Exam MS-101 topic 3 question 97 discussion

https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-improvement-actions?view=o365-worldwide&viewFallbackFrom=o365-worldwide%20https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Ffundamentals%2Factive-directory-users-assign-role-azure-portal In the next link say: Assign improvement actions To begin implementation work on an improvement action, you can do the work yourself or assign it to another user. The assigned person could be: A business policy owner An IT implementer Another employee with responsibility to perform the task Once you identify the appropriate assignee, be sure they hold a sufficient Compliance Manager role to perform the work.

Answer: D The question states, You need to "assign the following improvement action" to User1: Enable self-service password reset. I've just performed this in my tenant (regardless of SSPR being enabled or not) Go to: Compliance Manager Overview Compliance Manager > "Improvement actions" > Enable self-service password reset > In the overview section, (implementation Status = Partially implemented), scroll down to Assign and Assign it to User1.

No role needed for self-service password. Azure AD - Users - Password reset. There you can choose none or group or all. Correct answer B.

The answer is D. The wording gives it away. Answer B would enable for everyone not just User1. This shows they want to give the ability to User1

I think I D

As stated in other comments, its about delegating the work to User1. not about doing the job directly.

Just to be clear, every single person here stating that D is the correct answer is out of their mind. The question does not state that User1 should have a specific role, it states that you need to enable SSPR for User1. The Compliance administrator role in Azure Active Directory is used to manage and configure compliance settings for the tenant, such as data governance, eDiscovery, and retention policies. It would not be used to enable self-service password reset for a specific user. Correct answer is B 1000%

Let's get one thing straight: the name of the improvement action is a ruse. Here is a formated version: "You need to assign the following improvement action to User1: Make your boss a coffee". Still confused? Let's cut it down further: "You need to assign (...) improvement action to User1(...)." Now you're getting it. But it seems you are not convinced. Here is the kicker: question is formed like that ON PURPOSE. You know Microsoft. They form questions like that on purpose AND they copy technical text down to a letter. What you are thinking of would be worded by Microsoft like such: "You need to COMPLETE the following improvement action: Enable self-service password reset for User1." The wording and location of subject (User1) in the sentence is crucial. Since the question asks about assigning improvement actions to User1, User1 needs access to Compliance center. Answer D is the only one that acomplishes the goal. "What should yo do FIRST" seems to also be a ruse...

LoL tricky one, its not about enabling SSPR by your self. its about assigning a person to an improvemnt action from compliance. if you are assigned to the actoion , your are the person who is rsponsible to track the action , you are not responsible for doing it. so D

It talks about *improvement action*, it can be anything, SSPR or anything but the first thing would be to assign the compliance action to someone, user1 in this case

Answer is D. User 1 need to have a role to implement SSRP as per the improvement actions.

From the Azure Active Directory admin center, enable self-service password reset (SSPR)

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr "1. Sign in to the Azure portal using an account with global administrator permissions. 2. Search for and select Azure Active Directory, then select Password reset from the menu on the left side. 3. From the Properties page, under the option Self service password reset enabled, choose Selected. 4. If your group isn't visible, choose No groups selected, browse for and select your Azure AD group, like SSPR-Test-Group, and then choose Select. 5. Select a group in the Azure portal to enable for self-service password reset 6. To enable SSPR for the select users, select Save". As mentioned in the link above, the answer is B.

It is C https://docs.microsoft.com/nl-nl/microsoft-365/admin/add-users/let-users-reset-passwords?view=o365-worldwide

100% From the Azure Active Directory admin center, enable self-service password reset (SSPR).

The question states, "You need to assign the following improvement action to User1:Enable self-service password reset. What should you do first?" There is no reference to giving User1 administrative privileges. Simply, the administrator (or you), needs to register User1 for SSPR by creating a user group that has SSPR registration, and adding User1 to that group. Only one group can be granted this permission in a domain. It can support group nesting within it. Prior to that condition, a Global administrator must Enable Self-Service Password Reset for the domain. Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr

I think it's C. The task is to enable SSPR. You can't enable it unless you change the settings. The Compliance Admin role has nothing to do with enabling SSPR. At least it doesn't in my tenant at or at work when I set it up. I can't even get to the SSPR settings with the Comp. Admin. role.