Professional Documents
Culture Documents
Enter
Hello learners!
The Microsoft Identity and Access Administrator training and exam for designs,
implements, and operates an organization’s identity and access management sys-
tems by using Azure Active Directory (Azure AD). After training and certification
exam you’ll be able to manage tasks, such as providing secure authentication and
authorization access to enterprise applications. After this training you’ll also be re-
sponsible for troubleshooting, monitoring, and reporting for the identity and access
environment.
After this training you’ll be able to accomplish the following technical tasks: imple-
ment an identity management solution; implement an authentication and access
management solution; implement access management for apps; and plan and im-
plement an identity governance strategy.
2
Here goes the Quiz
1 Which one among the following is a hybrid authentication method that would require the
least effort in deployment and maintenance?
Select one:
A. Password Hash Synchronization
B. Pass-through authentication
C. Federated authentication
2 The HR team has informed you that they would be hiring many people in different
domains for the organization. As the administrator, you are responsible for adding all of
them to the respective groups. Therefore, you need to minimize the effort. What type of
group will you use?
Select one:
A. Assigned User
B. Dynamic User
C. Dynamic Device
3 You have been assigned the task to configure and manage groups on Azure AD. You need
to use the two different types of groups available according to the requirements. What are
the two kinds of functional groups on Azure AD?
Select one:
3
Here goes the Quiz
4 Your organization is planning to move some of its workloads from on-premises to the
cloud. You have been assigned to understand and recommend the identity aspects of
this scenario. How would you explain the term “Hybrid identity”?
Select one:
A. They create common user identities for authenticating and authorizing users
who operate workstations that run on various operating systems.
B. They create common user identities that are trusted for authentication and
authorization between organizations.
D. They are a solution which makes using multiple usernames and password
possible.
5 You are exploring the Microsoft Azure AD B2B feature. You come to know SAML
(Security Assertion Markup Language) is one protocol used by Azure AD B2B to
federate with identity providers. What is the other protocol used?
Select one:
A. WS-Federation (WS-Fed)
C. Kerberos
4
Here goes the Quiz
6 Which one among the following authentication methods is the most secure?
Select one:
A. SMS verification
B. Call verification
C. Password
D. Windows Hello
7 Your organization Contoso Corp is concerned with the increased number of passwords
being compromised. Your organization, a cloud-only organization, has requested you
to recommend a solution that can help them ban certain common words like admin,
Contoso, etc. from being used when the employees set up or change passwords.
Which solution would you recommend?
Select one:
5
Here goes the Quiz
8 Which Azure AD tool will help you get reports for risks and create policies to take any
such risks?
Select one:
9 Two risk policies can be enabled in the directory. One is the user risk policy. Which is the
other risk policy?
Select one:
10 What type of policy helps you enforce organizational policies, control access and is
based on if-then statements?
Select one:
A. Compliance policies
D. Retention policies
6
Here goes the Quiz
11 Microsoft Graph is a helpful tool for developers. Which one of the following three APIs
exposes information about risky users and sign-in?
Select one:
A. riskDetection, risky users, signs
12 Which scenario from the below options would be best suited for Mobile Application
Management (MAM) without enrollment to protect sensitive data in work or school-
related app?
Select one:
13 Your organization is moving some of its workloads to the cloud. Therefore, you need
to recommend a hybrid identity authentication solution keeping in mind that your
organization cannot have the password (or any traces of it) stored on the cloud. Which
one of the below options would be best suited?
Select one:
A. Pass-through authentication
7
Here goes the Quiz
14 User A has been assigned to manage all aspects of all app registrations and enterprise
applications in your organization. However, he wouldn’t be involved with the
management of applications that use app proxy. Which role should you assign to User A?
Select Three:
A. Application developer
B. Application administrator
Select one:
A. Microsoft Cloud App Security
16 Your organization has numerous apps, and the methods for accessing them are different,
making it confusing for the users. You are asked to recommend a solution. You find that
you can use Azure AD to integrate those applications and get the Single Sign-on (SSO)
feature. What types of applications can be integrated with Azure AD?
Select one:
A. SaaS applications
B. On-premises applications
8
Here goes the Quiz
17 Which option from the following choices is not a best practice for building multi-tenant
apps?
Select one:
A. Follow the principle of least user access to ensure that your app only
requests the permissions it needs.
C. Use names and descriptions that are only meaningful to your team.
18 Your organization is planning to use an application proxy for its on-premises applications.
However, before they move ahead with the process, the management wants to know
about the benefits of using Azure AD application proxy. Which one of the following is the
correct benefit for using application proxy?
Select one:
A. Traffic termination
B. Pre-authentication
C. Conditional access
9
Here goes the Quiz
19 You are a part of the admin team in your organization. You recently noticed that a user
had been deleted. You would like to restore that user. Till how many days can you
recover that user after deletion?
Select one:
A. 14 days
B. 30 days
C. 90 days
D. 365 days
20 You are a part of the admin team in your organization. You recently notice that a user has
been deleted. You need to find out details about the activity where the user was deleted.
Your search for this in Microsoft365 compliance center audit logs. Will this accomplish the
goal?
Select one:
A. Yes
B. No
Check out the answers below:
1 2
A B
3 4
A C
5 6
A D
7 8
B A
9 10
B C
11 12
A B
13 14
A C
15 16
A D
17 18
C D
19 20
B A
11
To get regular updates about our upcoming training sessions, study guides/exam
prep material, giveaways, and other useful resources to help you upskill
Disclaimer: These questions are NOT appearing in the certification exam. CloudThat
does not have any official tie-up with Microsoft regarding the certification or the kind
of questions asked. These are the best guesses for the kind of questions to expect with
Microsoft in general and with the examination.
We are Microsoft Gold Partner and the winner of Microsoft Learning Partner Year Finalist
award, 2020.
Till date CloudThat has trained more than 350K+ professionals in VILT & ILT modes.
We have attended to the training and consulting needs of more than 100 clients.
Our training modules are equipped with 50%-60% hands-on labs sessions.
13
Best
of luck!
To get regular updated about our upcoming training sessions study guides/exam prep material, giveaways,
and other useful resources to help you upskill, you can follow us on our social media pages.
14