This exam was updated on August 5, 2021. Following the current exam guide, we
have included a version of the exam guide with Track Changes set to “On,”
showing the changes that were made to the exam on that date.
Audience Profile
Candidates for this exam are Microsoft 365 Enterprise Administrators who
take part in evaluating, planning, migrating, deploying, and managing Microsoft
365 services. They perform Microsoft 365 tenant management tasks for an
enterprise, including its identities, security, compliance, Power Platform, and
supporting technologies.
Candidates have a working knowledge of Microsoft 365 workloads and should have
been an administrator for at least one
one Microsoft 365 workload (Exchange, SharePoint, Teams), and Windows as a
ServiceExchange, SharePoint, Teams, or Windows 10 deployment.
Candidates also have a working knowledge of networking, server administration,
and IT fundamentals such as DNS, Active Directory, and PowerShell.
Skills Measured
NOTE: The bullets that follow each of the skills measured are intended to
illustrate how we are assessing that skill. This list is NOT definitive or
exhaustive.
NOTE: Most questions cover features that are General Availability (GA). The exam
may contain questions on Preview features if those features are commonly used.
Design and Implement Microsoft 365 Services (25-30%)
Plan architecture
plan integration of Microsoft 365 and on-premises environments
identify deployment workloads team
plan an identity and authentication solution
plan enterprise application modernization
Deploy a Microsoft 365 tenant
manage domains
configure organizational settings
complete the organizational profile
add a Microsoft partner or work with Microsoft FastTrack
complete the subscription setup wizard
plan and create a tenant
edit an organizational profile
plan and create subscription(s)
configure tenant-wide workload settings
Manage Microsoft 365 subscription and tenant health
manage service health alerts
create and manage service requests
create internal service health response plan
monitor service health
monitor license allocations
configure and review reports, including Power
BI, Operations Management Suite (OMS),Azure Monitor logs, Log Analytics
workspaces, and Microsoft 365 reporting
schedule and review security and compliance reports
schedule and review usage metrics
Plan migration of users and data
identify data to be migrated and migration methods
identify users and mailboxes to be migrated and migration methods
plan migration of on-premises users and groups
import PST files
Manage User Identity and Roles (25-30%)
Design identity strategy
evaluate requirements and solutions for synchronization
evaluate requirements and solutions for identity management
evaluate requirements and solutions for authentication
Plan identity synchronization
design directory synchronization
implement directory synchronization with directory services, federation
services, and
Azure endpoints by using Azure AD Connect sync
plan for directory
synchronization using Azure AD cloud sync
Manage identity synchronization with Azure Active Directory (Azure AD)
configure and manage directory
synchronization by using Azure AD cloud sync
configure directory synchronization by using Azure AD Connect
monitor Azure AD Connect Health
manage Azure AD Connect synchronization
configure object filters
configure password synchronization
implement multi-forest AD Connect scenarios
Manage Azure AD identities
plan Azure AD identities
implement and manage self-service password reset (SSPR)
manage access reviews
manage groups
manage passwords
manage product licenses
manage users
perform bulk user management
Manage roles
plan user roles
manage admin roles
allocate roles for workloads
manage role allocations by using Azure AD
Manage Access and Authentication (15-20%)
Manage authentication
design an authentication method
configure authentication
implement an authentication method
manage authentication
monitor authentication
Plan and implement secure access
design a conditional access solution
implement entitlement packages
implement Azure AD Identity Protection
manage identity protection
implement conditional access
manage conditional access
implement and secure access for guest and external users
Configure application access
configure application registration in Azure AD
configure Azure AD Application Proxy
publish enterprise apps in Azure AD
Plan Office 365 Workloads and Applications (25-30%)
Plan for Microsoft 365 Apps deployment
plan for Microsoft connectivity
manage Microsoft 365 Apps
plan for Office online
assess readiness using Microsoft analytics
plan Microsoft 365 App compatibility
manage Office 365 software downloads
plan for Microsoft apps updates
plan Microsoft telemetry and reporting
Plan for messaging deployments
plan migration strategy
plan messaging deployment
identify hybrid requirements
plan for connectivity
plan for mail routing
plan email domains
Plan for Microsoft SharePoint Online and OneDrive for Business
plan migration strategy
plan external share settings
identify hybrid requirements
manage access configurations
manage Microsoft groups
manage SharePoint tenant and site settings
Plan for Microsoft Teams infrastructure
plan for communication and call quality and capacity
plan for Phone System
plan Microsoft Teams deployment
plan Microsoft Teams organizational settings
plan for guest and external access
plan for Microsoft Teams hybrid connectivity and co-existence
Plan Microsoft Power Platform integration
implement Microsoft Power Platform Center of Excellence (CoE) starter kit
plan for Power Platform workload deployments
plan resource deployment
plan for connectivity (and data flow)
manage environments
manage resources
Actualkey Microsoft MS-100 Exam, Certkingdom Microsoft MS-100 PDF
Best Microsoft
MS-100 Certification,
Microsoft MS-100 Training at
certkingdom.com
QUESTION 1
You have a Microsoft 365 subscription.
Your company purchases a new financial application named App1.
From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered
apps page and discover that
many applications have a low score because they are missing information about
domain registration and consumer popularity.
You need to prevent the missing information from affecting the score.
What should you configure from the Cloud Discover settings?
A. App tags
B. Score metrics
C. Organization details
D. Default behavior
Correct Answer: B
QUESTION 2
You have a Microsoft 365 tenant that contains a Microsoft Power Platform
environment.
You need to ensure that only specific users can create new environments.
What should you do in the Power Platform admin center?
A. From Data policies, create a new data policy.
B. From Data integration, create a new connection set.
C. From Power Platform settings, modify the Governance settings for the
environment.
D. From Environments, modify the behaviour settings for the default environment.
Correct Answer: C
QUESTION 3
Which migration solution should you recommend for Project1?
A. From Exchange Online PowerShell, run the New-MailboxImportRequest cmdlet.
B. From Exchange Online PowerShell, run the New-MailboxExportRequest cmdlet.
C. From Exchange admin center, start the migration and select Remote move
migration.
D. From the Exchange admin center, start the migration and select Cutover
migration.
Correct Answer: C
Explanation:
Project1: During Project1, the mailboxes of 100 users in the sales department
will be moved to Microsoft 365.
Fabrikam does NOT plan to implement identity federation.
ll users must be able to exchange email messages successfully during Project1 by
using their current email address.
During Project1, some users will have mailboxes in Microsoft 365 and some users
will have mailboxes in
Exchange on-premises. To enable users to be able to exchange email messages
successfully during Project1
by using their current email address, we’ll need to configure hybrid Exchange.
To migrate mailboxes in a hybrid Exchange configuration, you use the Exchange
admin center to perform
Remote move migrations.
Note:
There are several versions of this question in the exam. The question has two
possible correct answers:
From Exchange admin center, start the migration and select Remote move
migration.
From the Microsoft 365 admin center, start a data migration and click Exchange
as the data service.
Other incorrect answer options you may see on the exam include the following:
From the Exchange admin center, start a migration and select Staged migration.
From the Microsoft 365 admin center, start a data migration and click Upload PST
as the data service.
From the Microsoft 365 admin center, start a data migration and click Outlook as
the data service.
From the Exchange admin center, start a migration and select Cutover migration.
QUESTION 4
You have a Microsoft 365 subscription that contains an Azure Active
Directory (Azure AD) tenant named contoso.com.
Corporate policy states that user passwords must not include the word Contoso.
What should you do to implement the corporate policy?
A. From the Azure Active Directory admin center, configure the Password
protection settings.
B. From the Microsoft 365 admin center, configure the Password policy settings.
C. From Azure AD Identity Protection, configure a sign-in risk policy.
D. From the Azure Active Directory admin center, create a conditional access
policy.
Correct Answer: A
QUESTION 5
Your network contains an on-premises Active Directory forest.
You are evaluating the implementation of Microsoft 365 and the deployment of an
authentication strategy.
You need to recommend an authentication strategy that meets the following
requirements:
Allows users to sign in by using smart card-based certificates
Allows users to connect to on-premises and Microsoft 365 services by using SSO
Which authentication strategy should you recommend?
A. password hash synchronization and seamless SSO
B. federation with Active Directory Federation Services (AD FS)
C. pass-through authentication and seamless SSO
Correct Answer: B