– Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.
Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft 365 bulk licenses.
Technical Requirements
Fabrikam identifies the following technical requirements:
– All users must be able to exchange email messages successfully during Project1 by using their current email address.
– Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
– A user named User1 must be able to view all DLP reports from the Microsoft 365 admin center.
– Microsoft Office 365 ProPlus applications must be installed from a network share only.
– Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
– An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
– The installation of feature updates for Office 365 ProPlus must be minimized.
Security Requirements
Fabrikam identifies the following security requirements:
– After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
– The memberships of UserLicenses must be validated monthly. Unused user accounts must be removed from the group automatically.
– After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
– The principle of least privilege must be used.
HOTSPOT
You create the Microsoft 365 tenant.
You implement Azure AD Connect as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Answer: 
Explanation:
In the exhibit, seamless single sign-on (SSO) is disabled. Therefore, as SSO is disabled in the cloud, the Sales department users can access only on-premises applications by using SSO.
In the exhibit, directory synchronization is enabled and active. This means that the on-premises Active Directory user accounts are synchronized to Azure Active Directory user accounts. If the on-premises Active Directory becomes unavailable, the users can access resources in the cloud by authenticating to Azure Active Directory. They will not be able to access resources on-premises if the on-premises Active Directory becomes unavailable as they will not be able to authenticate to the on-premises Active Directory.