ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-101 All Questions

View all questions & answers for the MS-101 exam
Go to Exam

Exam MS-101 topic 1 question 17 discussion

Actual exam question from Microsoft's MS-101
Question #: 17
Topic #: 1
[All MS-101 Questions]

You configure a conditional access policy. The locations settings are configured as shown in the Locations exhibit. (Click the Locations tab.)

The users and groups settings are configured as shown in the Users and Groups exhibit. (Click Users and Groups tab.)

Members of the Security reader group report that they cannot sign in to Microsoft Active Directory (Azure AD) on their device while they are in the office.
You need to ensure that the members of the Security reader group can sign in in to Azure AD on their device while they are in the office. The solution must use the principle of least privilege.
What should you do?

  • A. From the conditional access policy, configure the device state.
  • B. From the Azure Active Directory admin center, create a custom control.
  • C. From the Endpoint Manager admin center, create a device compliance policy.
  • D. From the Azure Active Directory admin center, create a named location.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by RascoPK at March 25, 2020, 8:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MCSA11
Highly Voted 5 years, 3 months ago
D. From the Azure Active Directory admin center, create a named location.
upvoted 38 times
...
stromnessian
Highly Voted 4 years, 5 months ago
D for sure. One of the most straightforward questions possible. Add a named location IP range (in Azure AD portal -> Security -> Named locations) and mark it as trusted.
upvoted 12 times
...
KrokodilBLUEZZ
Most Recent 3 years, 6 months ago
Selected Answer: D
D is correct.
upvoted 4 times
...
us3r
3 years, 8 months ago
Selected Answer: D
D is always the answer ;-)
upvoted 4 times
...
Prianishnikov
4 years, 4 months ago
D. From the Azure Active Directory admin center, create a named location.
upvoted 9 times
...
Rstilekar
4 years, 6 months ago
Conditional access policy has to work with Compliance policy. So i think the right answer should be C.
upvoted 2 times
HvD
4 years, 3 months ago
Could you elaborate? CA CAN use compliancy (as a condition), but it's not required.
upvoted 2 times
...
Yetijo
3 years, 10 months ago
This is incorrect. The answer is D. You need to create a named location. I can understand where you might think this is correct without experience, but it is not accurate.
upvoted 1 times
...
...
mkoprivnj
4 years, 6 months ago
D is correct!
upvoted 3 times
...
hosseny
4 years, 7 months ago
D. From the Azure Active Directory admin center, create a named location.
upvoted 2 times
...
TonySuccess
5 years ago
You have the policy, so now you need the named location. D.
upvoted 4 times
...
RascoPK
5 years, 4 months ago
Notmsure this is right. Nothing on MS page that would explain this anwser
upvoted 1 times
piceknick
5 years, 4 months ago
Named locations are trusted for CA policies
upvoted 10 times
Storm
3 years, 7 months ago
When you create a named location, you can choose trusted or not trusted
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel