az-104 question 333 discussion

View all Microsoft Azure Administrator Exam here
back to microsoft forum

Question 333 Topic 9

HOTSPOT
You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant
is synced to the on-premises Active Directory domain. The domain contains the users shows in the following table.

You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication
methods:
Number of methods required to reset: 2

Methods available to users: Mobile phone, Security questions

Number of questions required to register: 3

Number of questions required to reset: 3

You select the following security questions:
What is your favorite food?

In what city was your first job?

What was the name of your first pet?

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:


Explanation:
Box 1: No
Administrator accounts are special accounts with elevated permissions. To secure them, the following restrictions apply to
changing passwords of administrators:
On-premises enterprise administrators or domain administrators cannot reset their password through Self-service password
reset (SSPR). They can only change their password in their on-premises environment. Thus, we recommend not syncing on-
prem AD admin accounts to Azure AD. An administrator cannot use secret Questions & Answers as a method to reset
password.
Box 2: Yes
Self-service password reset (SSPR) is an Azure Active Directory feature that enables employees to reset their passwords
without needing to contact IT staff. Box 3: Yes
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment

Discussions
0 / 1000
dazzler
1 year, 6 months ago

NO
NO
Yes,
Administrator accounts cant use security questions for verification
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-security-questions

1
yehyamedhat3 (replied to dazzler)
1 year, 4 months ago

no
no
yes
or
no
yes
yes
i dont know the right answer i ask any one to know

0