ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 90 discussion

Actual exam question from Microsoft's MS-100
Question #: 90
Topic #: 3
[All MS-100 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription that contains a group named Group1. The subscription is linked to an Azure Active Directory (Azure AD) tenant named contoso.com.

The Identity Governance settings for contoso.com are configured as shown in the following table.



On March 1, 2022, you invite the guest users shown in the following table to contoso.com.



On March 2, 2022, you add Guest1 to Group1.

On March 5, 2022, you create an access package named Package1 that has the following settings:

• Resource roles
o Name: Group1
o Type: Group and Team
o Role: Member
• Lifecycle
o Access package assignments expire: On date
o Assignment expiration date: March 20, 2022

On March 5, 2022, you assign Package1 to the guest users shown in the following table.



On March 6, 2022, you assign the Reports reader role to Guest3.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by hubran at Jan. 22, 2023, 9:49 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
josepedroche
2 years, 4 months ago
You can select what happens when an external user, who was invited to your directory through making an access package request, no longer has any access package assignments. This can happen if the user relinquishes all their access package assignments, or their last access package assignment expires. By default, when an external user no longer has any access package assignments, they're blocked from signing in to your directory. After 30 days, their guest user account is removed from your directory. i think YNY
upvoted 3 times
...
hubran
2 years, 5 months ago
Provided answer is correct. After March 20 none of the external users are assigned to any active access package, so governance settings for contoso.com to block access precvent them from signing in. Source: https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-external-users#manage-the-lifecycle-of-external-users
upvoted 2 times
certacc
2 years, 5 months ago
I'm not sure that is right. The "remove external user 30 days" setting only comes into effect when the user was added through an access package. Guests 1 and 2 were natively invited and never had an access package, therefore I don't think they would be removed. User 3 would because he used the access package to gain access where as the others didn't.
upvoted 3 times
DaDaDave
1 year, 11 months ago
Correct, the question does not clearly state that any user was created through the access package, based on the limited information they could have been present as guest users prior to the assignment in which case they would not be blocked and removed after the package expiration
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel