HOTSPOT
You have a Microsoft 365 subscription that uses a default domain named contoso.com.
The domain contains the users shown in the following table.
The domain contains the devices shown in the following table.
The domain contains conditional access policies that control access to a cloud app named App1.
The policies are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Yes.
User1 is in a group named Compliant. All the conditional access policies apply to Group1 so they don’t apply to User1.
As there is no conditional access policy blocking access for the group named Compliant, User1 is able to access App1 using any device.
Box 2: Yes.
User2 is in Group1 so Policy1 applies first. Policy1 excludes compliant devices and Device1 is compliant.
Therefore, Policy1 does not apply so we move on to Policy2.
User2 is also in Group2. Policy2 excludes Group2. Therefore, Policy2 does not apply so we move on to Policy3.
Policy3 applies to Group1 so Policy3 applies to User2. Policy3 applies to ‘All device states’ so Policy3 applies to Device1. Policy3 grants access. Therefore, User2 can access App1 using Device1.
Box 3: No.
User2 is in Group1 so Policy1 applies. Policy1 excludes compliant devices but Devices is non-compliant.
Therefore, User2 cannot access App1 from Device2.
Latest MS-100 Dumps Valid Version with 297 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund