Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

Your company deploys Microsoft Entra Password Protection for its on-premises Active Directory forest. The Azure AD Password Protection proxy service is installed on two member servers, and the domain controller (DC) agent is installed on all DCs. After registering the forest, password changes that violate the banned password list are still accepted. Event ID 30009 on a DC reports that the agent cannot contact a proxy service. Which firewall rule should you create to restore connectivity?

  • Allow inbound TCP port 636 from domain controllers to each proxy server.

  • Allow inbound UDP port 389 from proxy servers to each domain controller.

  • Allow inbound TCP port 135 from domain controllers to each proxy server.

  • Allow outbound TCP port 443 from domain controllers to the password.azure.com endpoint.

Microsoft 365 Administrator Expert MS-102
Implement and manage Microsoft Entra identity and access
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot