ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 9 question 3 discussion

Actual exam question from Microsoft's SC-100
Question #: 3
Topic #: 10
[All SC-100 Questions]

HOTSPOT -
You need to recommend an identity security solution for the Azure AD tenant of Litware. The solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Azure AD administrative units
Implement delegated management of users and groups in the Azure AD tenant of Litware, including support for:
* The delegation of user management based on business units
Without Azure AD administrative units, assigning a user to the User Administrator role in Azure AD gives them rights to manage all Azure AD users. With administrative units, the user is delegated the same role, User Administrator, but that role only applies to the specified administrative unit. The administrative unit contains the users and groups that are under the scope of management.
Box 2: Enable password hash synchronization in the Azure AD Connect deployment
Existing environment: Azure AD Connect is used to implement pass-through authentication.

Password hash synchronization -
Risk detections like leaked credentials require the presence of password hashes for detection to occur.
Reference:
https://4sysops.com/archives/an-introduction-to-azure-ad-administrative-units/ https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#password-hash-synchronization
by Granwizzard at Sept. 11, 2022, 1:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Granwizzard
Highly Voted 2 years, 2 months ago
Agree with the answer. Leaked pass -> https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity#protect-against-leaked-credentials-and-add-resilience-against-outages
upvoted 18 times
...
JCkD4Ni3L
Highly Voted 2 years, 2 months ago
Answers are correct.
upvoted 12 times
...
techmaster1507
Most Recent 11 months ago
Agree with the given answers.
upvoted 1 times
...
cyber_sa
1 year, 1 month ago
got this in exam 6oct23. passed with 896 marks. I answered as per given answer
upvoted 6 times
...
zellck
1 year, 6 months ago
1. Azure AD AU 2. Password synchronization in Azure AD connect https://learn.microsoft.com/en-us/azure/active-directory/roles/administrative-units An administrative unit is an Azure AD resource that can be a container for other Azure AD resources. An administrative unit can contain only users, groups, or devices. Administrative units restrict permissions in a role to any portion of your organization that you define. You could, for example, use administrative units to delegate the Helpdesk Administrator role to regional support specialists, so they can manage users only in the region that they support.
upvoted 6 times
zellck
1 year, 6 months ago
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/whatis-phs Password hash synchronization is one of the sign-in methods used to accomplish hybrid identity. Azure AD Connect synchronizes a hash of a user's password from an on-premises Active Directory instance to a cloud-based Azure AD instance. Password Hash Sync also enables leaked credential detection for your hybrid accounts. Microsoft works alongside dark web researchers and law enforcement agencies to find publicly available username/password pairs. If any of these pairs match those of our users, the associated account is moved to high risk.
upvoted 1 times
...
...
TJ001
1 year, 11 months ago
Correct Answers given
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel