ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-800 All Questions

View all questions & answers for the AZ-800 exam
Go to Exam

Exam AZ-800 topic 1 question 41 discussion

Actual exam question from Microsoft's AZ-800
Question #: 41
Topic #: 1
[All AZ-800 Questions]

HOTSPOT
-

Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com that syncs with an Azure AD tenant. The tenant contains a group named Group1 and the users shown in the following table.



Domain/OU filtering in Azure AD Connect is configured as shown in the Filtering exhibit. (Click the Filtering tab.)



You review the Azure AD Connect configurations as shown in the Configure exhibit. (Click the Configure tab.)



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by MR_Eliot at Sept. 17, 2023, 11:22 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MR_Eliot
Highly Voted 1 year, 7 months ago
1. [YES] -> Password Write back is enabled. 2. [YES] -> Pass-Through authentication is in use, therefore AD is the Identity Provider. 3. [NO] -> "User2" is under "OU2" which is not syned to the Azure Tenant.
upvoted 26 times
formacionproxya
2 months, 3 weeks ago
The statement indicates that users User1 and User2 already exist in the tenant.
upvoted 1 times
...
PXAbstraction
1 year, 7 months ago
Correct. The amount of wrong answers provided on this test is pretty ridiculous.
upvoted 9 times
...
...
NazerRazer
Highly Voted 1 year, 6 months ago
1. User1 can use self-service password reset (SSPR) to reset his password. -> [YES]. User1 can use self-service password reset (SSPR) because they are in the synchronized organizational unit (OU1), and "Enable Password writeback" is configured. 2. If User1 connects to Microsoft Exchange Online, an on-premises domain controller provides authentication. -> [Yes]. When User1 connects to Microsoft Exchange Online or any other Azure AD-integrated service, their authentication request is passed directly to an on-premises AD domain controller for validation because Pass-through Authentication (PTA) is used. 3. You can add User2 to Group1 as a member. -> [No]. User2 is in OU2, which is not selected for synchronization according to the provided configuration details. Since User2's OU is not included in the synchronization scope, you cannot directly add User2 to Group1 from the on-premises AD.
upvoted 5 times
...
Opoveda
Most Recent 1 month, 2 weeks ago
I think is Y Y N
upvoted 1 times
...
nap61
9 months, 4 weeks ago
"The tenant contains a group named Group1 and the users shown in the following table." User 2 is already member of Group1 as stated...
upvoted 1 times
nonoelptirobo
2 months, 1 week ago
it's not stated that the users are in te group1, if they where already in the group, they wouldn't as to add user2 to the group there must be a missing coma : "the "The tenant contains a group named Group1; and the users shown in the following table
upvoted 1 times
...
...
Joedn
11 months, 1 week ago
Valid 05/28/2024
upvoted 2 times
MaryMargh
7 months, 4 weeks ago
Is there a simulation in exam?
upvoted 1 times
...
...
SIAMIANJI
1 year ago
Question3: No. If the organizational unit (OU2) to which User2 belongs is not selected for synchronization in Azure AD Connect, then User2 will not be synchronized to Azure Active Directory (Azure AD). As a result, User2 will not be visible in Azure AD, and you won't be able to directly add User2 to Group1 in Azure AD.
upvoted 1 times
...
Payday123
1 year, 5 months ago
"The TENANT contains a group named Group1 and the users shown in the following table." So the Group1 is AAD only and therefore User2 cannot be added as it doesn't exist in the tenant YYN
upvoted 2 times
...
Jothar
1 year, 5 months ago
Question #3 NEVER said that you were adding user2 to group1 on the aad. Sounds like you are doing this from AD and of course it will work. So yes for #3 as well.
upvoted 2 times
SIAMIANJI
1 year ago
Incorrect! It says: "The tenant contains a group named Group1". Group1 is not in AD it's in Azure Tenant.
upvoted 1 times
...
SantaClaws
1 year, 5 months ago
I disagree. Read the first line: Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com that syncs with an Azure AD tenant. The tenant contains a group named Group1 and the users shown in the following table. It is explicitly stated that Group1 exists in the Tenant. You are TECHNICALLY correct that Group1 might ALSO exist in AD, but in the SPIRIT of the question, we should assume not. Otherwise they ought to have told us that explicitly. Therefore the answer ought to be NO, because OU2 is not synced in AAD and Group1 is an AAD group.
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago