in bulk

Answer 16

1. Download the CSV template
2. Edit the CSV with bulk update values
3. Upload the CSV and submit the operation

Question 17

Who can invite a guest

Answer 17

All Azure users and admins

Question 18

What does Azure AD join do

Answer 18

Allows you to control devices, applications installed on them and accessed from them, and how those applications interact with you corporate data

Question 19

What three options does associating a device with Azure AD give you

Answer 19

o Registering a device – Appropriate for personal devices
o Registering a device – Appropriate for personal devices
o Hybrid AD joined – Devices that are joined to your on-premises AD and are registered with your Azure AD tenant.

Question 20

What does associating a device with Azure AD allow you to manage

Answer 20

a devices identity such as the SSO, and securing access using conditional access

Question 21

Can registration of Azure Devices be combined with MDM solutions

Answer 21

Yes

Question 22

What is non-hybrid azure join used for

Answer 22

Windows 10 pro and enterprise devices

Question 23

What can Hybrid Azure AD join be used for

Answer 23

Windows 10, Windows 2016, Windows 7, Windows 8.1, Windows 2008, Windows 2008 R2, Windows 2012, and Windows 2012 R2

Question 24

What are SSPR license requirements

Answer 24

Password Change
Password Reset
Password Change/Unlock, Reset

Question 25

How many authentication methods are required for SSPR by default

Answer 25

2

Question 26

What are the categories of Azure Roles

Answer 26

Azure AD-Specific Roles
Service Specific Roles
Cross-service Roles

Question 27

What are Azure AD-Specific Roles

Answer 27

Grant permissions to manage resources within Azure AD only

Question 28

What are Azure Service Specific Roles

Answer 28

For major Microsoft 365 Services (Non-Azure AD)

Question 29

What are Azure Cross Service Roles

Answer 29

Roles that span services. Global Administrator and Global Reader

Question 30

Azure AD free License

Answer 30

User and group management,
on-premises directory synchronization,
basic reports,
self-service password changes,
SSO across Azure,
Office 365 and popular Azure Apps

Question 31

Azure AD Premium 1 License

Answer 31

Lets hybrid users access both on-premises and cloud resources.
Also supports advanced administration, such as dynamic groups, self-service group management, Microsoft Identity Manager, and cloud write-back capabilities

Question 32

Azure AD Premium 2 License

Answer 32

Offers Azure Active directory identity protections to help provide risk based Conditional ACccess to your apps and critical company data and privileged identity management to help discover restrict and monitor administrators.

Question 33

What are built in roles used for within Azure AD administrative units

Answer 33

to delegate permissions

Question 34

What cna be used to create and update Azure AD groups

Answer 34

Azure CLI

Question 35

What should be specified for each new guest account

Answer 35

Email Address