create and manage users

Practice Test

Which of the following tools could you use to manage user permissions in Office365?

• a) Azure AD
• b) Microsoft Excel
• c) Microsoft Power Bi
• d) Microsoft Teams

Answer: a) Azure AD

Explanation: Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service

True/False: It is possible to break the inheritance of permissions from a parent object.

Answer: True

Explanation: Permissions can be individually managed and it’s possible to break the inheritance of permissions from a parent in object in Active Directory.

Which of the following can a Microsoft 365 administrator do?

• a) Add users
• b) Assign roles
• c) Delete roles
• d) Purchase a subscription

Answer: a) Add users, b) Assign roles, d) Purchase a subscription

Explanation: Administrators have the permission to add users, assign roles and purchase subscriptions.

True/False: You can add a guest user to the Microsoft 365 admin center.

Answer: True

Explanation: You can add a guest user to the Microsoft 365 admin center. They will have limited capabilities and permissions.

What can a user do with the User management admin role in Azure AD?

• a) Reset passwords
• b) Monitor service health
• c) Manage domains
• d) Purchase a subscription

Answer: a) Reset passwords

Explanation: The User Management admin role in Azure Active Directory allows a user to reset passwords among other things.

Which of the following are required when creating a new user in Microsoft 365?

• a) User name
• b) Password
• c) Product licenses
• d) Phone number

Answer: a) User name, b) Password, c) Product licenses

Explanation: A username, initial password, and product license assignment are required when creating a new user in Microsoft

True/False: You can’t create individual user accounts for a business with fewer than 50 employees.

Answer: False

Explanation: Microsoft 365 allows creation of individual user accounts regardless of the size of business.

What is the primary role of the Global Administrator in Office 365?

• a) To manage billing
• b) To manage service requests
• c) To manage all administrative functions
• d) To manage individual user accounts

Answer: c) To manage all administrative functions

Explanation: The Global administrator in Office 365 has access to all administrative functions.

True/False: Once a user has been assigned a role, it cannot be changed.

Answer: False

Explanation: A user’s role can be modified at any time based on changes to job function or responsibility.

What are the three types of user roles in Office 365?

• a) Global Administrator
• b) Billing Administrator
• c) Service Administrator
• d) Guest User

Answer: a) Global Administrator, b) Billing Administrator, c) Service Administrator

Explanation: Global Administrator, Billing Administrator and Service Administrator are three main types of user roles in Office

True/False: Multi-factor Authentication (MFA) enhances the security of a user account by requiring multiple forms of verification.

Answer: True

Explanation: MFA provides an additional level of validation, verifying a user’s identified online presence for more secure transactions and interactions.

What needs to be done if a user forgets their password in Office 365?

• a) Contact Microsoft support
• b) The Global Administrator must reset it
• c) Delete the user account
• d) The user can reset it themselves

Answer: b) The Global Administrator must reset it

Explanation: If a user forgets their password, their password can be reset by the Global Administrator.

True/False: It is possible to perform bulk operations such as adding multiple users at once.

Answer: True

Explanation: Microsoft 365 supports bulk operations through a .csv file import plus a few other methods.

Which of the following can a Service administrator do?

• a) Add domains
• b) Buy a subscription
• c) Reset passwords
• d) Do none of the above

Answer: d) Do none of the above

Explanation: Service Administrators manage service requests and monitor service health.

True/False: Everyone in an organization can see the membership of an Office 365 Group.

Answer: True

Explanation: Unless the group is specifically configured as private, the membership of an Office 365 Group can be seen by everyone in the organization.

Interview Questions

What is the purpose of identity in Microsoft 365?

Identity in Microsoft 365 allows for the management and protection of user identities. It ensures only authorized users have access to resources and information in the organization.

How do you add a new user in Microsoft 365?

You add a new user in Microsoft 365 by navigating to the active users page under the admin center, then choosing “Add a user” and filling in the appropriate information such as name, username, and role.

What is the significance of assigning roles in Microsoft 365?

Roles in Microsoft 365 dictate what actions a user can perform within the platform. By assigning different roles, administrators can control access and ensure that users have appropriate access to perform their job functions.

What happens when you delete a user in Microsoft 365?

When you delete a user in Microsoft 365, the user’s mailbox, OneDrive, and other related data are also deleted. The deleted user is moved to the Recycle Bin where their data is kept for 30 days.

What is a role assignment policy in Microsoft 365?

A role assignment policy in Microsoft 365 is a collection of permissions that allows you to control what specific tasks assigned users can do in the Exchange admin center.

How do you recover a deleted user in Microsoft 365?

To recover a deleted user, navigate to the admin center, and then open the Exchange admin center. Go to “Recipients” > “Mailboxes” > and select “More” > “Restore Deleted User”. Then follow the prompts to restore the deleted user.

What are guest users in Microsoft 365?

Guest users in Microsoft 365 are users outside of your organization who you grant access to your Microsoft 365 data, files, and resources.

What is the purpose of Office 365 Groups?

Office 365 groups promotes collaboration by allowing a set of users to share resources like a SharePoint site or a mailbox for group conversations.

What is multi-factor authentication in Microsoft 365?

Multi-factor authentication in Microsoft 365 is a security mechanism that requires a user to present two or more separate forms of identification before access is granted.

What is Identity as a Service (IDaaS) in the context of Microsoft 365?

IDaaS, in the context of Microsoft 365, refers to Microsoft Azure Active Directory, a cloud-based service that is designed to help manage identity and provide single sign-on access to cloud applications.

Why would one use device-based conditional access in Microsoft 365?

Device-based conditional access allows administrators to create policies that grant or deny access to services based on the security status or location of a device amongst other parameters. This contributes to keeping the organization’s data secure.

How can you block a user’s access to Microsoft 365 without deleting their account?

You can block a user’s access by going to the active users page in the admin center, select the user, and then under the block sign in section, switch it to ‘yes’.

What are the minimum requirements to create a user in Microsoft 365?

The minimum requirements include a unique username within the domain, first and last names, and a display name for the user.

How can you use PowerShell to manage users in Microsoft 365?

PowerShell can be used to perform tasks such as creating user accounts, resetting passwords, assigning licenses, and configuring user properties in Microsoft 365.

What is the difference between global and limited administrator roles in Microsoft 365?

A global administrator has access to all administrative features while a limited administrator has roles assigned that limit them to performing specific administrative tasks.