Suppose your company is looking for a strong identity solution. It’s your job to decide whether Microsoft Entra ID or Active Directory Domain Services (AD DS) is the optimal choice. If you choose Microsoft Entra ID, you need to select the edition that best supports your organization’s needs and determine which features to implement.
Here are some requirements for your design:
- Users can sign-in to devices, apps, and services from anywhere.
- The IT team wants users to manage their own passwords and do related tasks.
- The Legal department requests protection for sensitive data to meet governance compliance standards.
Question 1
Which choice correctly describes Microsoft Entra ID?
A. Microsoft Entra ID can be queried through LDAP.
B. Microsoft Entra ID is primarily an identity solution.
C. Microsoft Entra ID uses organizational units (OUs) and group policy objects (GPOs).
Answer
B. Microsoft Entra ID is primarily an identity solution.
Explanation
Microsoft Entra ID is primarily an identity solution. It’s designed for internet-based applications by using HTTP and HTTPS communications.
A is incorrect. Because Microsoft Entra ID is based on the HTTP and HTTPS protocols, it can’t be queried through LDAP. Instead, Microsoft Entra ID uses the REST API over HTTP and HTTPS.
C is incorrect. Microsoft Entra users and groups are created in a flat structure. There are no organizational units (OUs) or group policy objects (GPOs).
Question 2
What term defines a dedicated and trusted instance of Microsoft Entra ID?
A. Azure tenant
B. Identity
C. Microsoft Entra account
Answer
A. Azure tenant
Explanation
A tenant is a dedicated and trusted instance of Microsoft Entra ID. A tenant is automatically created when an organization signs up for a Microsoft cloud service subscription.
B is incorrect. An identity is an object that can be authenticated. An identity can be a user with a username and password. Identities also include applications or other servers that might require authentication through secret keys or certificates.
C is incorrect. A Microsoft Entra account is an identity created through Microsoft Entra ID or another Microsoft cloud service, such as Microsoft 365. Identities are stored in Microsoft Entra ID and accessible to the organization’s cloud service subscriptions. This account is also sometimes called a work or school account.
Question 3
Your users want to sign-in to devices, apps, and services from anywhere. Users want to sign-in by using an organizational work or school account instead of a personal account. What should you do first?
A. Enable the device in Microsoft Entra ID.
B. Join the device to Microsoft Entra ID.
C. Register the device with Microsoft Entra ID.
Answer
B. Join the device to Microsoft Entra ID.
Explanation
Joining the device provides the features you need.
A is incorrect. You should first join the devices.
C is incorrect. Registering the device doesn’t provide the features you need.
Microsoft Azure Administrator AZ-104 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure Administrator AZ-104 exam and earn Microsoft Azure Administrator AZ-104 certification.