Exam AZ-103 topic 5 question 10 discussion

Please if you’re not sure don’t talk, you’re confusing people

Tried it Its No, No, Yes. Bul update does not accept Distinguished Names. Also, the question says 'tenant contains only default domain names' which is @contoso.onmicrosoft.com

No No Yes

Answer is Yes, No, No For the 2nd box, you can assign MFA either via email or phone number. Its not a must that a phone number will be included. This is what I do everyday at work.

N N Y because On cloud we use domain onmicrosoft.com

I strongly agree to the GIVEN ANSWER. Here's why; Question is saying = Your network contains an Active Directory domain named contoso.com that is SYNCED to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. This means its already happening. For you to achieve the sync operation between AD On-prem to Azure AD one of the requirements for you to achieve it is "adding custom domain" Here's reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-prerequisites You don't need to worry anymore if AD on-prem will work for this scenario.

I will go for No,No,Yes

1 - It needs your domain account in the form of [email protected] 2 - When you enroll your device it does not ask you for your telephone number but it ask you what do you prefer, if you select Microsoft Authenticator App, it DOES NOT need your number. 3- same as 1st. It needs your domain name in the form of [email protected]. So its Y-N-N

It's No No Yes

I think that the correct is N,N,Y, because the problem is that the statement are saying that the users have only default domain names, so, the domain name contoso.com is only available on-premise, not in cloud.

confusing one this , NNY OR YYN??, one has 18 votes the other has 15 votes. Which formatting will allow MFA to work?

The question is tricky How can you SUCCESSFULLY enable MFA without having a number?? Yes you can enable it but eventually users will still be prompt to fill it in after that then the MFA is successfully enabled. So setting up MFA successfully user requires to enable atleast 2 authenticating method whether its an Authenticator app , token , SMS or Call (which basically needs a phone number)

Catch is "successfully " enable... 2nd can be enabled without phone number but not a successful operation.. To make it successful , we need to have phone number enabled... Trying to justify exmtopic answer :) as all answers above are confusing.

Some ppl are just here to confuse ppl

No, No, Yes

No: We cant used the domain name of On Prem AD unless the UPN suffix match one of the custom domains in Azure AD. So during setting up AD connect , we must specify the custom domain in Azure AD & map it to On prem Domain. If we skip this step we cant use the same domain name as of On Prem to authenticate to Azure AD , even though it may be in sync .In this case no custom d0main was created. https://www.codetwo.com/admins-blog/how-to-sync-on-premises-active-directory-to-azure-active-directory-with-azure-ad-connect/ No : I think we can use any other software if not phone number for MFA auth Yes : Since the default domain name of Azure AD is needed for authentication , On proem domain name will not work.

Based on this: https://intrinium.com/o365mfa-2/ I am going with Yes, NO, No. As you can see the file in this link is showing the [email protected] with no phone number. So adding phone number is not needed also using the onmicrosoft.com domain is not needed either as the @domain.com is already in the file.