Microsoft 70-346 Exam

What should you do next from the Office 365 portal?

OverView –
Fabrikam, Inc is a financial services organization.
Fabrikam recently purchased another financial services organization named Contoso, Ltd.
Fabrikam has 2000 users. Contoso has 500 users.
Windows 10 and Office 2016 are deployed to all computers.

Physical Location –
Fabrikam has an office in the United States. Contoso has an office in the United Kingdom. The offices connect to each other by using a WAN link. Each office also connects directly to the internet.

Existing Environment –

Active Directory –
The network Fabrikam contains an Active Directory forest.
The Active Directory environment of Contoso was migrated to the Active Directory forest of Fabrikam. The forest contains three domains named fabrikam.com, contractor.fabrikam.com, and contoso.com.
All domain controllers run Windows Server 2008 R2.
All contractors outsourced by Fabrikam use the user principal name (UPN) suffix of contractor.fabrikam.com. If Fabrikam hires the contractor as a permanent employee, the UPN suffix changes to fabrikam.com.

Network –
The network has the following configurations:
— External IP address for the United States office: 192.168.1.100
— External IP address for the United Kingdom office: 192.168.2.100
— Internal IP address range for the United States office: 10.0.1.0/24
— Internal IP address range for the United Kingdom office : 10.0.2.0/24
Active Directory Federation Services (ADFS)
AD FS and web Application Proxies are deployed to support an app for the sales department.
The app is accessed from the Microsoft Azure Portal.

Office 365 Tenant –
You have an Office 365 subscription that has the following configurations:
— Organization name: Fabrikam Financial Services.
— Vanity domain: Fabrikamfinancialservices.onmicrosoft.com
— Microsoft SharePoint domain: Fabrikamfinancialservices .sharepoint.com
— Additional domain added to the subscription: Contoso.com and fabrikam.com

Requirements –

Planned Changes –
— Deploy Azure AD connect.
— Move mailboxes from Microsoft Exchange 2016 to Exchange Online.
— Deploy Azure multi-factor authentication for devices that connect from untrusted networks only.
— Customize the AD FS sign-in webpage to include the Fabrikam logo, a helpdesk phone number, and a sign=in description.
— Once all of the Fabrikam users are replicated to Azure Active Directory (Azure AD), assign an E3 license to all of the users in the United States office.

Technical Requirements –
Contoso identifies the following technical requirements:
When a device connects from an untrusted network to
https://outlook.office.com
— , ensure that users must type a verification code generated from a mobile app.
— Ensure that all users can access office 365 services from a web browser by using either a UPN or their primary SMTP email address.
— After Azure AD connect is deployed, change the UPN suffix if all the users in the Contoso sales department to fabrikam.com.
— Ensure that administrator are notified when the health information of Exchange Online changes.
— User Office 365 reports to review previous tasks performed in Office 365.
You need to modify the Office 365 subscription to support the planned changes for the devices that connect from untrusted networks.
You enable Azure multi-factor authentication for all of the users in the subscription.
What should you do next from the Office 365 portal?

  • A. Add a trusted domain.
  • B. Set the Trusted IPs to 10.0.1.0/24 and 10.0.2.0/24.
  • C. Set the Trusted IPs to 192.168.1.100/32 and 192.168.2.100/32
  • D. Convert the fabrikam.com domain to a federated domain.
Answer: Option C.
Explanation: 

Adding trusted IPs is excluding a set of addresses from MFA. MFA is hosted outside your LAN so you communicate with the service using your public IPs.
The case tells us that the external IPs are 192.168.1.100 and 192.168.2.100 so these should be added as trusted IPs in MFA.
References: https://docs.microsoft.com/nl-nl/azure/multi-factor-authentication/multi-factor-authenticationwhats-next#trusted-ips

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker
error: Alert: Content is protected !!