Crucial Exams

Microsoft 365 Administrator Expert MS-102 Practice Question

Your company enabled Microsoft Entra security defaults six months ago. Now the security team wants to require phishing-resistant MFA (FIDO2 security keys or Windows Hello for Business) for all members of the Privileged Authentication Administrator and Global Administrator roles, while keeping other users on the existing MFA requirement. You must also exclude two emergency break-glass accounts from any MFA enforcement. What should you do?

  • Disable security defaults and create a Conditional Access policy that targets the privileged roles, applies the Phishing-resistant MFA authentication strength, and excludes the break-glass accounts.

  • Create an access review that requires users in the privileged roles to register a FIDO2 security key before they can sign in.

  • Keep security defaults enabled and add an authentication strength policy that requires phishing-resistant MFA for the privileged roles.

  • Enable per-user MFA for the privileged roles and configure it to allow only FIDO2 authentication.

Microsoft 365 Administrator Expert MS-102
Implement and manage Microsoft Entra identity and access
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot