• support@dumpspool.com
SPECIAL LIMITED TIME DISCOUNT OFFER. USE DISCOUNT CODE TO GET 20% OFF DP2021

PDF Only

$35.00 Free Updates Upto 90 Days

  • MS-102 Dumps PDF
  • 414 Questions
  • Updated On May 21, 2024

PDF + Test Engine

$55.00 Free Updates Upto 90 Days

  • MS-102 Question Answers
  • 414 Questions
  • Updated On May 21, 2024

Test Engine

$45.00 Free Updates Upto 90 Days

  • MS-102 Practice Questions
  • 414 Questions
  • Updated On May 21, 2024
Check Our Free Microsoft MS-102 Online Test Engine Demo.

How to pass Microsoft MS-102 exam with the help of dumps?

DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Microsoft MS-102 Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.

How Do I Know Microsoft MS-102 Dumps are Worth it?

Did we mention our latest MS-102 Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.

You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Microsoft Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!

IT Students Are Using our Microsoft 365 Administrator Exam Dumps Worldwide!

It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Microsoft 365 Administrator Exam Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.

How to Get MS-102 Real Exam Dumps?

Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the MS-102 exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!

Microsoft MS-102 Sample Question Answers

Question # 1

You have a Microsoft 365 subscription. You need to create a data loss prevention (DLP) policy that is configured to use the Set headers action. To which location can the policy be applied?

A. OneDrive accounts
B. Exchange email
C. Teams chat and channel messages
D. SharePoint sites

Question # 2

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an Active Directory domain.You deploy an Azure AD tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized toAzure AD. All the other user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user accountsynchronizations completed successfully. You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: From Azure AD Connect, you modify the Azure AD credentials.Does this meet the goal?

A. Yes
B. No

Question # 3

You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a MicrosoftEndpoint Manager device compliance policy.You need to ensure that only devices marked as compliant can access Microsoft Office 365apps.Which policy type should you configure?

A. conditional access
B. account protection
C. attack surface reduction (ASR)
D. Endpoint detection and response

Question # 4

You have a Microsoft 365 subscription. All users have their email stored in Microsoft Exchange Online. In the mailbox of a user named User1. you need to preserve a copy of all the emailmessages that contain the word ProjectX.What should you do first?

A. From the Exchange admin center create a mail flow rule.
B. From Microsoft 365 Defender, start a message trace.
C. From Microsoft Defender for Cloud Apps, create an activity policy.
D. From the Microsoft Purview compliance portal, create a label and a label policy.

Question # 5

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1.You need to enable User1 to create Compliance Manager assessments.Solution: From the Microsoft 365 admin center, you assign User1 the Compliance adminrole.Does this meet the goal?

A. Yes
B. No

Question # 6

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection(ATP) settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the SharePointadmin role.Does this meet the goal?

A. Yes
B. No

Question # 7

You have a Microsoft 365 E5 subscription.You plan to create a data loss prevention (DLP) policy that will be applied to all availablelocations.Which conditions can you use in the DLP rules of the policy?

A. sensitive info types
B. content search queries
C. keywords
D. sensitivity labels

Question # 8

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1. You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchangeadmin role.Does this meet the goal?

A. Yes
B. No

Question # 9

You have a Microsoft 365 E5 subscription.You need to compare the current Safe Links configuration to the Microsoft recommendedconfigurations.What should you use?

A. Microsoft Purview
B. Azure AD Identity Protection
C. Microsoft Secure Score
D. the configuration analyzer

Question # 10

You have an Azure AD tenant.You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD.You purchase a Microsoft 365 E3 subscription.You need to deploy Windows 10 Enterprise to the computers. The solution must minimizeadministrative effort.What should you do?

A. From the Microsoft Endpoinf Manager admin center, create a Windows Autopilotdeployment profile. Assign the profile to all the computers. Instruct users to restart theircomputer and perform a network restart.
B. Enroll the computers in Microsoft Intune. Create a configuration profile by using theEdition upgrade and mode switch template. From the Microsoft Endpoint Manager admincenter, assign the profile to all the computers and instruct users to restart their computer.
C. From Windows Configuration Designer, create a provisioning package that has anEditionUpgrade configuration and upload the package to a Microsoft SharePoint Onlinesite. Instruct users to run the provisioning package from SharePoint Online.
D. From the Azure Active Directory admin center, create a security group that has dynamicdevice membership. Assign licenses to the group and instruct users to sign in to theircomputer.

Question # 11

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: At a command prompt, you run the winver.exe command.Does this meet the goal?

A. Yes
B. No

Question # 12

You have a Microsoft 365 E5 tenant.Users store data in the following locations:Microsoft TeamsMicrosoft OneDriveMicrosoft Exchange OnlineMicrosoft SharePoint OnlineYou need to retain Microsoft 365 data for two years.What is the minimum number of retention policies that you should create?

A. 1
B. 2
C. 3
D. 4

Question # 13

You have a new Microsoft 365 E5 tenant.You need to enable an alert policy that will be triggered when an elevation of MicrosoftExchange Online administrative privileges is detected.What should you do first?

A. Enable auditing.
B. Enable Microsoft 365 usage analytics.
C. Create an Insider risk management policy.
D. Create a communication compliance policy.

Question # 14

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1.Solution: You copy the Group Policy Administrative Templates from a Windows 10computer to Server1.Does this meet the goal?

A. yes
B. No

Question # 15

You have a Microsoft 365 E5 subscription. Users have the devices shown in the following table. On which devices can you manage apps by using app configuration policies in Microsoft Endpoint Manager?

A. Device1, Device4, and Device6
B. Device2, Device3, and Device5
C. Device1, Device2, Device3, and Device6
D. Device1, Device2, Device4, and Device5

Question # 16

Your company has multiple offices.You have a Microsoft 365 E5 tenant that uses Microsoft Intune for device management.Each office has a local administrator.You need to ensure that the local administrators can manage only the devices in theirrespective office.What should you use?

A. scope tags
B. configuration profiles
C. device categories
D. conditional access policies

Question # 17

You have a Microsoft 365 subscription. You create a retention label named Retention1 as shown in the following exhibit. You apply Retention! to all the Microsoft OneDrive content.On January 1, 2020, a user stores a file named File1 in OneDrive.On January 10, 2020, the user modifies File1.On February 1, 2020, the user deletes File1.When will File1 be removed permanently and unrecoverable from OneDrive?

A. February 1, 2020
B. July 1.2020
C. July 10, 2020
D. August 1, 2020

Question # 18

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1. Solution: You raise the forest functional level to Windows Server 2016. You copy the GroupPolicy Administrative Templates from a Windows 10 computer to the Netlogon share on allthe domain controllers.Does this meet the goal?

A. yes
B. No

Question # 19

You have a Microsoft 365 tenant that is signed up for Microsoft Store for Business andcontains a user named User1. You need to ensure that User1 can perform the followingtasks in Microsoft Store for Business:• Assign licenses to users.• Procure apps from Microsoft Store.• Manage private store availability for all items.The solution must use the principle of least privilege. Which Microsoft Store for Business role should you assign to User1?

A. Basic Purchaser
B. Device Guard signer
C. Admin
D. Purchaser

Question # 20

You have a Microsoft 365 subscription. You have the retention policies shown in the following table. Both policies are applied to a Microsoft SharePoint site named Site1 that contains a file named File1.docx. File1.docx was created on January 1, 2022 and last modified on January 31,2022. The filewas NOT modified again.When will File1.docx be deleted automatically?

A. January 1,2023
B. January 1,2024
C. January 31, 2023
D. January 31, 2024
E. never

Question # 21

You have a Microsoft 365 tenant that contains 1,000 iOS devices enrolled in MicrosoftIntune. You plan to purchase volume-purchased apps and deploy the apps to the devices.You need to track used licenses and manage the apps by using Intune. What should youuse to purchase the apps?

A. Microsoft Store for Business
B. Apple Business Manager
C. Apple iTunes Store
D. Apple Configurator

Question # 22

You have a Microsoft E5 subscription.You need to ensure that administrators who need to manage Microsoft Exchange Onlineare assigned the Exchange Administrator role for five hours at a time.What should you implement?

A. Azure AD Privileged Identity Management (PIM)
B. a conditional access policy
C. a communication compliance policy)
D. Azure AD Identity Protection
E. groups that have dynamic membership

Question # 23

You have a Microsoft 365 subscription.You register two applications named App1 and App2 to Azure AD.You need to ensure that users who connect to App1 require multi-factor authentication(MFA). MFA is required only for App1. What should you do?

A. From the Microsoft Entra admin center, create a conditional access policy
B. From the Microsoft 365 admin center, configure the Modem authentication settings.
C. From the Enterprise applications blade of the Microsoft Entra admin center, configurethe Users settings.
D. From Multi-Factor Authentication, configure the service settings.

Question # 24

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: From the Settings app, you select System, and then you select About to viewinformation about the system.Does this meet the goal?

A. Yes
B. No

Question # 25

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1.You need to enable User1 to create Compliance Manager assessments.Solution: From the Microsoft 365 admin center, you assign User1 the Compliance dataadmin role.Does this meet the goal?

A. Yes
B. No

Question # 26

You have a Microsoft 365 E5 subscription.All users have Mac computers. All the computers are enrolled in Microsoft EndpointManager and onboarded to Microsoft Defender Advanced Threat Protection (MicrosoftDefender ATP).You need to configure Microsoft Defender ATP on the computers.What should you create from the Endpoint Management admin center?

A. a device configuration profile
B. an update policy for iOS
C. a Microsoft Defender ATP baseline profile
D. a mobile device management (MDM) security baseline profile

Question # 27

You have a Microsoft 365 E5 subscription that contains a user named User1. The subscription has a single anti-malware policy as shown in the following exhibit. An email message that contains text and two attachments is sent to User1. Oneattachment is infected with malware.How will the email message and the attachments be processed?

A. Both attachments will be removed. The email message will be quarantined, and Usedwill receive an email message without any attachments and an email message thatincludes the following text: 'Malware was removed.'
B. The email message will be quarantined, and the message will remain undelivered.
C. Both attachments will be removed. The email message will be quarantined, and User1will receive a copy of the message containing the original text and a new attachment thatincludes the following text: 'Malware was removed."
D. The malware-infected attachment will be removed. The email message will bequarantined, and User1 will receive a copy of the message containing only the uninfectedattachment.

Question # 28

You have a Microsoft 365 subscription. You need to identify which administrative users performed eDiscovery searches during the past week. What should you do from the Security & Compliance admin center?

A. Perform a content search
B. Create a supervision policy
C. Create an eDiscovery case
D. Perform an audit log search

Question # 29

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.Your company purchases a Microsoft 365 subscription.You need to ensure that User1 is assigned the required role to create file policies andmanage alerts in the Cloud App Security admin center.Solution: From the Azure Active Directory admin center, you assign the Complianceadministrator role to User1.Does this meet the goal?

A. Yes
B. No

Question # 30

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1. Solution: You upgrade Server1 to Windows Server 2019.Does this meet the goal?

A. yes
B. No

Question # 31

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: From Device Manager, you view the computer properties.Does this meet the goal?

A. Yes
B. No

Question # 32

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an Active Directory domain.You deploy an Azure AD tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized toAzure AD. All the other user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user accountsynchronizations completed successfully.You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: From the Synchronization Rules Editor, you create a new outboundsynchronization rule.Does this meet the goal?

A. Yes
B. No

Question # 33

You have a Microsoft 365 E5 tenant that contains the devices shown in the following table. You plan to review device startup performance issues by using Endpoint analytics.Which devices can you monitor by using Endpoint analytics?

A. Device1 only
B. Device1 and Device2 only
C. Device1, Device2, and Device3 only
D. Device1, Device2, and Device4 only
E. Device1, Device2, Device3, and Device4

Question # 34

You have a Microsoft 365 tenant that contains a Windows 10 device. The device isonboarded to Microsoft Defender for Endpoint.From Microsoft Defender Security Center, you perform a security investigation.You need to run a PowerShell script on the device to collect forensic information.Which action should you select on the device page?

A. Initiate Live Response Session
B. Initiate Automated Investigation
C. Collect investigation package
D. Go hunt

Question # 35

Note: This question is part of a series of questions that present the same scenario. Eachquestion in the series contains a unique solution that might meet the stated goals. Somequestion sets might have more than one correct solution, while others might not have acorrect solution.After you answer a question in this section, you will NOT be able to return to it. As a result,these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint, and OneDrive. Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the SecurityAdministrator role.Does this meet the goal?

A. Yes
B. No

Question # 36

You have a Microsoft 365 E5 tenant.You plan to deploy a monitoring solution that meets the following requirements:Captures Microsoft Teams channel messages that contain threatening or violentlanguage.Alerts a reviewer when a threatening or violent message is identified.What should you include in the solution?

A. Data Subject Requests (DSRs)
B. Insider risk management policies
C. Communication compliance policies
D. Audit log retention policies

Question # 37

Your network contains an on-premises Active Directory domain named contoso.com.For all user accounts, the Logon Hours settings are configured to prevent sign-ins outsideof business hours.You plan to sync contoso.com to an Azure AD tenant.You need to recommend a solution to ensure that the logon hour restrictions apply whensynced users sign in to Azure AD.What should you include in the recommendation?

A. pass-through authentication
B. conditional access policies
C. password synchronization
D. Azure AD Identity Protection policies

Question # 38

You have a Microsoft 365 tenant.You plan to manage incidents in the tenant by using the Microsoft 365 security center.Which Microsoft service source will appear on the Incidents page of the Microsoft 365security center?

A. Microsoft Cloud App Security
B. Azure Sentinel
C. Azure Web Application Firewall
D. Azure Defender

Question # 39

You have a Microsoft 365 tenant.You plan to enable BitLocker Disk Encryption (BitLocker) automatically for all Windows 10devices that enroll in Microsoft Intune.What should you use?

A. an attack surface reduction (ASR) policy
B. an app configuration policy
C. a device compliance policy
D. a device configuration profile

Question # 40

You have a Microsoft 365 E5 tenant.You create an auto-labeling policy to encrypt emails that contain a sensitive info type. Youspecify the locations where the policy will be applied.You need to deploy the policy.What should you do first?

A. Review the sensitive information in Activity explorer
B. Turn on the policy
C. Run the policy in simulation mode
D. Configure Azure Information Protection analytics

Question # 41

You have a Microsoft 365 E5 subscription that uses Azure Advanced Threat Protection(ATP).You need to create a detection exclusion in Azure ATP.Which tool should you use?

A. the Security & Compliance admin center
B. Microsoft Defender Security Center
C. the Microsoft 365 admin center
D. the Azure Advanced Threat Protection portal
E. the Cloud App Security portal

Question # 42

Your company has offices in five cities. The company has a Microsoft 365 tenant. Each office is managed by a local administrator.You plan to deploy Microsoft Intune.You need to recommend a solution to manage resources in intune that meets the followingrequirements:Local administrators must be able to manage only the resources in their respectiveoffice.Local administrators must be prevented from managing resources in other offices.Administrative effort must be minimized.What should you include in the recommendation?

A. device categories
B. scope tags
C. configuration profiles
D. conditional access policies

Question # 43

You have a Microsoft 365 tenant that uses Microsoft Endpoint Manager for devicemanagement. You need to add the phone number of the help desk to the Company Portalapp. What should you do?

A. From Customization in the Microsoft Endpoint Manager admin center, modify thesupport information for the tenant.
B. From the Microsoft Endpoint Manager admin center, create an app configuration policy.
C. From the Microsoft 365 admin center, modify Organization information.
D. From the Microsoft 365 admin center, modify Help desk information.

Question # 44

You have a Microsoft 365 E5 tenant that contains four devices enrolled in Microsoft Intune as shown in the following table. You plan to deploy Microsoft 365 Apps for enterprise by using Microsoft Endpoint Manager.To which devices can you deploy Microsoft 365 Apps for enterprise?

A. Device1 only
B. Device1 and Device3 only
C. Device2 and Device4 only
D. Device1, Device2. and Device3 only
E. Device1, Device2, Device3, and Device4

Question # 45

You are reviewing alerts in the Microsoft 365 Defender portal.How long are the alerts retained in the portal?

A. 30 days
B. 60 days
C. 3 months
D. 6 months
E. 12 months

Question # 46

You have a Microsoft 365 subscription.You discover that some external users accessed center for a Microsoft SharePoint site.You modify the sharePoint sharing policy to prevent sharing, outside your organization.You need to be notified if the SharePoint sharing policy is modified in the future.Solution: From the Security $ Compliance admin center you create a threat managementpolicy.Does this meet the goal?

A. Yes
B. No

Question # 47

You have a Microsoft 365 E5 tenant that contains the devices shown in the following table. The devices are managed by using Microsoft Intune.You plan to use a configuration profile to assign the Delivery Optimization settings.Which devices will support the settings?

A. Device1 only
B. Device1 and Device4
C. Device1, Device3, and Device4
D. Device1, Device2, Device3, and Device4

Question # 48

You have a Microsoft 365 E5 subscription.You plan to implement Microsoft 365 compliance policies to meet the followingrequirements:Identify documents that are stored in Microsoft Teams and SharePoint Online thatcontain Personally Identifiable Information (PII).Report on shared documents that contain PII.What should you create?

A. an alert policy
B. a data loss prevention (DLP) policy
C. a retention policy
D. a Microsoft Cloud App Security policy

Question # 49

You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.You need to be notified when a single user downloads more than 50 files during any 60-second period.What should you configure?

A. a session policy
B. a file policy
C. an activity policy
D. an anomaly detection policy

Question # 50

You have a Microsoft 365 subscription.You need to configure a compliance solution that meets the following requirements:Defines sensitive data based on existing data samplesAutomatically prevents data that matches the samples from being shared externally inMicrosoft SharePoint or email messagesWhich two components should you configure? Each correct answer presents part of thesolution.NOTE: Each correct selection is worth one point.

A. a trainable classifier
B. a sensitive info type
C. an insider risk policy
D. an adaptive policy scope
E. a data loss prevention (DLP) policy

Question # 51

You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com. You create a Microsoft Defender for identity instance Contoso. The tenant contains the users shown in the following table. You need to modify the configuration of the Defender for identify sensors. Solutions: You instruct User1 to modify the Defender for identity sensor configuration. Does this meet the goal?

A. Yes
B. No

Question # 52

You have a Microsoft 365 E5 tenant.You plan to create a custom Compliance Manager assessment template based on the ISO27001:2013 template.You need to export the existing template.Which file format should you use for the exported template?

A. CSV
B. XLSX
C. JSON
D. XML

Question # 53

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection(ATP) settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the TeamsService Administrator role.Does this meet the goal?

A. Yes
B. No

Question # 54

You have a Microsoft 365 E5 subscription.You define a retention label that has the following settings:• Retention period 7 years• Start the retention period bated on: When items were createdYou need to prevent the removal of the label once the label K applied to a lie What shouldyou select in the retention label settings?

A. Retain items even If users delete
B. Mark items as a record
C. Mark items as a regulatory record
D. Retain items forever

Question # 55

You have a Microsoft 365 E5 subscription.Conditional Access is configured to block high-risk sign-ins for all users.All users are in France and are registered for multi-factor authentication (MFA).Users in the media department will travel to various countries during the next month.You need to ensure that if the media department users are blocked from signing in whiletraveling, the users can remediate the issue without administrator intervention.What should you configure?

A. an exclusion group
B. the MFA registration policy
C. named locations
D. self-service password reset (SSPR)

Question # 56

ou have a Microsoft 365 subscription that uses Microsoft Defender for Cloud Apps.You configure a session control policy to block downloads from SharePoint Online sites.Users report that they can still download files from SharePoint Online sites.You need to ensure that file download is blocked while still allowing users to browseSharePoint Online sites.What should you configure?

A. an access policy
B. a data loss prevention (DLP) policy
C. an activity policy
D. a Conditional Access policy

Question # 57

You have a Microsoft 365 subscription.You need to add additional onmicrosoft.com domains to the subscription. The additionaldomains must be assignable as email addresses for users.What is the maximum number of onmicrosoft.com domains the subscription can contain?

A. 1
B. 2
C. 5
D. 10

Question # 58

You have a Microsoft 365 subscription that contains the alerts shown in the following table.Which properties of the alerts can you modify?

A. Status only
B. Status and Comment only
C. Status and Severity only
D. Status, Severity, and Comment only
E. Status, Severity, Comment and Category

Question # 59

You enable the Azure AD Identity Protection weekly digest email. You create the users shown in the following table. Which users will receive the weekly digest email automatically?

A. Admin2, Admin3, and Admin4 only
B. Admin1, Admin2, Admin3, and Admin4
C. Admin2 and Admin3 only
D. Admin3 only
E. Admin1 and Admin3 only

Question # 60

You have a Microsoft 365 subscription that contains the users shown in the following table. You need to configure group-based licensing to meet the following requirements: To all users, deploy an Office 365 E3 license without the Power Automate licenseoption.To all users, deploy an Enterprise Mobility + Security E5 license.To the users in the research department only, deploy a Power BI Pro license.To the users in the marketing department only, deploy a Visio Plan 2 license.What is the minimum number of deployment groups required?

A. 1
B. 2
C. 3
D. 4
E. 5

Question # 61

You have a Microsoft 365 subscription that contains a user named User1.You need to ensure that User1 can search the Microsoft 365 audit logs from the Security &Compliance admincenter.Which role should you assign to User1?

A. View-Only Audit Logs in the Security & Compliance admin center
B. View-Only Audit Logs in the Exchange admin center
C. Security reader in the Azure Active Directory admin center
D. Security Reader in the Security & Compliance admin center

Question # 62

You plan to use Azure Sentinel and Microsoft Cloud App Security. You need to connectCloud App Security to Azure Sentinel.What should you do in the Cloud App Security admin center?

A. From Automatic log upload, add a log collector.
B. From Automatic log upload, add a data source.
C. From Connected apps, add an app connector.
D. From Security extension, add a SIEM agent.

Question # 63

You have a Microsoft 365 E5 tenant. The Microsoft Secure Score for the tenant is shown in the following exhibit. You plan to enable Security defaults for Azure Active Directory (Azure AD).Which three improvement actions will this affect?

A. Require MFA for administrative roles.
B. Ensure all users can complete multi-factor authentication for secure access
C. Enable policy to block legacy authentication
D. Enable self-service password reset
E. Use limited administrative roles

Question # 64

You have a Microsoft 365 tenant that contains devices registered for mobile device management. The devices are configured as shown in the following table. You plan to enable VPN access for the devices. What is the minimum number of configuration policies required?

A. 3
B. 5
C. 4
D. 1

Question # 65

Your network contains an Active Directory forest named contoso.local.You purchase a Microsoft 365 subscription.You plan to move to Microsoft 365 and to implement a hybrid deployment solution for thenext 12 months.You need to prepare for the planned move to Microsoft 365.What is the best action to perform before you implement directory synchronization? Morethan one answer choice may achieve the goal. Select the BEST answer.

A. Purchase a third-party X.509 certificate.
B. Create an external forest trust.
C. Rename the Active Directory forest.
D. Purchase a custom domain name.

Question # 66

You have a Microsoft 365 tenant and a LinkedIn company page.You plan to archive data from the LinkedIn page to Microsoft 365 by using the LinkedInconnector.Where can you store data from the LinkedIn connector?

A. a Microsoft OneDrive for Business folder
B. a Microsoft SharePoint Online document library
C. a Microsoft 365 mailbox
D. Azure Files

Question # 67

You have a Microsoft 365 E5 tenant that has sensitivity label support enabled for Microsoft and SharePoint Online.You need to enable unified labeling for Microsoft 365 groups. Which cmdlet should you run?

A. set-unifiedGroup
B. Set-Labelpolicy
C. Execute-AzureAdLebelSync
D. Add-UnifiedGroupLinks

Question # 68

You have a Microsoft 365 E3 subscription that uses Microsoft Defender for Endpoint Plan1.Which two Defender for Endpoint features are available to the subscription? Each correctanswer presents part of the solution.NOTE: Each correct selection is worth one point.

A. advanced hunting
B. security reports
C. digital certificate assessment
D. device discovery
E. attack surface reduction (ASR)

Question # 69

You have a Microsoft 365 E5 subscription that contains a user named User1. User1 exceeds the default daily limit of allowed email messages and is on the Restricted entities list. You need to remove User1 from the Restricted entities list.What should you use?

A. the Exchange admin center
B. the Microsoft Purview compliance portal
C. the Microsoft 365 admin center
D. the Microsoft 365 Defender portal
E. the Microsoft Entra admin center

Question # 70

Your company has digitally signed applications.You need to ensure that Microsoft Defender Advanced Threat Protection (MicrosoftDefender ATP) considers the digitally signed applications safe and never analyzes them.What should you create in the Microsoft Defender Security Center?

A. a custom detection rule
B. an allowed/blocked list rule
C. an alert suppression rule
D. an indicator

Question # 71

You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices.You plan to attack surface reduction (ASR) rules for the Windows 10 devices.You configure the ASR rules in audit mode and collect audit data in a Log Analyticsworkspace.You need to find the ASR rules that match the activities on the devices.How should you complete the Kusto query? To answer, select the appropriate options inthe answer area.NOTE: Each correct selection is worth one point.

Question # 72

You have a Microsoft 365 subscription.Your company has a customer ID associated to each customer. The customer IDs contain10 numbersfollowed by 10 characters. The following is a sample customer ID: 12-456-7890-abc-de-fghij.You plan to create a data loss prevention (DLP) policy that will detect messages containingcustomer IDs.D18912E1457D5D1DDCBD40AB3BF70D5DWhat should you create to ensure that the DLP policy can detect the customer IDs?

A. a sensitive information type
B. a sensitivity label
C. a supervision policy
D. a retention label

Question # 73

You have a Microsoft 365 subscription.You suspect that several Microsoft Office 365 applications or services were recentlyupdated.You need to identify which applications or services were recently updated.What are two possible ways to achieve the goal? Each correct answer presents a completesolution.NOTE: Each correct selection is worth one point.

A. From the Microsoft 365 admin center review the Service health blade
B. From the Microsoft 365 admin center, review the Message center blade.
C. From the Microsoft 365 admin center review the Products blade.
D. From the Microsoft 365 Admin mobile agg, review the messages.

Question # 74

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1. You need to enable User1 to create Compliance Manager assessments.Solution: From the Microsoft 365 compliance center, you add User1 to the ComplianceManager Assessors role group.Does this meet the goal?

A. Yes
B. No

Question # 75

You have a Microsoft 365 E5 subscription that contains the following user:Name: User1UPN: user1@contoso.comEmail address: user1@marketmg.contoso.comMFA enrollment status: DisabledWhen User1 attempts to sign in to Outlook on the web by using theuser1@marketing.contoso.com email address, the user cannot sign in.You need to ensure that User1 can sign in to Outlook on the web by usinguser1@marketing.contoso.com.What should you do?

A. Assign an MFA registration policy to User1.
B. Reset the password of User1.
C. Add an alternate email address for User1.
D. Modify the UPN of User1.

Question # 76

You have a Microsoft 365 E5 tenant that contains the resources shown in the following table. To which resources can you apply a sensitivity label by using an auto-labeling policy?

A. Mailbox1 and Site1 only
B. Mailbox1, Account1, and Site1 only
C. Account1 and Site1 only
D. Mailbox1, Account1, Site1, and Channel1
E. Account1, Site1, and Channel1 only

Question # 77

You have a Microsoft 365 E5 subscription.You create an account tor a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint and OneDrive.Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the TeamsAdministrator role.Does this meet the goal?

A. Yes
B. no

Question # 78

You have a Microsoft 365 tenant.You plan to manage incidents in the tenant by using the Microsoft 365 security center.Which Microsoft service source will appear on the Incidents page of the Microsoft 365security center?

A. Microsoft Defender for CloudUse the
B. Microsoft Purview
C. Azure Arc
D. Microsoft Defender for Identity

Question # 79

You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.A Built-in protection preset security policy is applied to the subscription.Which two policy types will be applied by the Built-in protection policy? Each correctanswer presents a complete solution.NOTE: Each correct selection is worth one point.

A. Anti-malware
B. Anti-phishing
C. Safe Attachments
D. Anti-spam
E. Safe Links

Question # 80

You have a Microsoft 365 E5 subscription that has published sensitivity labels shown in thefollowing exhibit. Which labels can users apply to content?

A. Label1, Label2, and Label5 only
B. Label3. Label4, and Label6 only
C. Label1, Label3, Labe2, and Label6 only
D. Label1, Label2, Label3, Label4, Label5. and Label6

Question # 81

You have a Microsoft 365 E5 tenant.You configure sensitivity labels.Users report that the Sensitivity button is unavailability in Microsoft Word for the web. Thesensitivity button is available in Word for Microsoft 365.You need to ensure that the users can apply the sensitivity labels when they use Word forthe web.What should you do?

A. Copy policies from Azure information Protection to the Microsoft 365 Compliance center
B. Publish the sensitivity labels.
C. Create an auto-labeling policy
D. Enable sensitivity labels for files in Microsoft SharePoint Online and OneDrive.

Question # 82

You have a Microsoft 365 tenant that contains the groups shown in the following table. You plan to create a new Windows 10 Security Baseline profile. To which groups can you assign to the profile?

A. Group3 only
B. Group1 and Group3 only
C. Group2 and Group3 only
D. Group1. Group2. and Group3

Question # 83

You have a Microsoft 365 E5 tenant.You plan to deploy 1.000 new iOS devices to users. The devices will be shipped directlyfrom the supplier to the users.You need to recommend a Microsoft Intune enrollment option that meets the followingrequirements:• Minimizes user interaction• Minimizes administrative effort• Automatically installs corporate appsWhat should you recommend?

A. Automated Device Enrollment (ADE)
B. bring your own device (BYOD) user and device enrollment
C. Apple Configurator enrollment