Microsoft 365 Administrator — Question 124

Your network contains an Active Directory domain and an Azure AD tenant.

The network uses a firewall that contains a list of allowed outbound domains.

You begin to implement directory synchronization.

You discover that the firewall configuration contains only the following domain names in the list of allowed domains:

• *.microsoft.com
• *.office.com

Directory synchronization fails.

You need to ensure that directory synchronization completes successfully.

What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

Answer options

• A. From the firewall, modify the list of allowed outbound domains.
• B. From Azure AD Connect, modify the Customize synchronization options task.
• C. From the firewall, create a list of allowed inbound domains.
• D. Deploy an Azure AD Connect sync server in staging mode.
• E. From the firewall, allow the IP address range of the Azure data center for outbound communication.

Correct answer: A

Explanation

The correct answer is A because modifying the firewall's list of allowed outbound domains will enable necessary connectivity for directory synchronization, which is currently being blocked. Options B and D do not address the firewall restrictions, while C is irrelevant since inbound domains do not affect outbound synchronization. Option E may allow communication but is less direct than simply updating the outbound domain list.