ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 1 question 45 discussion

Actual exam question from Microsoft's MS-500
Question #: 45
Topic #: 1
[All MS-500 Questions]

You have a Microsoft 365 subscription that contains the users shown in the following table.

You enable self-service password reset for Group1 and configure security questions as the only authentication method for self-service password reset.
You need to identity which user must answer security questions to reset their password.
Which user should you identify?

  • A. User1
  • B. User2
  • C. User3
  • D. User4
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Self-service password reset (SSPR) is only enabled for Group1 (User1 and User2). User1 cannot use security questions for SSPR because User1 has an administrative security role. Therefore, only User2 can use SSPR with security questions as the authentication method.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#administrator-reset-policy-differences
by billo79152718 at Sept. 16, 2022, 2:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ccadenasa
Highly Voted 2 years, 7 months ago
This is correct > https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#administrator-reset-policy-differences > "With a two-gate policy, administrators don't have the ability to use security questions."
upvoted 6 times
...
heshmat2022
Most Recent 2 years, 2 months ago
By default, administrator accounts are enabled for self-service password reset, and a strong default two-gate password reset policy is enforced. This policy may be different from the one you have defined for your users, and this policy can't be changed. You should always test password reset functionality as a user without any Azure administrator roles assigned.- With a two-gate policy, administrators don't have the ability to use security questions.
upvoted 2 times
...
RomanV
2 years, 2 months ago
Answer is correct. "administrators don't have the ability to use security questions." https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#administrator-reset-policy-differences
upvoted 1 times
...
billo79152718
2 years, 9 months ago
correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel