Microsoft 70-346 Exam Dumps 2019

70-346 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

https://www.2passeasy.com/dumps/70-346/

We provide 70 346 managing office 365 identities and requirements in two formats. Download PDF & Practice Tests. Pass Microsoft 70-346 Exam quickly & easily. The 70-346 PDF type is available for reading and printing. You can print more and practice many times. With the help of our 70 346 dumps product and material, you can easily pass the 70-346 exam.

Check 70-346 free dumps before getting the full version:

NEW QUESTION 1
Contoso, Ltd. has an Office 365 tenant. The company has two servers named Server1 and Server2 that run Windows 2012 R2 Server. The servers are not joined to the contoso.com domain. Server2 is deployed to the perimeter network. You install Secure Sockets Layer (SSL) certificates on both servers.
You must use Integrated Windows authentication
You need to install and configure all AD FS components in the environment.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
70-346 dumps exhibit

    Answer:

    Explanation: Box 1: Install and Configure AD FS on Server1. Box 2: Join Server1 to the contoso.com domain
    Box 3: Run the following Windows PowerShell cmdlet on Server2: Install-WindowsFeature
    Box 4: Run the following Windows PowerShell cmdlet on Server2: Install-WebApplicationproxy
    Note:
    Prepare the Base Servers Box 1, Box 2: AD FS Server
    Box 3, Box 4: AD FS Proxy Server
    Once the necessary WAP role services are installed, we are then able to launch the Web Application Proxy Wizard to configure WAP.
    Note:

    NEW QUESTION 2
    You are an administrator for a company. You are planning an Office 365 pilot. The current environment has servers that run Windows Server 2012. There is no budget to upgrade the servers.
    You add an external DNS record for Active Directory Federation Services (AD FS). You must implement a single sign-on (SSO) solution for users to access the Office 365 resources. You must deploy the AD FS components with the following requirements:
    70-346 dumps exhibit Loss of a single server must not prevent any authentication request or management function.
    70-346 dumps exhibit Users must be able to access the Office 365 environment from their home computers by using their corporate credentials.
    70-346 dumps exhibit Any modifications to service configurations must be made after servers are deployed. You need to deploy AD FS.
    Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
    70-346 dumps exhibit

      Answer:

      Explanation: References:
      https://blogs.technet.microsoft.com/canitpro/2015/09/11/step-by-step-setting-up-ad-fs-and-enabling-single-sign-

      NEW QUESTION 3
      A company has 50 employees that use Office 365.
      You need to enforce password complexity requirements for all accounts.
      How should you complete the relevant Windows PowerShell command? To answer, drag the appropriate Windows PowerShell segment to the correct location in the answer area. Each Windows PowerShell segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
      70-346 dumps exhibit

        Answer:

        Explanation: We use Get –MsolUser to get all users. We then enforce strong password complexity to each of these users through StrongPassWordRequired parameter of the Set –MsolUser command. The output of get command is used in the set command through the concatenating function (the symbol |).
        Box 1: -MsolUser
        The Get-MsolUser cmdlet can be used to retrieve an individual user, or list of users. An individual user will be retrieved if the ObjectId or UserPrincipalName parameter is used. Box 2: MsolUser
        The Set-MsolUser cmdlet is used to update a user object. This cmdlet should be used for basic properties only. Parameter: -StrongPasswordRequired <Boolean>
        Sets whether or not the user requires a strong password.

        NEW QUESTION 4
        You plan to deploy an Office 365 tenant to multiple offices around the country.
        You need to modify the accounts that are authorized to administer the Rights Management service. Which Windows PowerShell cmdlet should you run?

        • A. Enable-AadrmSuperUserFeature
        • B. Add-MsolGroupMember
        • C. Add-AadrmRoleBasedAdministrator
        • D. Get-AadrmRoleBasedAdministrator

        Answer: D

        Explanation: The Get-AadrmRoleBasedAdministrator cmdlet lists the role-based administrators for Azure Rights Management.

        NEW QUESTION 5
        An organization with an Active Directory Domain Services (AD DS) domain migrates to Office 365. You need to manage Office 365 from a domain-joined Windows Server 2012 Core server.
        Which three components should you install? Each answer presents part of the solution.

        • A. Azure Active Directory module for Windows PowerShell
        • B. Microsoft .NET Framework 3.5
        • C. Microsoft Office 365 Integration Module for Windows Small Business Server 2011 Essentials
        • D. Microsoft .NET Framework 4.0
        • E. Microsoft Online Services Sign-in Assistant
        • F. Rights Management module for Windows PowerShell

        Answer: ABE

        Explanation: You can use Windows PowerShell to administer Office 365 and Azure Active Directory. However, the default installation of Windows PowerShell on Windows Server 2012 (or any other version of Windows) does not include the PowerShell cmdlets required to manage Office 365 or Azure Active Directory.
        You need to install the PowerShell module that includes the necessary cmdlets for managing Azure Active Directory. This module is the Windows Azure Active Directory Module for Windows PowerShell module. This module also requires that Microsoft .NET Framework 3.5 is installed and enabled.
        Before the Windows Azure Active Directory Module for Windows PowerShell, can be installed, the Microsoft Online Services Sign-in Assistant must be installed. This will allow you to connect to your Office 365/Azure subscription from a PowerShell session on a remote computer.

        NEW QUESTION 6
        You are the Office 365 administrator for your company. The company has a single office. You have the following requirements:
        70-346 dumps exhibit You must configure a redundant Active Directory Federation Services (AD FS) implementation.
        70-346 dumps exhibit You must use a Windows Internal Database to store AD FS configuration data.
        70-346 dumps exhibit The solution must use a custom login page for external users.
        70-346 dumps exhibit The solution must use single sign-on for internal users.
        You need to deploy the minimum number of servers. How many servers should you deploy?

        • A. 2
        • B. 4
        • C. 6
        • D. 16

        Answer: B

        Explanation: To provide redundancy, we would need to create AD FS farms with at least two servers. This can be used to allow internal users to use single sign-on (SSO).
        As we are using Windows Internal Database (WIM) to store AD FS configuration data, we do not need any additional servers for the database as WIM is included in Windows Server 2008 and later versions. Redundancy for WIM is possible when an AD FS farm is set up.
        To support external users, we would need to set up an AD FS proxy server. In order to provide redundancy we would need to set up an AD FS proxy farm. This would require a minimum of 2 more servers.
        The custom login page for external users can be created on the AD FS proxy server, which the external users would access. There is thus no need for additional servers.
        Thus the minimum number of server we would require is four: two for the AD FS farm and two for the AD FS proxy farm.
        References:
        https://technet.microsoft.com/en-us/library/gg982488.aspx
        http://blogs.technet.com/b/askpfeplat/archive/2013/07/22/faq-on-adfs-part-1.aspx

        NEW QUESTION 7
        You are planning an Office 365 pilot.
        You need to ensure that the environment is ready for Office 365. Which tool should you use?

        • A. Microsoft Connectivity Analyzer
        • B. Office 365 Best Practices Analyzer
        • C. Remote Connectivity Analyzer
        • D. Office 365 Health, Readiness, and Connectivity Checks

        Answer: D

        Explanation: Running Office 365 Health, Readiness, and Connectivity Checks prior to setting up Office 365 allows you to make sure that your environment is prepared for the Office 365 services. It can find settings in your existing environment that might cause problems when you start to set up or use your services. This will allow you to fix or work around the potential problems to make your deployment path easier to complete.
        References:
        https://support.office.com/en-us/article/Office-365-readiness-checks-c01571b8-183e-4a61-9ca0-80729a48bbda

        NEW QUESTION 8
        You have an Office 365 subscription.
        The Office 365 organization contains 500 users.
        You need to identify the following users in the organization:
        70-346 dumps exhibit users who have Litigation Hold enabled
        70-346 dumps exhibit users who receive the most spam email messages
        70-346 dumps exhibit users who have mailboxes that were accesses by an administrator
        Which type of report should you review to identify each type of user? To answer, drag the appropriate reports to the correct types of users. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
        70-346 dumps exhibit

          Answer:

          Explanation: The Azure AD Connect server must have .NET Framework 4.5.1 or later and Microsoft PowerShell 3.0 or later installed.
          Azure AD Connect requires a SQL Server database to store identity data. SQL Server Express has a 10 GB size limit that enables you to manage approximately 100,000 objects.
          References:
          https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-prerequisites

          NEW QUESTION 9
          Your company has an Office 365 subscription that is configured for single sign-on (SSO) to an on-premises deployment of Active Directory.
          Office 2016 is deployed to all workstations. Microsoft OneDrive for Business is used to replicate My Documents to OneDrive for Business.
          You need to ensure that when clients connect to Office 365 from an untrusted network, they can access Office 365 resources by using a web browser.
          Which two actions should you perform? Each correct answer presents part of the solution.

          • A. Modify the Sharing settings for SharePoint Online.
          • B. Disable modern authentication.
          • C. Add a claims provider trust.
          • D. Add a relying party trust.
          • E. Add a new rule.

          Answer: BC

          Explanation: B: In Skype for Business Server 2015, Modern Authentication is used between on-premises clients and on-premises servers in order to give users a proper level of authorization to resources.
          C: A Claims Provider trust is one where ADFS gets claims from the Claim Provider, which could be the local AD as Claims Provider or an external Claims Provider.

          NEW QUESTION 10
          You have an Office 365 subscription.
          The Office 365 organization contains five temporary administrators. The administrators are members of multiple role groups.
          You need to create a script that prevents the temporary administrators from performing administrative tasks from the Office 365 admin center. The solution must meet the following requirements:
          70-346 dumps exhibitRelease the Office 365 licenses assigned to the temporary administrators.
          Which cmdlet should you run? To answer, select the appropriate options in the answer area.
          70-346 dumps exhibit

            Answer:

            Explanation: The Set-MsolUserLicense cmdlet can be used to adjust the licenses for a user. This can include adding a new license, removing a license, updating the license options, or any combination of these actions.
            Example:
            The following command removes the for enterprises license from the user. This may result in the user's data being removed from each service.
            Set-MsolUserLicense -UserPrincipalName user@contoso.com -RemoveLicenses "contoso:ENTERPRISEPACK"
            References: https://msdn.microsoft.com/en-us/library/azure/dn194094(v=azure.98).aspx

            NEW QUESTION 11
            A company deploys an Office 365 tenant. All employees use Skype for Business Online. You need to configure the network firewall to support Skype for Business Online.
            Which ports must you open? To answer, drag the appropriate port number to the correct feature or features. Each port number may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
            70-346 dumps exhibit

              Answer:

              Explanation: Transport Control Protocol (TCP), User Datagram Protocol (UDP) ports, and Protocol Numbers are important to TCP/IP networking, intranets, and the Internet. Ports and protocol numbers provide access to a host computer. However, they also create a security hazard by allowing uninvited access. Therefore, knowing which port to allow or disable increases a network's security. If the wrong ports or protocol numbers are disabled on a firewall, router, or proxy server as a security measure, essential services might become unavailable.
              Port 443 is used for Audio, video and application sharing sessions as well as data sharing sessions - For HTTPS.
              Port 5223 is used for mobile push notifications - Extensible Messaging and Presence Protocol (XMPP) client connection over SSL.

              NEW QUESTION 12
              You deploy Office 365.
              All the members of a team named Sales have full access to a shared mailbox named Sales. You enable auditing for all shared mailboxes.
              From the Sales mailbox, an email message that contains inappropriate content is sent. You need to identify which user sent the message.
              What should you do?

              • A. From the Exchange Control Panel, run an administrator role group report.
              • B. From Windows PowerShell, run the Get-SharingPolicy cmdlet.
              • C. From Windows PowerShell, run the Write-AdminAuditLog cmdlet.
              • D. From Windows PowerShell, run the New-MailboxAuditLogSearch cmdlet.

              Answer: D

              Explanation: By process of elimination:
              The Write-AdminAuditLog cmdlet will write a comment to the administrator audit log. The Get-SharingPolicy cmdlet allows you to view the settings of sharing policies
              The administrator role group report in EOP will list changes to the management role groups within a particular time frame.
              The New-MailboxAuditLogSearch cmdlet performs an async search of mailbox audit logs for the specified mailboxes and sends the search results by email to the specified recipients.
              References: https://technet.microsoft.com/en-us/library/ff522362%28v=exchg.150%29.aspx

              NEW QUESTION 13
              You are the Office 365 administrator for your company.
              You must configure a trust between the on-premises Active Directory domain and the Office 365 environment by using Active Directory Federation Services.
              You need to assign the correct certificate to the description of your on-premises server environment below. Which certificate types should you assign? To answer, drag the appropriate certificate type to the correct test
              description. Each certificate type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
              70-346 dumps exhibit

                Answer:

                Explanation: Certificates are used to secure communications between federation servers, Web Application Proxies, federation server proxies, the cloud service, and web clients.
                A Secure Sockets Layer (SSL) certificate is used to secure communications between federation servers, clients, Web Application Proxy, and federation server proxy computers.
                A Token-signing certificate is a standard X.509 certificate that is used to securely sign all tokens that the federation server issues and that the cloud service will accept and validate.
                References:
                https://technet.microsoft.com/en-us/library/dn151311.aspx
                http://blogs.technet.com/b/adfs/archive/2007/07/23/adfs-certificates-ssl-token-signing-and-client-authentication-

                NEW QUESTION 14
                You are the Office 365 administrator for your company. You audit the Windows Azure Active Directory Rights Management configuration for the company.
                You need to view a log of the recent administrative commands performed against the Microsoft Rights Management Service.
                Which three Windows PowerShell cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of actions to the answer area and arrange them in the correct order.
                70-346 dumps exhibit

                  Answer:

                  Explanation: Although you can activate Azure Rights Management by using the Office 365 admin center or the
                  Azure Management Portal, you can also use the Windows PowerShell module for Azure Rights Management to do this. First we active Azure Rights Management by import it through Import-AadrmTpd, then we connect to the service with Connect-AadrmService, and finally we generate the log with Get-AadrmAdminLog.
                  Step 1: The Import-AadrmTpd cmdlet imports an Active Directory Rights Management Services (AD RMS) trusted publishing domain (TPD) over the Internet into your tenant for Azure Rights Management so that you can migrate Rights Management from on-premises to the cloud.
                  Step 2: The Connect-AadrmService cmdlet connects you to the Azure Rights Management service. This cmdlet can also be used by a partner company that manages your tenant.
                  Connect by using this cmdlet before you configure Rights Management by using other cmdlets in this module. Step 3: The Get-AadrmAdminLog cmdlet generates logs for all Rights Management administrative
                  commands.
                  References:
                  http://technet.microsoft.com/en-us/library/jj585027.aspx

                  NEW QUESTION 15
                  You are the system administrator for a company named Fabrikam, Inc. You implement Office 365. You need to modify settings for the Office 365 tenant. Which action can you perform?

                  • A. Modify the custom domain of fabrikam.com.
                  • B. Modify the Microsoft Teams URL
                  • C. Rename the fabrikam.onmicrosoft.com domain name.
                  • D. Remove the fabrikam.onmicrosoft.com domain name.

                  Answer: A

                  NEW QUESTION 16
                  You have a SharePoint Online tenant. A user named User1 manages several site collections. User1 must be able to view the following information for the site collections:
                  70-346 dumps exhibit a list of side administrators
                  70-346 dumps exhibit the number of subsites in a site collection
                  70-346 dumps exhibit storage and usage quotas
                  You need to ensure that User1 can view the requested reports while minimizing the privileges that you grant to User1.
                  Which two permission levels can you assign to User1? Each correct answer presents a complete solution.

                  • A. Global admin
                  • B. SharePoint Online admin
                  • C. Site Collection admin
                  • D. Site admin
                  • E. User management admin
                  • F. Service admin

                  Answer: BC

                  Explanation: C: The Site collection administrator has permissions to manage a site collection.
                  B: Here are some of the key tasks users can do when they are assigned to the SharePoint Online admin role:
                  70-346 dumps exhibit Create site collections
                  70-346 dumps exhibit Manage site collections and global settings
                  70-346 dumps exhibit Assign site collection administrators to manage site collections
                  70-346 dumps exhibit Manage site collection storage limits
                  70-346 dumps exhibit Manage SharePoint Online user profiles
                  References:
                  https://support.office.com/en-us/article/About-the-SharePoint-Online-admin-role-f08144d5-9d50-4922-8e77-4e

                  NEW QUESTION 17
                  Your company uses Office 365 and has an Enterprise E3 plan. The company has a Microsoft SharePoint Online public website that is currently configured to use the onmicrosoft.com domain name.
                  The company purchases a new domain name.
                  You need to change the address of the SharePoint Online public website to the new domain name. What should you do first?

                  • A. In the SharePoint Online Administration Center, add the new domain.
                  • B. In the Office 365 admin center, add the new domain.
                  • C. Create a new site collection and assign it the new domain.
                  • D. Create a new public website and assign it to the new domain.

                  Answer: B

                  Explanation: If you go to the SharePoint Online Administration Center and click the "Add Domain" button it takes you to the same location as if you would have clicked the "Domains" -> "Add domain" option from the Office 365 admin center.
                  So either A or B is technically correct, but if I had to choose one of the two I would select B. References:
                  https://support.office.com/en-us/article/Rename-your-SharePoint-Online-Public-Website-addressto-use-your-cus AF4D-F025B3825ED3
                  https://support.office.com/en-us/article/Rename-your-SharePoint-Online-Public-Website-addressto-use-your-cus a1cc-c6bda0a99986?ui=en-US&rs=enUS&ad=US
                  https://support.office.com/en-us/article/Verify-your-domain-in-Office-365-6383f56d3d09-4dcb-9b41-b5f5a5efd

                  100% Valid and Newest Version 70-346 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/70-346/ (New 356 Q&As)