Module quiz: Managing users in Azure Active Directory Quiz Answers
In this article i am gone to share Coursera Course: Secure Access with Azure Active Directory by Microsoft | Week 1 Quiz | Module quiz: Managing users in Azure Active Directory Quiz Answers with you..
Enrol Link: Secure Access with Azure Active Directory
Module quiz: Managing users in Azure Active Directory Quiz Answers
The module quiz evaluates your understanding of the concepts covered this week.
- No. of questions: 10
- Time estimate: 30 minutes
- No. of attempts: 3 attempts every 8 hours
Note: This weekly module quiz carries 10 marks and counts for 30% weightage in the overall grade for the course.
You have assigned Mike as the User Administrator for an administrative unit containing a group called Marketing Team. This group has 15 members, including Samantha. Which of the following are true regarding what Mike can do with the group and the group members as the User Administrator of the administrative unit? Select all that apply.
- Mike can reset the password of Samantha if he adds her directly as a member of the administrative unit.
- Mike can update the email address of Samantha if needed.
- Mike can change Samantha’s authentication method to multifactor authentication without adding her as a member of the administrative unit.
- Mike can change the name of the group.
An organization uses Azure AD to manage access to cloud applications. It has provided the following roles to its IT team members, John and Steffi.
John – Application Administrator for all enterprise applications
Steffi – Authentication Administrator
A human resource professional, Tara, requires access to the human capital management application registered in Azure AD.
Who can provide this access?
- Either John or Steffi can provide Tara with the required access.
- John’s and Steffi’s approvals are required to provide Tara with the necessary access.
Imagine that you are responsible for managing access to resources, applications, and data in a company that uses Azure AD. You have been tasked with creating a group that will allow access to a specific SharePoint site for employees who work in the marketing department. You want members to be automatically added and removed from the group based on member attributes. Which group type and membership type should you use?
- Microsoft 365 group with dynamic user membership
- Security group with dynamic user membership
- Security group with assigned membership
- Microsoft 365 group with assigned membership
You work as the Azure security engineer in a retail organization called BuyForSure Inc. You have been asked to create the below users in Azure Active Directory:
James is a consumer who wants to buy sports equipment from BuyForSure Inc.
Tom works in Soles Inc. and supplies shoes to BuyForSure Inc.
Patricia has recently joined BuyForSure Inc. as a human resources manager.
Susan is a seasoned security engineer hired by BuyForSure Inc.
Who will you add as a guest user (B2B) in Azure Active Directory?
A company has two directories—an on-premises Active Directory (AD) environment and an Azure AD tenant. The company is migrating some of its applications and services to Azure and creating an Azure AD Domain Services (Azure AD DS) managed domain to provide domain services for these resources in the cloud. The company also has a partner organization that provides access to a third-party application for its employees. The partner organization has its directory that the company does not manage. The company has set up a federation between its Azure AD tenant and the partner organization’s directory using Azure AD B2B collaboration.
Which of the following statements regarding the Azure AD Domain Services configuration in this scenario are true? Select all that apply.
- The partner organization’s directory users can access the resources that require domain services by authenticating through the Azure AD DS managed domain.
- You don’t need to manage, configure, or update the two Windows Server domain controllers deployed into your selected Azure region.
- The managed domain cannot authenticate users from the partner organization’s directory.
- You can create resources directly in the managed domain, which are synchronized to Azure AD automatically.
A company has offices in multiple countries and has implemented Azure Active Directory (Azure AD) to manage access to its cloud resources. The company wants to ensure that only users from Canada should have access to a specific human resources application. Which feature or service of Azure AD is best suited for the company to restrict access to resources based on user location in Azure AD?
- Azure AD Domain Services
- Azure AD Connect
- Azure AD Conditional Access policy
- Azure AD Identity Protection
In which of the following situations is Azure Active Directory Identity Protection most useful?
- You want to manage the identities and access of the consumers of your B2C application.
- You want to mandate multifactor authentication for all users above a specified level in the organization hierarchy.
- You want to automatically force a user to reset their password if the system detects a suspicious login from an unusual location.
- Your company wants to leverage existing on-premises identity investments to manage access to cloud-based SaaS applications.
Let us say you want to assign licenses to a group of users in your organization’s Azure Active Directory (Azure AD) tenant. What happens when you assign licenses to this group of users and some of them have not specified their usage location in Azure AD?
- The users without a specified usage location are assigned licenses for all services in all locations.
- This action cannot be performed until you manually update the usage location for the users.
- The users without a specified usage location inherit the location of the Azure AD organization.
- The users without a specified usage location are automatically assigned a default usage location.
You have been asked to restore a user account that was recently deleted from your organization’s Azure Active Directory (Azure AD) tenant. You need to be aware of the potential impact on license usage when restoring a user. What happens to a user’s license when you restore a deleted user account in Azure AD?
- The user’s licenses are restored, but only if there are available seats for those licenses.
- The user’s licenses are restored, even if no seats are available for those licenses.
- The user’s licenses are not restored with the account.
- The user’s licenses are restored, but only if the license has been re-purchased since the user’s deletion.
Imagine a scenario where your organization’s policy restricts users from registering applications in Azure Active Directory (Azure AD) without approval. You want to enforce this policy and prevent all users from registering applications but still grant this ability to application developers. How can you prevent all users from registering applications in Azure AD while still granting the ability to application developers?
- Set the “Users can register applications” option to “No,” then remove the specific individuals from the application developer role.
- Set the “Users can register applications” option to “Yes” in Azure AD User Settings, and then add the specific individuals to the application developer role.
- Set the “Users can register applications” option to “Yes,” and remove the specific individuals from the application developer role.
- Set the “Users can register applications” option to “No,” then add specific individuals to the application developer role.