You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You implement entitlement management to provide resource access to users at a company named Fabrikam, Inc. Fabrikam uses a domain named fabrikam.com.
Fabrikam users must be removed automatically from the tenant when access is no longer required.
You need to configure the following settings:
Block external user from signing in to this directory: No
Remove external user: Yes
Number of days before removing external user from this directory: 90
What should you configure on the Identity Governance blade?

A. Access packages

B. Entitlement management settings

C. Terms of use

D. Access reviews setting

You have an Azure AD tenant named contoso.com that contains a group named All Company and has the following Identity Governance settings:

You have an Azure Active Directory (Azure AD) tenant that contains three users named User1, User1, and User3.
You create a group named Group1. You add User2 and User3 to Group1.
You configure a role in Azure AD Privileged identity Management (PIM) as shown in the application administrator exhibit. (Click the application Administrator tab.)

You have an Azure subscription named Sub1 that contains a resource group named RG1.
RG1 contains an Azure Cosmos DB database named DB1 and an Azure Kubernetes Service (AKS) cluster named AKS1. AKS1 uses a managed identity.
You need to ensure that AKS1 can access DB1. The solution must meet the following requirements:
• Ensure that AKS1 uses the managed identity to access DB1.
• Follow the principle of least privilege.
Which role should you assign to the managed identity of AKS1.

A. For R61, assign the Azure Cosmos DB Data Reader Role role.

B. For Sub1. assign the Owner role.

C. For RG1, assign the Reader role.

D. For DB1, assign the Azure Cosmos DB Account Reader Role role.

You have an Azure AD tenant that contains the users shown in The following table.

You enable self-service password reset (SSPR) for all the users and configure SSPR to require security questions as the only authentication method.
Which users must use security questions when resetting their password?

A. User4 only

B. User3and User4only

C. User1 and User4only

D. User1, User3, and User4 only

E. User1, User2, User3. and User4

You have an Azure subscription that contains the following virtual machine.

You have a Microsoft 365 tenant.
All users have mobile phones and laptops.

The users frequently work from remote locations that do not have Wi-Fi access or mobile phone connectivity. While working from the remote locations, the users connect their laptop to a wired network that has internet access.

You plan to implement multi-factor authentication (MFA).
Which MFA authentication method can the users use from the remote location?

A. a notification through the Microsoft Authenticator app

B. email

C. security questions

D. a verification code from the Microsoft Authenticator app

You have an Azure Active Directory (Azure AD) tenant that has Security defaults disabled. You are creating a conditional access policy as shown in the following exhibit.

You have a Microsoft 365 tenant.
All users must use the Microsoft Authenticator app for multi-factor authentication (MFA) when accessing Microsoft 365 services.
Some users report that they received an MFA prompt on their Microsoft Authenticator app without initiating a sign-in request.
You need to block the users automatically when they report an MFA request that they did not Initiate.
Solution: From the Azure portal, you configure the Account lockout settings for multi-factor authentication (MFA).
Does this meet the goal?

A. Yes

B. No

You have two Microsoft Entra tenants named contoso.com and fabrikam.com. Contoso.com contains the identities shown in the following table.

You configure cross-tenant synchronization from contoso.com to fabrikam.com. Which identities will sync with fabrikam.com?

A. User1 only

B. User1 and Group1 only

C. User 1 and Gtoup2 only

D. User1, Group1, and Group2

You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.

You have an Azure subscription that contains the resources shown in the following table.