• support@dumpspool.com
SPECIAL LIMITED TIME DISCOUNT OFFER. USE DISCOUNT CODE TO GET 20% OFF DP2021

PDF Only

$35.00 Free Updates Upto 90 Days

  • MS-101 Dumps PDF
  • 406 Questions
  • Updated On April 19, 2024

PDF + Test Engine

$55.00 Free Updates Upto 90 Days

  • MS-101 Question Answers
  • 406 Questions
  • Updated On April 19, 2024

Test Engine

$45.00 Free Updates Upto 90 Days

  • MS-101 Practice Questions
  • 406 Questions
  • Updated On April 19, 2024
Check Our Free Microsoft MS-101 Online Test Engine Demo.

How to pass Microsoft MS-101 exam with the help of dumps?

DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Microsoft MS-101 Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.

How Do I Know Microsoft MS-101 Dumps are Worth it?

Did we mention our latest MS-101 Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.

You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Microsoft Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!

IT Students Are Using our Microsoft 365 Mobility and Security Dumps Worldwide!

It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Microsoft 365 Mobility and Security Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.

How to Get MS-101 Real Exam Dumps?

Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the MS-101 exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!

Microsoft MS-101 Sample Question Answers

Question # 1

You need to ensure that when a document containing a credit card number is added to the tenant, the document is encrypted.Which policy should you use? 

A. a retention policy  
B. a retention label policy  
C. an auto-labeling policy  
D. an insider risk policy  

Question # 2

You have a Microsoft 365 E5 tenant that contains the devices shown in the following table. You plan to implement attack surface reduction (ASR) rules. Which devices will support the ASR rules?

A. Device 1, Device2, and Device3 only  
B. Device3 only  
C. Device2 and Device3 only  
D. Device1, Device2, Devices and Device4  

Question # 3

 You have device compliance policies shown in the following table. The device compliance state for each policy is shown in the following table. NOTE: Each correct selection is worth one point. 

Question # 4

You need to be notified when emails with attachments that contain sensitive personal data are sent to external recipients. Which two policies can you use? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.  

A. a data loss prevention (DLP) policy  
B. a sensitivity label policy  
C. a Microsoft Cloud App Security file policy  
D. a communication compliance policy  
E. a retention label policy  

Question # 5

All users have their email stored in Microsoft Exchange Online.In the mailbox of a user named User 1. You need to preserve a copy of all the email messages that contain the word Project X.WDM should you do?  

A. From the Security & Compliance admin center, create an eDiscovery case.  
B. From the Exchange admin center, create a mail now rule.  
C. From the Security fit Compliance adman center, start a message trace.  
D. From Microsoft Cloud App Security, create an access policy.  

Question # 6

You have a Microsoft 365 subscriptionAll users are assigned a Microsoft 365 E3 License.You enable auditing for your organization. What is the maximum amount of time data will be retained in the Microsoft 365 audit log?   

A. 2 years  
B. 1 year  
C. 30 days  
D. 90 days  

Question # 7

You have Windows 10 devices that are managed by using Microsoft Endpoint Manager. You need to configure the security settings in Microsoft Edge.What should you create in Microsoft Endpoint Manager? 

A. an app configuration policy  
B. an app  
C. a device configuration profile  
D. a device compliance policy  

Question # 8

Your company has five security information and event management (SIEM) appliances. The traffic logs from each appliance are saved to a file share named Logs.You need to analyze the traffic logs.What should you do from Microsoft Cloud App Security? 

A. Click Investigate, and then click Activity log.  
B. Click Control, and then click Policies. Create a file policy.  
C. Click Discover, and then click Create snapshot report.  
D. Click Investigate, and then click Files.  

Question # 9

 Your company is based in the United Kingdom (UK).Users frequently handle data that contains Personally Identifiable Information (PII).You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.   Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point. 

Question # 10

 Your company has a Microsoft 36S subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The company stores 2 TBs of data in SharePoint Online document libraries. The tenant has the labels shown in the following table. From the Azure portal, you active unified labeling.For each of the following statements, select yes if the statement is true Otherwise , select No.NOTE: Each correct selection is worth one point. 

Question # 11

You have a Microsoft 365 E5 tenant.You need to evaluate compliance with European Union privacy regulations for customer data.What should you do in the Microsoft 365 compliance center? 

A. Create a Data Subject Request (DSR)  
B. Create a data loss prevention (DLP) policy for General Data Protection Regulation (GDPR) data 
C. Create an assessment based on the EU GDPR assessment template  
D. Create an assessment based on the Data Protection Baseline assessment template  

Question # 12

Your network contains an Active Directory domain named contoso.com. The domain contains 100 Windows 8.1 devices. You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices. You need to recommend a Windows 10 deployment method. What should you recommend? 

A. a provisiong package  
B. an in place upgrade  
C. wipe and load refresh  
D. Windows Autopilot  

Question # 13

 Your network contains an Active Directory domain named contoso.com. The domain contains the file servers shown in the following table. A file named File1.abc is stored on Server1. A file named File2.abc is stored on Server2. Three apps named App1, App2, and App3 all open files that have the .abc file extension.You implement Windows Information Protection (WIP) by using the following configurations: Exempt apps: App2 Protected apps: App1Windows Information Protection mode: Block Network boundary: IPv4 range of: 192.168.1.1-192.168-1.255  You need to identify the apps from which you can open File1.abc.For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. 

Question # 14

 Your company uses Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). The devices onboarded to Microsoft Defender ATP are shown in the following table. The alerts visible in the Microsoft Defender ATP alerts queue are shown in the following table. You create a suppression rule that has the following settings:Triggering IOC: Any IOC Action: Hide alert Suppression scope: Alerts on ATP1 machine group  For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 15

You create a Microsoft 365 subscription. Your company’s privacy policy states that user activities must NOT be audited. You need to disable audit logging in Microsoft 365. How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 16

You have a Microsoft 365 E5 tenant that contains four devices enrolled in Microsoft Intune as shown in the following table.You plan to deploy Microsoft 365 Apps for enterprise by using Microsoft Endpoint Manager.To which devices can you deploy Microsoft 365 Apps for enterprise?  

A. Device1 only  
B. Device1 and Device3 only  
C. Device2 and Device4 only  
D. Device1, Device2. and Device3 only  
E. Device1, Device2, Device3, and Device4  

Question # 17

You configure sensitivity labels.Users report that the Sensitivity button is unavailability in Microsoft Word for the web. The sensitivity button is available in Word for Microsoft 365.You need to ensure that the users can apply the sensitivity labels when they use Word for the web.What should you do?  

A. Copy policies from Azure information Protection to the Microsoft 365 Compliance center  
B. Publish the sensitivity labels.  
C. Create an auto-labeling policy  
D. Enable sensitivity labels for files in Microsoft SharePoint Online and OneDrive.  

Question # 18

You have a Microsoft 365 tenant that contains the groups shown in the following table. You plan to create a new Windows 10 Security Baseline profile.To which groups can you assign to the profile?  

A. Group3 only  
B. Group1 and Group3 only  
C. Group2 and Group3 only  
D. Group1. Group2. and Group3  

Question # 19

You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled in mobile device management (MDM).What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.  

Question # 20

  Your company uses Microsoft Defender Advanced Threat Protection (ATP). Microsoft Defender ATP includes the machine groups shown in the following table. You onboard a computer named computer1 to Microsoft Defender ATP as shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement. NOTE: Each correct selection is worth one point.

Question # 21

In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments.Policy1 is configured as shown in the exhibit. (Click the Exhibit tab.) You need to ensure that internal users can email documents that contain US bank account numbers to external users who have an email suffix of contoso.com.What should you configure? 

A. an action  
B. a group  
C. an exception  
D. a condition  

Question # 22

You have a Microsoft 365 subscription that contains a user named User1.You need to ensure that User1 can search the Microsoft 365 audit logs from the Security & Compliance admincenter. Which role should you assign to User1?   

A. View-Only Audit Logs in the Security & Compliance admin center  
B. View-Only Audit Logs in the Exchange admin center  
C. Security reader in the Azure Active Directory admin center  
D. Security Reader in the Security & Compliance admin center  

Question # 23

   You have retention policies in Microsoft 365 as shown in the following table. Policy1 is configured as shown in the Policy1 exhibit. (Click the Policy1 tab.) Policy2 is configured as shown in the Policy2 exhibit. (Click the Policy2 tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. 

Question # 24

You have a Microsoft 365 tenant and a LinkedIn company page.You plan to archive data from the LinkedIn page to Microsoft 365 by using the LinkedIn connector.Where can you store data from the LinkedIn connector?  

A. a Microsoft OneDrive for Business folder  
B. a Microsoft SharePoint Online document library  
C. a Microsoft 365 mailbox  
D. Azure Files  

Question # 25

You have a Microsoft 365 E5 tenant. You create a retention label named Retention1 as shown in the following exhibit. When users attempt to apply Retention1, the label is unavailable.You need to ensure that Retention1 is available to all the users. What should you do?  

A. Create a new label policy  
B. Modify the Authority type setting for Retention!  
C. Modify the Business function/department setting for Retention 1.  
D. Use a file plan CSV template to import Retention1.  

Question # 26

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a new Microsoft 365 subscription. You need to prevent users from sending email messages that contain Personally Identifiable Information (PII). Solution: From the Security & Compliance admin center, you create a data loss prevention (DLP) policy.Does this meet the goal? 

A. Yes  
B. No  

Question # 27

Your company purchases a cloud app named App1.You need to ensure that you can use Microsoft Cloud App Security to block downloads in App1. App1 supports session controls.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.  

Question # 28

 You have a Microsoft 365 subscription that contains the users shown in the following table. You run the following cmdlet.Set-MailboxAuditBypassAssociation –Identity User2 –AuditByPassEnabled $true The users perform the following actions:User1 accesses an item in the mailbox of User2.User2 modifies a mailbox item in the mailbox of User3.User3 signs in to her mailbox. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.  

Question # 29

You have a Microsoft 365 tenant that contains two groups named Group1 and Group2.You need to prevent the members or Group1 from communicating with the members of Group2 by using Microsoft Teams. The solution must comply with regulatory requirements and must not affect other user in the tenant.What should you use?  

A. information barriers  
B. communication compliance policies  
C. moderated distribution groups  
D. administrator units in Azure Active Directory (Azure AD)  

Question # 30

You have a Microsoft 365 subscription.You configure a data loss prevention (DIP) policy.You discover that users are incorrectly marking content as false positive and bypassing the OLP policy.  You need to prevent the users from bypassing the DLP policy. What should you configure? 

A. incident reports  
B. actions  
C. exceptions  
D. user overrides  

Question # 31

You have a Microsoft 365 E5 subscription that uses Azure Advanced Threat Protection (ATP).You need to create a detection exclusion in Azure ATP.Which tool should you use?   

A. the Security & Compliance admin center  
B. Microsoft Defender Security Center  
C. the Microsoft 365 admin center  
D. the Azure Advanced Threat Protection portal  
E. the Cloud App Security portal  

Question # 32

 You configure an anti-phishing policy as shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point.

Question # 33

You have a Microsoft 365 E5 subscription.You plan to implement Microsoft 365 compliance policies to meet the following requirements:Identify documents that are stored in Microsoft Teams and SharePoint Online that contain Personally Identifiable Information (PII). Report on shared documents that contain PII. What should you create?  

A. an alert policy  
B. a data loss prevention (DLP) policy  
C. a retention policy  
D. a Microsoft Cloud App Security policy  

Question # 34

Your company has a Microsoft 365 subscription that uses an Azure Directory (Azure AD0 tenant named Contoso.com. The tenant contains the users shown in the following table. You create a relation label named Label1 that has the following configurations:Retains content for five years. Automatically deletes all content that is older than five years. You turn on Auto labeling for Label1 b using a policy named Policy1. Policy1 has the following configurations:• Retains content for five years • Automatically deletes all content that is older than five years You turn on Auto labeling for Label 1 by using a policy named Policy1. Policy has the following configurations: • Applies to content that contains the word Merger • Specifies the OneDrive accounts and SharePoint sites locations You run the following command Set RetentionConpliancePolicy Policy1 RestrictiveRelention $true Force For each of the following statements select Yes if the statement is true Otherwise, select No NOTE: Each correct selection is worth one point.

Question # 35

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1.You need to enable User1 to create Compliance Manager assessments. Solution: From the Microsoft 365 compliance center, you add User1 to the Compliance Manager Assessors role group.Does this meet the goal?  

A. Yes  
B. No  

Question # 36

You have a Microsoft 365 E5 tenant. The Microsoft Secure Score for the tenant is shown in the following exhibit. You plan to enable Security defaults for Azure Active Directory (Azure AD).Which three improvement actions will this affect?  

A. Require MFA for administrative roles.  
B. Ensure all users can complete multi-factor authentication for secure access  
C. Enable policy to block legacy authentication  
D. Enable self-service password reset  
E. Use limited administrative roles  

Question # 37

 You have a Microsoft 365 E5 subscription. You configure a new alert policy as shown in the following exhibit. You need to identify the following:How many days it will take to establish a baseline for unusual activity. Whether alerts will be triggered during the establishment of the baseline. What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. 

Question # 38

You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com. You create a Microsoft Defender for identity instance Contoso.The tenant contains the users shown in the following table.  You need to modify the configuration of the Defender for identify sensors. Solutions: You instruct User3 to modify the Defender for identity sensor configuration.Does this meet the goal? 

A. Yes  
B. No  

Question # 39

 You have a Microsoft 365 subscription that contains all the user data. You plan to create the retention policy shown in the Locations exhibit. (Click the Locations tab.) You configure the Advanced retention settings as shown in the Retention exhibit. (Click the Retention tab.) The locations specified in the policy include the groups shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. 

Question # 40

You have a Microsoft 365 tenant. You plan to enable BitLocker Disk Encryption (BitLocker) automatically for all Windows 10 devices that enroll in Microsoft Intune.What should you use?  

A. an attack surface reduction (ASR) policy  
B. an app configuration policy  
C. a device compliance policy  
D. a device configuration profile  

Question # 41

You have a Microsoft 365 E5 tenant that has sensitivity label support enabled for Microsoft and SharePoint Online. You need to enable unified labeling for Microsoft 365 groups.Which cmdlet should you run?  

A. set-unifiedGroup  
B. Set-Labelpolicy  
C. Execute-AzureAdLebelSync  
D. Add-UnifiedGroupLinks  

Question # 42

Your company has a Microsoft 365 subscription. You implement Microsoft Azure Information Protection.You need to automatically protect email messages that contain the word Confidential in the subject line. What should you create?  

A. a mail flow rule from the Exchange admin center  
B. a message trace from the Security & Compliance admin center  
C. a supervision policy from the Security & Compliance admin center  
D. a sharing policy from the Exchange admin center  

Question # 43

You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices.You plan to attack surface reduction (ASR) rules for the Windows 10 devices.You configure the ASR rules in audit mode and collect audit data in a Log Analytics workspace. You need to find the ASR rules that match the activities on the devices. How should you complete the Kusto query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.  

Question # 44

Your company has a Microsoft 365 subscription. You need to configure Microsoft 365 to meet the following requirements:• Malware found in email attachments must be quarantined for 20 days. • The email address of senders to your company must be verified. Which two options should you configure in the Security & Compliance admin center? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. 

Question # 45

 You have a Microsoft 365 tenant. You plan to create a retention policy as shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.NOTE: Each correct selection is worth one point.  

Question # 46

You have a Microsoft 365 E5 tenant.You create an auto-labeling policy to encrypt emails that contain a sensitive info type. You specify the locations where the policy will be applied.You need to deploy the policy.What should you do first?   

A. Review the sensitive information in Activity explorer  
B. Turn on the policy  
C. Run the policy in simulation mode  
D. Configure Azure Information Protection analytics  

Question # 47

  You have the Microsoft Azure Advanced Threat Protection (ATP) workspace shown in the Workspace exhibit. (Click the Workspace tab.) The sensors settings for the workspace are configured as shown in the Sensors exhibit. (Click the Sensors tab.)You need to ensure that Azure ATP stores data in Asia.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 48

You have a Microsoft 365 subscription. You need to identify which administrative users performed eDiscovery searches during the past week.What should you do from the Security & Compliance admin center?  

A. Perform a content search  
B. Create a supervision policy  
C. Create an eDiscovery case  
D. Perform an audit log search  

Question # 49

Your company has a Microsoft 365 E5 tenant that contains a user named User1. You review the company’s compliance score.You need to assign the following improvement action to User1:Enable self-service password reset.What should you do first? 

A. From Compliance Manager, turn off automated testing.  
B. From the Azure Active Directory admin center, enable self-service password reset (SSPR).
C. From the Microsoft 365 admin center, modify the self-service password reset (SSPR) settings. 
D. From the Azure Active Directory admin center, add User1 to the Compliance administrator role. 

Question # 50

 You have a Microsoft 365 tenant that contains the groups shown in the following table.You plan to create a compliance policy named Compliance1.You need to identify the groups that meet the following requirements: Can be added to Compliance1 as recipients of noncompliance notifications Can be assigned to Compliance1 To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. 

Question # 51

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a computer that runs Windows 10. You need to verify which version of Windows 10 is installed. Solution: From Device Manager, you view the computer properties. Does this meet the goal?  

A. Yes  
B. No  

Question # 52

 You have three devices enrolled .n Microsoft Intune as shown .n the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. 

Question # 53

Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The company stores 2 TBs of data in SharePoint Online document libraries. The tenant has the labels shown in the following table.

Question # 54

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, thesequestions will not appear in the review screen. You have a Microsoft 365 subscription. From the Security & Compliance admin center, you create a role group named US eDiscovery Managers by copying the eDiscovery Manager role group. You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States.Solution: From Windows PowerShell, you run the New-ComplianceSecurityFilter cmdlet with the appropriate parameters.Does this meet the goal? 

A. Yes  
B. No  

Question # 55

You have a Microsoft 365 E5 subscription. You plan to implement records management and enable users to designate documents as regulatory records.You need to ensure that the option to mark content as a regulatory record is visible when you create retention labels.What should you do first?  

A. Configure custom detection rules.  
B. Create an Exact Data Match (EDM) schema.  
C. Run the Sec-RegulacoryComplianceUI cmdlet.  
D. Run the Sec-LabelPolicy cmdlet.  

Question # 56

You enable the Azure AD Identity Protection weekly digest email.You create the users shown in the following table.  Which users will receive the weekly digest email automatically? 

A. Admin2, Admin3, and Admin4 only  
B. Admin1, Admin2, Admin3, and Admin4  
C. Admin2 and Admin3 only  
D. Admin3 only  
E. Admin1 and Admin3 only  

Question # 57

You have a data loss prevention (DIP) policy. You need to increase the likelihood that the DLP policy will apply to data that contains medical terms from the International Classification of Diseases (ICD-9-CM). The solution must minimize the number of false positives. Which two settings should you modify? To answer, select the appropriate settings in the answer area.NOTE: Each correct selection is worth one point. 

Question # 58

A user receives the following message when attempting to sign in to https://myapps.microsoft.com: "Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location device, or app. Before you can continue, we need to verity your identity. Please contact your admin.”Which configuration prevents the users from signing in? 

A. Microsoft Azure Active Directory (Azure AD) Identity Protection policies  
B. Microsoft Azure Active Directory (Azure AD) conditional access policies  
C. Security & Compliance supervision policies  
D. Security & Compliance data loss prevention (DIP) policies  

Question # 59

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.Solution: You add Device1 to an Active Directory group.Does this meet the goal?  

A. Yes  
B. No  

Question # 60

You need to grant a user a named User1 access to download compliance reports from the Security & Compliance reports from the Security from the Security & Compliance admin center. The solution must use the principle of least privilege.What should you do? 

A. Add User1 to the Security Reader role group  
B. Create a new role group that has the Preview role and add User1 to the role group.  
C. Add user1 to the Compliance Administrator role group.  
D. Add User1 to the Service Assurance User role group.  

Question # 61

You have a Microsoft 365 subscription.From the Security & Compliance admin center, you create a content search of all the mailboxes that contain the word Project X.You need to export the results of the content search. What do you need to download the report?  

A. a certification authority (CA) certificate  
B. an export key  
C. a password  
D. a user certificate  

Question # 62

You have a Microsoft 365 E5 subscription. Several users have iOS devices.You plan to enroll the iOS devices in Microsoft Endpoint Manager. You need to ensure that you can create an iOS/iPadOS enrollment profile in Microsoft Endpoint Manager.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 63

You use Windows Defender Advanced Threat Protection (Windows Defender ATP). You have the Windows Defender ATP machine groups shown in the following table. You plan to onboard computers to Windows Defender ATP as shown in the following table. To which machine group will each computer be added? To answer, select the appropriate options in the answer are.NOTE: Each correct selection is worth one point.

Question # 64

You have a Microsoft 365 tenant that contains 1,000 iOS devices enrolled in Microsoft Intune. You plan to purchase volume-purchased apps and deploy the apps to the devices. You need to track used licenses and manage the apps by using Intune. What should you use to purchase the apps?

A. Microsoft Store for Business  
B. Apple Business Manager  
C. Apple iTunes Store  
D. Apple Configurator  

Question # 65

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screenYou have a Microsoft 365 E5 subscription. You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.  Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchange admin role.Does this meet the goal? 

A. Yes  
B. No  

Question # 66

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint shoring policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified m the future.Solution: From the SharePoint admin center, you modify the sharing settings. Does this meet the goal? 

A. Yes  
B. No  

Question # 67

 You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table: The tenant has a conditional access policy that has the following configurations:Name: Policy1 Assignments: - Users and groups: Group1- Cloud aps or actions: All cloud apps  Access controls:Grant, require multi-factor authentication Enable policy: Report-only You set Enabled Security defaults to Yes for the tenant.  For each of the following settings select Yes, if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point.  

Question # 68

You have a Microsoft 365 tenant.You need to create a custom Compliance Manager assessment template. Which application should you use to create the template, and in which file format should the template be saved? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. 

Question # 69

You have a Microsoft 365 E5 tenant You create a data toss prevention (DLP) policy to prevent users from using Microsoft Teams to share internal documents with external users.To which two locations should you apply the policy? To answer, select the appropriate locations in the answer area. NOTE: Each correct selection is worth one point. 

Question # 70

You have a Microsoft 365 subscription. You plan to connect to Microsoft Exchange Online PowerShell and run the following cmdlets:Search-MailboxAuditLog Test-ClientAccessRule Set-GroupMailbox Get-Mailbox Which cmdlet will generate an entry in the Microsoft Office 365 audit log? 

A. Search-MailboxAuditLog  
B. Test-ClientAccessRule  
C. Set-GroupMailbox  
D. Get-Mailbox D18912E1457D5D1DDCBD40AB3BF70D5D

Question # 71

You have a new Microsoft 365 subscription.A user named User1 has a mailbox in Microsoft Exchange Online.You need to log any changes to the mailbox folder permissions of User1. Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 72

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a Microsoft 365 subscription.From the Security & Compliance admin center, you create a role group named US eDiscovery Managers by copying the eDiscovery Manager role group. You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States.Solution: From the Security & Compliance admin center, you modify the roles of the US eDiscovery Managers role group.Does this meet the goal?  

A. Yes  
B. No  

Question # 73

Your company uses Microsoft System Center Configuration Manager (Current Branch) and Microsoft Intune to co-manage devices. Which two actions can be performed only from Intune? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point. 

A. Deploy applications to Windows 10 devices.  
B. Deploy VPN profiles to iOS devices.  
C. Deploy VPN profiles to Windows 10 devices.  
D. Publish applications to Android devices.  

Question # 74

 From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. 

Question # 75

 From the Microsoft 365 compliance center, you configure a data loss prevention (DLP) policy for a Microsoft SharePoint Online site named Site1. Site1 contains the roles shown in the following table. Prvi creates the files shown in the exhibit. (Click the Exhibit tab.) Which files can User1 and User2 open? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.

Question # 76

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.Solution: From the Endpoint Management admin center, you create a device configuration profile.Does this meet the goal?

A. Yes  
B. No  

Question # 77

 Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (Azure AD). The domain contains the servers shown in the following tableYou use Azure Information Protection.You need to ensure that you can apply Azure Information Protection labels to the file stores on Server1. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 78

You have a Microsoft 365 subscription. You discover that some external users accessed center for a Microsoft SharePoint site. You modify the sharePoint sharing policy to prevent sharing, outside your organization.You need to be notified if the SharePoint sharing policy is modified in the future. Solution: From the Security $ Compliance admin center you create a threat management policy. Does this meet the goal? 

A. Yes  
B. No  

Question # 79

 Your network contains an on-premises Active Directory domain that syncs to Azure Active Directory (Azure AD). The domain contains the servers shown in the following table.You use Azure Information Protection.You need to ensure that you can apply Azure Information Protection labels to the file stores on Server1.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.  

Question # 80

You have a Microsoft 365 subscription.You discover that some external users accessed center for a Microsoft SharePoint site.You modify the sharePoint sharing policy to prevent sharing, outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future.  Solution: From the Security $ Compliance admin center you create a threat management policy.Does this meet the goal?

A. Yes  
B. No  

Question # 81

You have a Microsoft 365 subscription. You need to create a data loss prevention (DLP) policy that is configured to use the Set headers action.To which location can the policy be applied? 

A. OneDrive accounts  
B. Exchange email  
C. Teams chat and channel messages  
D. SharePoint sites