Question 12

Question

HOTSPOT You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table: https://kxbjsyuhceggsyvxdkof.supabase.co/storage/v1/object/public/file-images/Microsoft_MS-102/page_77_img_1.jpg The tenant has a conditional access policy that has the following configurations: Name: Policy1 Assignments: - Users and groups: Group1 - Cloud aps or actions: All cloud apps Access controls: Grant, require multi-factor authentication Enable policy: Report-only You set Enabled Security defaults to Yes for the tenant. For each of the following settings select Yes, if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. https://kxbjsyuhceggsyvxdkof.supabase.co/storage/v1/object/public/file-images/Microsoft_MS-102/page_78_img_1.jpg

Taylor V. · Answer

Makes sense, since both Conditional Access admin and Security admin have full CA policy rights. Only User admin gets blocked from changing CA assignments. So it should be YES, YES, NO here. Open to correction if I missed something.

Leo V. · Answer

Yep, looks right to me. YES, YES, NO

Maya M. · Answer

Pretty sure it's YES, YES, NO here. Conditional Access admin and Security admin can handle all CA policy changes, but User admin can't change CA assignments. Seen similar trap with User admin on other practice sets, so that's probably what catches folks here. Let me know if there's an odd edge case I'm missing.

Liam · Answer

Why doesn't the User admin get CA assignment rights if Security defaults are off? Isn't this an exception in some exam reports?

Anita T. · Answer

Don’t think it’s YES, YES, NO. I’d say YES, NO, NO since User admin is a trap here.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE