HOTSPOT -
You have a Microsoft 365 subscription that contains a guest user named User1. User1 is assigned the User administrator role.
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. Contoso.com is configured as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
 
















 

Suggested Answer: 
    

Default permissions for guests are restrictive by default. Guests can be added to administrator roles, which grant them full read and write permissions contained in the role. There is one additional restriction available, the ability for guests to invite other guests. Setting Guests can invite to No prevents guests from inviting other guests.
User1 is assigned the User Administrator role. Therefore, User1 can open the Azure portal, view users, create new users, and create new guest users.
In the exhibit, the 'Guest user permissions are limited' is set to no.  This means that guest users have the same permissions as members. However, the 'Guests can invite' setting is set to No.  Therefore, other guest users (all guest users except User1) can open the Azure portal and view users in the same way as member users can.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/delegate-invitations
 https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions

This question is in MS-100 Exam
For getting Microsoft 365 Administrator Expert Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Microsoft. 
The website does not contain actual questions and answers from Microsoft's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to Microsoft.