✑ What is your favorite food?
HOTSPOT
You have an Azure subscription that contains an Azure Directory (Azure AD) tenant named contoso.com. The tenant is synced to the on-premises Active Directory domain.
The domain contains the users shown in the following table.
You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication methods:
✑ Number of methods required to reset: 2
✑ Methods available to users: Mobile phone, Security questions
✑ Number of questions required to register: 3
✑ Number of questions required to reset: 3
You select the following security questions:
✑ What is your favorite food?
✑ In what city was your first job?
✑ What was the name of your first pet?
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: No
Administrator accounts are special accounts with elevated permissions. To secure them, the following restrictions apply to changing passwords of administrators:
On-premises enterprise administrators or domain administrators cannot reset their password through Self-service password reset (SSPR). They can only change their password in their on-premises environment.
Thus, we recommend not syncing on-prem AD admin accounts to Azure AD.
An administrator cannot use secret Questions & Answers as a method to reset password. Box 2: Yes
Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset their passwords without needing to contact IT staff.
Box 3: Yes
References: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment
Latest AZ-104 Dumps Valid Version with 416 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
The given answer for box 1 is incorrect. Azure admin accounts require two forms of authentication to use SSPR. Since the scenario has two methods present in its requirements, the answer is “Yes.” SecAdmin1 must answer all three security questions PLUS correctly respond to the mobile phone prompt.
So the answers should be Yes, Yes, Yes.