• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/129

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

129 Cards in this Set

  • Front
  • Back

What items use strictly TCP port 443 in an Office 365 environment?

-Office 365 Portal


-Outlook


-OWA


-SharePoint Online


-Lync Client


-ADFS Federation/Proxy



What items use TCP port 443/80 in an Office 365 environment?

-Azure AD sync tool


-Mail migration tools


-Exchange

What items use TCP port 25 in an Office 365 environment?

Mail Routing

What items use TCP port 143/993 in an Office 365 environment?

IMAP simple migration tool

What items use TCP port 995 in an Office 365 environment?

POP3/S

What items use TCP port 5223 in an Office 365 environment?

Lync mobile client push notifications

What items use TCP port 587 in an Office 365 environment?

SMTP relay

What is PSOM?

PSOM is the media protocol for data collaboration. PSOM will use TLS as the underlying transport. PSOM can be used by conferencing clients to establish media channels with the Web Conferencing Server to negotiate or transfer media.

What is STUN?

STUN (Session Traversal Utilities for NAT) reflects the NAT IP addresses of the external user’s endpoint visible to the internal user’s Lync client. This helps the external user’s Lync client determine which IP addresses other clients can see across firewalls. TURN allocates media ports on the external A/V edge of the Edge Server to allow the internal user’s Lync endpoint to connect to the external user’s Lync endpoint.

What transport mechanisms does "Lync Online outbound data sharing" use?

PSOM/TLS 443

What transport mechanisms does "Lync Online outbound audio, video, app sharing" use?

STUN/TCP 443

What transport mechanisms does "Lync Online outbound audio and video sessions" use?

STUN/UDP 3478

What transport mechanisms does "Lync to Phone outbound" use?

UDP 20 000-45 000

What transport mechanisms does "Lync outbound audio and video sessions" use?

UDP 50 000 - 59 000

What host names can be used for non SSL content caching?

r3.res.outlook.com


r4.res.outlook.com


prod.msocdn.com

What are the minimum system requirments for the "Office 365 best practices analyzer"?

>Windows 7 SP1 x64


>IE9

Where can the "Office 365 best practices analyzer" be downloaded from?

From the tools section in the Office 365 Admin Centre.

What is the purpose of "Office 365 best practices analyzer"?

Diagnosing client connectivity

What is the purpose of "Office 365 OnRamp Tool"?

Checks for Office 365 deployment readyness in on premises environment

Where can the "Office 365 OnRamp Tool" be accessed from?

onramp.office365.com

What methods can be used to add and administer users to Office 365?

- Office 365 Admin Console


- CSV


- Powershell


- Directory syncronisation

What Powershell cmdlet and mandatory parameters can be used to add a new user to Office 365?

New-msoluser -userprincipalname -displayname

What Powershell cmdlet and parameters can be used to change the properties of an Office 365 user?

set-msoluser-userprincipalname


-passwordneverexpires


-strongpasswordrequired



What Powershell cmdlet and parameters can be used to remove user from Office 365?

remove-msoluser -objectid


-userprincipalname



How long is the grace period from when a Office 365 user is deleted and permanently deleted?

30 days

What method can be used to restore an Office 365 user that has been deleted within the 30 day grace period?

restore-msoluser -userprincipalname

What method can be used to display details of an Office 365 user?

Get-msoluser

What method can be used to assign an Office 365 license to an existing Office 365 user?

set-msoluserlicense -userprincipalname -addlicenses :licensetype

What information is required when creating an Office 365 user?

- Display Name


- User Name

Where can you view available licenses for your Office 365 users?

- under "Assigned license" section of each user


- under the Billing > licenses section of the admin center menu

What are the default options for viewing active users?

-All users


-Sign-in allowed users


-Sign-in blocked users


-unlicensed users


-users with errors


-billing admins


-global admins


-password admins


-service admins


-user management admins

What are the 3 types of Office 365 groups?

-Exchange Online Groups


-SharePoint Online Default Groups


-Office 365 Security Groups

Where are Exchange Online Groups managed?

Exchange Admin Center (EAC)

What types of exchange online groups can be created?

-Distribution Groups


-Security Groups


-Dynamic Distribution Groups

Describe the function of an Exchange Online Distribution Group

Used to distribute messages to recipients

Describe the function of an Exchange Online Security Group

Used to provide access to distribute messages

Describe the function of an Exchange Online Dynamic Distribution Group

Dynamically populated groups used to distribute messages to recipients

What are some the default groups for SharePoint Online if a public template is used?

Visitors, Members, Owners, Approvers, Designers

What are the default groups for SharePoint Online if a team template is used?

Visitors, Members, Owners

Office 365 security groups can be used to manage access to SharePoint Online resources how?

Office 365 security groups can be nested inside SharePoint Online groups.

What are the pre-requisites to installing the Azure AD PowerShell Module?

- Windows 7 and <


- .Net Framework 3.5.1


- Online Services Sign-in Assistant v7.0 or < (x86/x64)


- Azure Admins Console

What is the cmdlet used to establish a connection to manage an Office 365 account?

connect-msolservice

What common parameters can be used in conjunction with the new-msoluser cmdlet?

-userprincipalname


-displayname


-password


-passwordneverexpires


-strongpasswordrequired


-usagelocation


-licenseassugnment

What common parameters can be used in conjunction with the get-msoluser cmdlet?

-userprincipalname


-usagelocation


-returndeletedusers


-license


-unlicensedusersonly



What common parameters can be used in conjunction with the set-msoluser cmdlet?

-userprincipalname


-displayname


-passwordneverexpires


-strongpasswordrequired


-usagelocation


-licenseassignment

What common parameters can be used in conjunction with the remove-msoluser cmdlet?

-userprincipalname


-removefromrecyclebin



What common parameters can be used in conjunction with the remove-msoluser cmdlet?

-userprincipalname

What cmdlet can be used to get licencing information for a Office 365 account?

get-msolaccountsku

What cmdlet can be used to change the licensing properties of a user

set-msoluserlicense

What common parameters can be used with set-msoluserlicense?

-userprincipalname


-addlicenses


-removelicenses

What cmdlet can be used to create a Office 365 security group?

new-msolgroup

What are the common parameters of new-msolgroup?

-displayname


-description

What cmdlet can be used to modify the properties an Office 365 security group?

set-msolsecuritygroup

What are the common parameters of new-msolgroup?

-description

What cmdlet can be used to get a list of members an Office 365 security group?

get-msolgroupmember

What are the common parameters of get-msolgroupmember?

-groupobjectid

What cmdlet can be used to add a member to an Office 365 security group?

add-msolgroupmember

What are the common parameters of add/remove-msolgroupmember?

-groupobjectid


-groupmembertype


-groupmemberobjectid



What cmdlet can be used to delete a Office 365 security group?

remove-msolsecuritygroup

What are the common parameters of remove-msolsecuritygroup?

-objectid


-force

What does a Office 365 Global Administrator/company administrator Admin role give a user permission to do?

All tasks in the Office 365 Admin Center:


-Manage domains


-Manage organisation information


-delegate administrator roles to other users


-use directory synchronization


-Exchange Online Admin


-Exchange Company Admin


-SharePoint Online Admin


-Lync Online Admin

What does a Office 365 User Management Admin/user account admin role give a user permission to do?

-Manage users, groups and service requests, reset passwords and monitor health


-cannot reset passwords for billing, global/company admin or service/service support admin.


-Lync Online Admin

What does a Office 365 Password Admin/helpdesk admin role give a user permission to do?

-Manage passwords (excluding those with an admin role) and service requests, monitor health.


-Exchange Helpdesk Admin


-Lync Online Admin

What does a Office 365 Service Admin/service support admin role give a user permission to do?

-Manage service requests and monitor health. Admin permissions must be assigned to the online service before this role.


-Lync Online Admin

What does a Office 365 Billing Admin role give a user permission to do?

-Make purchases, manage subscriptions and support tickets, monitor health.


-Lync Online Admin

What cmdlet can be used to show the available roles on an Office 365 tenant?

get-msolrole

What cmdlet can be used to add a user to a role on an Office 365 tenant?

add-msolrolemember

what are the common parameters of add/remove-msolrolemember?

-rolename


-rolememberemailaddress

What cmdlet can be used to get the role assigned to an Office 365 user?

get-msoluserrole

What are the common parameters of get-msoluserrole?

-userprincipalname

What are the common parameters of get-msolrole?

-rolename

What cmdlet can be used to get the members of a role in Office 365?

get-msolrolemember

What are the common parameters of get-msolrolemember?

-roleobjectid

What cmdlet can be used to remove the members of a role in Office 365?

remove-msolrolemember

What is a delegated administrator?

It is a role reserved for if you wish to have your Office 365 tennant managed by someone outside of your organisation.

What is the sequence of events that must take place in order to add a delegated administrator?

1. Review email with offer terms


2. Click link to offer authorization


3. Click yes to authorize partner as delegated admin.


4. create subscription tenant account if it has not already been created.


5. Verify delegated admins

What are the two types of delegated admins?

Full administration=global admin/company admin


Limited administration=password admin/helpdesk admin

What are the default password settings for Office 365 users?

-expires after 90 days


-notification after 14 days

what is the range of days that you can set password expiration to?

14-730

what is the range of days that you can set password reset notification to?

1-30

what password settings are available in PowerShell but not in the Office 365 admin center?

- Password never expires


- Remove strong password complexity requirments

If a user has been assigned the Global Admin role and needs their password reset, what options does the user have?

- have another global admin reset their password


-use the forgot my password link (need an alternate email address or if a non onmicrosoft email address is used, a phone that can receive a text message).

What cmdlet can be used to rest a users password in Office 365?

set-msoluserpassword

What are the common parameters of set-msoluserpassword?

-userprincipalname


-newpassword

What happens if you do not specify the -newpassword parameter when using the set-msoluserpassword cmdlet?

the users password will be randomly generated

What cmdlet can be used to modify the password policy in Office 365?

set-msolpasswordpolicy

What are the common parameters of set-msolpasswordpolicy?

-domainname


-validityperiod


-notificationdays

What are the pre-requisites to managing Information Rights Management using PowerShell?

The "Azure Rights Management Administration Tool" must be installed.

How do you enable information rights management using PowerShell?

enable-aadrm

What does AADRM stand for?

Azure Active Directory Rights Management

How do you connect/disconnect to the AADRM service using PowerShell?

connect/disconnect-aadrmservice

What cmdlet can be used to make/remove/get a user a information rights management administrator?

add/remove/get-aadrmrolebasedadministrator

What are the common parameters of add-aadrmrolebasedadministrator?

-emailaddress

What is the command used to establish a PsSession with the Exchange instance of an Office 365 tenant?

New-PSSession -ConfigurationName microsoft.exchange -connectionuri https://ps.outlook.com/powershell -Credential $credential -Authentication basic -AllowRedirection




$credential = SecureString

How is the RMS key sharing location set using PowerShell?

set-irmconfiguration -rmsonlinekeysharinglocation "https://sp-rms.au.aadrm.com/tennantmanagement/servicepartner.svc"

How is the trusted publishing domain imported using PowerShell?

import-rmstrustedpublishingdomain -rmsonline -name "rms online"

How is IRM enabled in exchange online using PowerShell?

set-irmconfiguration -internallicensingenabled $true

How can the IRM configuration for Exchange Online be tested using PowerShell?

test-irmconfiguration -rmsonline


test-irmconfiguration -sender

What are the steps for enabling IRM integration in Exchange?

1. Enable IRM


2. Establish a PowerShell session with the Exchange instance


3. Set the RMS online key sharing location


4. Import the trusted publishing domain


5. Enable IRM in exchange online


6. Test the IRM in exchange online


7. Disconnect the PsSession



What does IRM integration with exchange enable?

the ability to send mail with


-no restrictions


-confidential (content can be modified but not cant be copied or printed)


-confidential view only (content can't be modified, copied or printed)


-do not forward (content can't be modified, copied, printed or forwarded)

How can you enable IRM for individual messages?

1. open OWA


2. click ...


3. mouse over "set permissions"


4. select the appropriate permission from the list.

How can you enable IRM for all messages in outlook?

1. go to exchange admin


2. click mail flow


3. create a new rule


4. create relevant rule.

What are the steps to enabling IRM for SharePoint Online?
1. Enable in O365 SharePoint Online Admin Center.

2. Apply IRM to lists and libraries (need Design Permissions)


- Non - O365 users get read only view of document


- O365 users download and access according to IRM policy.

Where can you enable IRM for SharePoint Online?

1. Select SharePoint from the Admin menu in the Admin center


2. click settings


3. Enable IRM

How can IRM be applied to the Office Suite?

by logging into office with an O365 account that has IRM applied

What is the preferred DNS record type for setting up an O365 hybrid environment?

TXT then MX

What are the steps for adding domains to office 365?

1. Verify ownership of the domain


2. Verify that you can change DNS records


3. Access domains in office 365 admin center


4. Verify ownership of the domain by adding TXT DNS record


5. Change default domain to new domain name


6. Add users and assign licenses

what are the minimum requirements for AAD Sync?

-Windows Server 2008-Windows server 2012 R2


-SQL Server 2008-2014 (Express less than 100000 objects)


-.net framework 4.5.1


-powershell 3.0

what is one of the main advantages of using AAD sync over dirsync?

Multiple forest support

What are the advantages of using AAD connect over AAD sync or dirsync?

-optional ADFS environment


-health tools

What are the advantages of implementing ADFS?

-SSO


-AD login policy


-smart card


-3rd party MFA

What are the optional features available as part of AAD connect?

-Exchange Hybrid Deployment


- Azure AD app and attribute filtering


-Password synchronization


- Password writeback


- Group writeback


- Device writeback


- Directory extension attribute sync

what are the 4 stages of implementation of AAD connect

1. Prepare (active directory environment)


2. Set up (O365 sub to allow AD synchronization)


3. install (the aad connect tool)


4. assign licenses to users in O365

what are the minimum requirements of AAD connect?

-Windows server 2003 domain functional level


- must be installed on windows server 2008


-does not need to be joined to the domain


-cant be SBS or Server essentials

what are the minimum requirments to enable password writeback?

-server 2008 (DC)with latest sp

what are the minimum requirments to enable password synchronization?

windows server 2008 r2 sp1

What are the minimum requirments for ADFS web application proxy?

-windows server 2012 r2


-winrm enabled

If ADFS is being deployed what is required?

SSL certificates

what are the hardware requirements of AAD connect?

less than 10000 objects 1.6GHz 4GB 70GB


10000-50000 1.6GHz 4GB 70GB


50000-100000 1.6GHz 16GB 100GB


100000-300000 1.6GHz 32GB 300GB


300000-600000 1.6GHz 32GB 450GB


more than 600000 1.6 GHz 32GB 500GB

How many objects can SQL server express handle?

100000

when would you use the express settings when installing the AAD connect tool?

-if users are using password synchronization


- single forest enviroment

what are the options when using upgrade from dirsync when installing the AAD connect tool?

-in place upgrade


-parallel deployment

How can the supported user agent strings be modified to support SSO?

set-adfsproperties wiasupporteduseragent <string>

What cmdlet keeps track of when Active Directory Federation Services (AD FS) 2.0 on a server computer last synchronized its database with other federation servers in your deployment?

get-adfssyncproperties

What steps must be performed in order to

-run set-adfssyncproperties -role primarycomputer on the new primary computer


-run set-adfssyncproperties -role secondarycomputer <newprimarycomputername> on the old primary computer


-use -supportmultipledomain when converted if applicable

How to you perform a conversion to a federated domain?

convert-msoldomaintofederated -domainname <domain>

how can you verify the federated domain conversion has taken place?

get-msoldomain

What cmdlet can be used to convert a federated domain to a standard domain?

convert-msoldomaintostandard -domainname <domain> -skipuserconversion $false -passwordfile <passwordfilelocation>

how can you convert a individual user from a federated user to a standard user?

convert-msolfederateduser -principalname