You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" MS-100 Practice Test 8 "
0 of 60 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
MS-100
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking on “View Answers” option. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Answered
Review
Question 1 of 60
1. Question
Your company has a Microsoft 365 subscription. You need to identify all the users in the subscription who are licensed for Microsoft Office 365 through a group membership. The solution must include the name of the group used to assign the license. What should you use?
Correct
In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. From there you need to click on the ‘Managed your purchased licenses link‘. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the ‘Assignment Paths‘ column, it will say ‘Direct‘ for a license that has been assigned directly to a user or ‘Inherited (Group Name)‘ for a license that has been assigned through a group. Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-groups-assign
Incorrect
In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. From there you need to click on the ‘Managed your purchased licenses link‘. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the ‘Assignment Paths‘ column, it will say ‘Direct‘ for a license that has been assigned directly to a user or ‘Inherited (Group Name)‘ for a license that has been assigned through a group. Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-groups-assign
Unattempted
In the Azure AD Admin Center, select Azure Active Directory then select Licenses to open the Licenses blade. From there you need to click on the ‘Managed your purchased licenses link‘. Select a license you want to view, for example Office 365 E3. This will then display a list of all users with that license. In the ‘Assignment Paths‘ column, it will say ‘Direct‘ for a license that has been assigned directly to a user or ‘Inherited (Group Name)‘ for a license that has been assigned through a group. Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/licensing-groups-assign
Question 2 of 60
2. Question
DRAG DROP – Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. The on-premises domain contains a server named Server1 that runs Windows Server 2016 and 200 client computers that run Windows 10. Your company purchases a Microsoft 365 subscription. On Server1, you create a file share named Share1. You extract the Microsoft Office Deployment Tool (ODT) to Share1. You need to deploy Microsoft 365 Apps for enterprise and the French language pack from Share1 to the Windows 10 computers. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Select and Place:
Correct
to clarify the comments about changing email address or user name , it is user name that needs changing because the question is asking to change so they user can log in with the changed domain which means changing their UPN (User Principle Name) domain and NOT changing their email address. You can only have one UPN but you can have multiple emails addresses with multiple domains assigned to a user and there will always be an email for the configured UPN address, also for the onmicrosoft.com domain.
Incorrect
to clarify the comments about changing email address or user name , it is user name that needs changing because the question is asking to change so they user can log in with the changed domain which means changing their UPN (User Principle Name) domain and NOT changing their email address. You can only have one UPN but you can have multiple emails addresses with multiple domains assigned to a user and there will always be an email for the configured UPN address, also for the onmicrosoft.com domain.
Unattempted
to clarify the comments about changing email address or user name , it is user name that needs changing because the question is asking to change so they user can log in with the changed domain which means changing their UPN (User Principle Name) domain and NOT changing their email address. You can only have one UPN but you can have multiple emails addresses with multiple domains assigned to a user and there will always be an email for the configured UPN address, also for the onmicrosoft.com domain.
Question 3 of 60
3. Question
Your company‘s Microsoft Azure Active Directory (Azure AD) tenant includes four users. Two of the users are configured with the Global administrator, Password administrator roles respectively. A third user has both the Security administrator and the Guest inviter roles configured. The fourth user has no roles configured. Which of the following is the user that has the necessary permissions to create guest users? (Choose all that apply.)
Correct
Incorrect
Unattempted
Question 4 of 60
4. Question
You have previously accessed the Security & Compliance admin center to upload a number of archive PST files to Microsoft 365. When you try to run an import job for the PST files 45 days later, you find that they have been removed from Microsoft 365. Which of the following is the number of days that Microsoft 365 retains PST file before deleting them automatically?
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. Your company currently has an on-premises Active Directory forest. You have been tasked with assessing the application of Microsoft 365 and the utilization of an authentication strategy. You have been informed that the authentication strategy should permit sign in via smart card-based certificates, and also permitting the use of SSO to connect to on-premises and Microsoft 365 services. Solution: You recommend the use of pass-through authentication and seamless SSO with password hash synchronization as the authentication strategy. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 6 of 60
6. Question
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. Your company currently has an on-premises Active Directory forest. You have been tasked with assessing the application of Microsoft 365 and the utilization of an authentication strategy. You have been informed that the authentication strategy should permit sign in via smart card-based certificates, and also permitting the use of SSO to connect to on-premises and Microsoft 365 services. Solution: You recommend the use of federation with Active Directory Federation Services (AD FS) as the authentication strategy. Does the solution meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use Message center in the Microsoft 365 admin center. Does this meet the goal?
Correct
Incorrect
Unattempted
Question 8 of 60
8. Question
Your company has acquired Microsoft 365 for their Active Directory domain, which includes five domain controllers. Prior to implementing a number of Microsoft 365 services, you are tasked with making use of an authentication solution that allows users to access Microsoft 365 by using their on-premises credentials. The solution should also only make use of the current server infrastructure. Furthermore, must allow for all user passwords to only be stored on-premises, and be highly available. Solution: You configure the use of pass-through authentication only. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 9 of 60
9. Question
Your company‘s Microsoft Azure Active Directory (Azure AD) tenant includes four users. Two of the users are configured with the Global administrator, Password administrator roles respectively. A third user has both the Security administrator and the Guest inviter roles configured. The fourth user has no roles configured. Which of the following is the user that has the necessary permissions to alter the password protection policy? (Choose all that apply.)
Correct
Incorrect
Unattempted
Question 10 of 60
10. Question
Your company has acquired Microsoft 365 for their Active Directory domain, which includes five domain controllers. Prior to implementing a number of Microsoft 365 services, you are tasked with making use of an authentication solution that allows users to access Microsoft 365 by using their on-premises credentials. The solution should also only make use of the current server infrastructure. Furthermore, must allow for all user passwords to only be stored on-premises, and be highly available. Solution: You configure the use of pass-through authentication and seamless SSO. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 11 of 60
11. Question
You have a Microsoft 365 subscription. You configure a data loss prevention (DLP) policy. You discover that users are incorrectly marking content as false positive and bypassing the DLP policy. You need to prevent the users from bypassing the DLP policy. What should you configure?
Correct
A DLP policy can be configured to allow users to override a policy tip and report a false positive. You can educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word. If you find that users are incorrectly marking content as false positive and bypassing the DLP policy, you can configure the policy to not allow user overrides. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
Incorrect
A DLP policy can be configured to allow users to override a policy tip and report a false positive. You can educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word. If you find that users are incorrectly marking content as false positive and bypassing the DLP policy, you can configure the policy to not allow user overrides. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
Unattempted
A DLP policy can be configured to allow users to override a policy tip and report a false positive. You can educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word. If you find that users are incorrectly marking content as false positive and bypassing the DLP policy, you can configure the policy to not allow user overrides. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
Question 12 of 60
12. Question
HOTSPOT – You company has a Microsoft 365 subscription that contains the domains shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
Correct
You can add a subdomain to the .onmicrosoft.com domain and even with the status being “possible service issues“ I was still able to create a user with that domain On the other hand, it won‘t be possible to add any services to this subdomain as you don‘t have the ability to add DNS records to the .onmicrosoft.com domain, and thereby any subdomain you try and create will give you DNS records (MX, TXT, CNAME) that you have no way of adding.
Incorrect
You can add a subdomain to the .onmicrosoft.com domain and even with the status being “possible service issues“ I was still able to create a user with that domain On the other hand, it won‘t be possible to add any services to this subdomain as you don‘t have the ability to add DNS records to the .onmicrosoft.com domain, and thereby any subdomain you try and create will give you DNS records (MX, TXT, CNAME) that you have no way of adding.
Unattempted
You can add a subdomain to the .onmicrosoft.com domain and even with the status being “possible service issues“ I was still able to create a user with that domain On the other hand, it won‘t be possible to add any services to this subdomain as you don‘t have the ability to add DNS records to the .onmicrosoft.com domain, and thereby any subdomain you try and create will give you DNS records (MX, TXT, CNAME) that you have no way of adding.
Question 13 of 60
13. Question
Your company has 10 offices. The network contains an Active Directory domain named contoso.com. The domain contains 500 client computers. Each office is configured as a separate subnet. You discover that one of the offices has the following: ? Computers that have several preinstalled applications ? Computers that use nonstandard computer names ? Computers that have Windows 10 preinstalled ? Computers that are in a workgroup You must configure the computers to meet the following corporate requirements: ? All the computers must be joined to the domain. ? All the computers must have computer names that use a prefix of CONTOSO. ? All the computers must only have approved corporate applications installed.
Correct
You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.Windows provisioning makes it easy for IT administrators to configure end-user devices without imaging. Using Windows provisioning, an IT administrator can easily specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in a matter of minutes. It is best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (.ppkg) is a container for a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. Provisioning packages are simple enough that with a short set of written instructions, a student or non-technical employee can use them to configure their device. This can result in a significant reduction in the time required to configure multiple devices in your organization.
Incorrect
You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.Windows provisioning makes it easy for IT administrators to configure end-user devices without imaging. Using Windows provisioning, an IT administrator can easily specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in a matter of minutes. It is best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (.ppkg) is a container for a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. Provisioning packages are simple enough that with a short set of written instructions, a student or non-technical employee can use them to configure their device. This can result in a significant reduction in the time required to configure multiple devices in your organization.
Unattempted
You need to recommend a solution to redeploy the computers. The solution must minimize the deployment time.Windows provisioning makes it easy for IT administrators to configure end-user devices without imaging. Using Windows provisioning, an IT administrator can easily specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in a matter of minutes. It is best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (.ppkg) is a container for a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. Provisioning packages are simple enough that with a short set of written instructions, a student or non-technical employee can use them to configure their device. This can result in a significant reduction in the time required to configure multiple devices in your organization.
Question 14 of 60
14. Question
You have a Microsoft 365 subscription. You suspect that several Microsoft Office 365 applications or services were recently updated. You need to identify which applications or services were recently updated. What are two possible ways to achieve the goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 subscription. You need to prevent phishing email messages from being delivered to your organization. What should you do?
Correct
Anti-phishing protection is part of Office 365 Advanced Threat Protection (ATP). To prevent phishing email messages from being delivered to your organization, you need to configure a threat management policy. ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 Enterprise, Microsoft 365 Business, Office 365 Enterprise E5, Office 365 Education A5, etc. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policie
Incorrect
Anti-phishing protection is part of Office 365 Advanced Threat Protection (ATP). To prevent phishing email messages from being delivered to your organization, you need to configure a threat management policy. ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 Enterprise, Microsoft 365 Business, Office 365 Enterprise E5, Office 365 Education A5, etc. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policie
Unattempted
Anti-phishing protection is part of Office 365 Advanced Threat Protection (ATP). To prevent phishing email messages from being delivered to your organization, you need to configure a threat management policy. ATP anti-phishing is only available in Advanced Threat Protection (ATP). ATP is included in subscriptions, such as Microsoft 365 Enterprise, Microsoft 365 Business, Office 365 Enterprise E5, Office 365 Education A5, etc. Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policie
Question 16 of 60
16. Question
Your company‘s Microsoft Azure Active Directory (Azure AD) tenant includes four users. Three of the users are each configured with the Password administrator, Security administrator, and the User administrator roles respectively. The fourth user has no role configured. Which of the following are the users that are able to reset the password of the fourth user?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You create a device configuration profile from the Intune admin center. Does this meet the goal?
Correct
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection. You do not need to create a device Configuration profile from the Intune admin center. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Incorrect
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection. You do not need to create a device Configuration profile from the Intune admin center. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Unattempted
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection. You do not need to create a device Configuration profile from the Intune admin center. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Question 18 of 60
18. Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to an Active Directory group. Does this meet the goal?
Correct
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection, not an Active Directory Group. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Incorrect
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection, not an Active Directory Group. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Unattempted
Device1 has the Configuration Manager client installed so you can manage Device1 by using Configuration Manager. To manage Device1 by using Microsoft Intune, the device has to be enrolled in Microsoft Intune. In the Co-management Pilot configuration, you configure a Configuration Manager Device Collection that determines which devices are auto-enrolled in Microsoft Intune. You need to add Device1 to the Device Collection, not an Active Directory Group. Therefore, this solution does not meet the requirements. Reference: https://docs.microsoft.com/en-us/configmgr/comanage/how-to-enable
Question 19 of 60
19. Question
You implement Microsoft Azure Advanced Threat Protection (Azure ATP). You have an Azure ATP sensor configured as shown in the following exhibit. Updates – How long after the Azure ATP cloud service is updated will the sensor update?
Correct
Feature Enhancement: 72 hour delayed sensor update Changed option to delay sensor updates on selected sensors to 72 hours (instead of the previous 24-hour delay)
Incorrect
Feature Enhancement: 72 hour delayed sensor update Changed option to delay sensor updates on selected sensors to 72 hours (instead of the previous 24-hour delay)
Unattempted
Feature Enhancement: 72 hour delayed sensor update Changed option to delay sensor updates on selected sensors to 72 hours (instead of the previous 24-hour delay)
Question 20 of 60
20. Question
Your company has a Microsoft 365 E3 subscription. All devices run Windows 10 Pro and are joined to Microsoft Azure Active Directory (Azure AD). You need to change the edition of Windows 10 to Enterprise the next time users sign in to their computer. The solution must minimize downtime for the users. What should you use?
Correct
With Windows 10, version 1703 both Windows 10 Enterprise E3 and Windows 10 Enterprise E5 are available as online services via subscription. Deploying Windows 10 Enterprise in your organization can now be accomplished with no keys and no reboots.
Incorrect
With Windows 10, version 1703 both Windows 10 Enterprise E3 and Windows 10 Enterprise E5 are available as online services via subscription. Deploying Windows 10 Enterprise in your organization can now be accomplished with no keys and no reboots.
Unattempted
With Windows 10, version 1703 both Windows 10 Enterprise E3 and Windows 10 Enterprise E5 are available as online services via subscription. Deploying Windows 10 Enterprise in your organization can now be accomplished with no keys and no reboots.
Question 21 of 60
21. Question
DRAG DROP – Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. The on-premises domain contains a server named Server1 that runs Windows Server 2016 and 200 client computers that run Windows 10. Your company purchases a Microsoft 365 subscription. On Server1, you create a file share named Share1. You extract the Microsoft Office Deployment Tool (ODT) to Share1. You need to deploy Microsoft 365 Apps for enterprise and the French language pack from Share1 to the Windows 10 computers. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Select and Place:
Correct
1. Create and configure the XML file (specify the configuration you want) 2. Run setup.exe /download on the server (office will then be downloaded to the server) 3. Run setup.exe /configure on each client There‘s no need to create a 2nd XML file as the notes claim, you will save all the files required on the shared drive so using the same XML file on the client machine that you used on the server will work because the client machines will have access to that file path.
Incorrect
1. Create and configure the XML file (specify the configuration you want) 2. Run setup.exe /download on the server (office will then be downloaded to the server) 3. Run setup.exe /configure on each client There‘s no need to create a 2nd XML file as the notes claim, you will save all the files required on the shared drive so using the same XML file on the client machine that you used on the server will work because the client machines will have access to that file path.
Unattempted
1. Create and configure the XML file (specify the configuration you want) 2. Run setup.exe /download on the server (office will then be downloaded to the server) 3. Run setup.exe /configure on each client There‘s no need to create a 2nd XML file as the notes claim, you will save all the files required on the shared drive so using the same XML file on the client machine that you used on the server will work because the client machines will have access to that file path.
Question 22 of 60
22. Question
You have a Microsoft 365 subscription. You recently configured a Microsoft SharePoint Online tenant in the subscription. You plan to create an alert policy. You need to ensure that an alert is generated only when malware is detected in more than five documents stored in SharePoint Online during a period of 10 minutes. What should you do first?
Correct
An alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert, a list of users who trigger the alert if they perform the activity, and a threshold that defines how many times the activity has to occur before an alert is triggered. In this question, we would use the “Malware detected in file“ activity in the alert settings then configure the threshold (5 detections) and the time window (10 minutes). The ability to configure alert policies based on a threshold or based on unusual activity requires Advanced Threat Protection (ATP). Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies
Incorrect
An alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert, a list of users who trigger the alert if they perform the activity, and a threshold that defines how many times the activity has to occur before an alert is triggered. In this question, we would use the “Malware detected in file“ activity in the alert settings then configure the threshold (5 detections) and the time window (10 minutes). The ability to configure alert policies based on a threshold or based on unusual activity requires Advanced Threat Protection (ATP). Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies
Unattempted
An alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert, a list of users who trigger the alert if they perform the activity, and a threshold that defines how many times the activity has to occur before an alert is triggered. In this question, we would use the “Malware detected in file“ activity in the alert settings then configure the threshold (5 detections) and the time window (10 minutes). The ability to configure alert policies based on a threshold or based on unusual activity requires Advanced Threat Protection (ATP). Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies
Question 23 of 60
23. Question
From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. You need to reduce the likelihood that the sign-ins are identified as risky. What should you do?
Correct
Difference between active and closed are location so, ANSWER B is correct From the Conditional access blade in the Azure Active Directory admin center, create named locations. RISK DETECTION AND REMEDIATION New country This detection is discovered by Microsoft Cloud App Security (MCAS). Activity from anonymous IP address This detection is discovered by Microsoft Cloud App Security (MCAS). Reference https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
Incorrect
Difference between active and closed are location so, ANSWER B is correct From the Conditional access blade in the Azure Active Directory admin center, create named locations. RISK DETECTION AND REMEDIATION New country This detection is discovered by Microsoft Cloud App Security (MCAS). Activity from anonymous IP address This detection is discovered by Microsoft Cloud App Security (MCAS). Reference https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
Unattempted
Difference between active and closed are location so, ANSWER B is correct From the Conditional access blade in the Azure Active Directory admin center, create named locations. RISK DETECTION AND REMEDIATION New country This detection is discovered by Microsoft Cloud App Security (MCAS). Activity from anonymous IP address This detection is discovered by Microsoft Cloud App Security (MCAS). Reference https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
Question 24 of 60
24. Question
Your network contains an on-premises Active Directory domain. Your company has a security policy that prevents additional software from being installed on domain controllers. You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP). What should you do? More than once choice may achieve the goal. Select the BEST answer.
Correct
https://practical365.com/security/azure-atp-intro/ “If you donÂ’t want to deploy the Azure ATP Sensor directly on your domain controllers, you can instead deploy the Azure ATP Standalone Sensor on a separate server. The standalone sensor monitors traffic that you direct to it by using port mirroring on your network switches.“
Incorrect
https://practical365.com/security/azure-atp-intro/ “If you donÂ’t want to deploy the Azure ATP Sensor directly on your domain controllers, you can instead deploy the Azure ATP Standalone Sensor on a separate server. The standalone sensor monitors traffic that you direct to it by using port mirroring on your network switches.“
Unattempted
https://practical365.com/security/azure-atp-intro/ “If you donÂ’t want to deploy the Azure ATP Sensor directly on your domain controllers, you can instead deploy the Azure ATP Standalone Sensor on a separate server. The standalone sensor monitors traffic that you direct to it by using port mirroring on your network switches.“
Question 25 of 60
25. Question
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table. Group2 is a member of Group1. You assign a Microsoft Office 365 Enterprise E3 license to Group1. How many Office 365 E3 licenses are assigned?
Correct
You cannot assign license to user 3 directly. But you can assgin to a security group. Users without location will inherit the license. You can find it in the AAD license page.
Incorrect
You cannot assign license to user 3 directly. But you can assgin to a security group. Users without location will inherit the license. You can find it in the AAD license page.
Unattempted
You cannot assign license to user 3 directly. But you can assgin to a security group. Users without location will inherit the license. You can find it in the AAD license page.
Question 26 of 60
26. Question
You have a Microsoft 365 subscription. A new corporate security policy states that you must automatically send DLP incident reports to the users in the legal department. You need to schedule the email delivery of the reports. The solution must ensure that the reports are sent as frequently as possible. How frequently can you schedule the delivery of the reports?
Correct
Incorrect
Unattempted
Question 27 of 60
27. Question
Your network contains an Active Directory domain named contoso.com. The domain contains 1000 Windows 8.1 devices. You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices. You need to recommend a Windows 10 deployment method. What should you recommend?
Your network contains an Active Directory forest named adatum.local. The forest contains 500 users and uses adatum.com as a UPN suffix. You deploy a Microsoft 365 tenant. You implement directory synchronization and sync only 50 support users. You discover that five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com. You need to ensure that all synchronized identities retain the UPN set in their on-premises user account. What should you do?
Correct
The question states that only five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com. Therefore the other 45 users have the correct UPN suffix. This tells us that the adatum.com domain has already been added to Office 365 as a custom domain.The forest is named adatum.local and uses adatum.com as a UPN suffix. User accounts in the domain will have adatum.local as their default UPN suffix. To use adatum.com as the UPN suffix, each user account will need to be configured to use adatum.com as the UPN suffix. Any synchronized user account that has adatum.local as a UPN suffix will be configured to use a UPN suffix of onmicrosoft.com because adatum.local cannot be added to Office 365 as a custom domain. Therefore, the reason that the five synchronized users have usernames with a UPN suffix of onmicrosoft.com is because their accounts were not configured to use the UPN suffix of contoso.com.
Incorrect
The question states that only five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com. Therefore the other 45 users have the correct UPN suffix. This tells us that the adatum.com domain has already been added to Office 365 as a custom domain.The forest is named adatum.local and uses adatum.com as a UPN suffix. User accounts in the domain will have adatum.local as their default UPN suffix. To use adatum.com as the UPN suffix, each user account will need to be configured to use adatum.com as the UPN suffix. Any synchronized user account that has adatum.local as a UPN suffix will be configured to use a UPN suffix of onmicrosoft.com because adatum.local cannot be added to Office 365 as a custom domain. Therefore, the reason that the five synchronized users have usernames with a UPN suffix of onmicrosoft.com is because their accounts were not configured to use the UPN suffix of contoso.com.
Unattempted
The question states that only five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com. Therefore the other 45 users have the correct UPN suffix. This tells us that the adatum.com domain has already been added to Office 365 as a custom domain.The forest is named adatum.local and uses adatum.com as a UPN suffix. User accounts in the domain will have adatum.local as their default UPN suffix. To use adatum.com as the UPN suffix, each user account will need to be configured to use adatum.com as the UPN suffix. Any synchronized user account that has adatum.local as a UPN suffix will be configured to use a UPN suffix of onmicrosoft.com because adatum.local cannot be added to Office 365 as a custom domain. Therefore, the reason that the five synchronized users have usernames with a UPN suffix of onmicrosoft.com is because their accounts were not configured to use the UPN suffix of contoso.com.
Question 29 of 60
29. Question
Your company has a main office and 20 branch offices in North America and Europe. Each branch connects to the main office by using a WAN link. All the offices connect to the Internet and resolve external host names by using the main office connections. You plan to deploy Microsoft 365 and to implement a direct Internet connection in each office. You need to recommend a change to the infrastructure to provide the quickest possible access to Microsoft 365 services. What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
Correct
Being a cloud service, Office 365 would be classed as an external host to the office computers. All the offices connect to the Internet and resolve external host names by using the main office connections. This means that all branch office computers perform DNS lookups and connect to the Internet over the WAN link. Each branch office will have a direct connection to the Internet so the quickest possible access to Microsoft 365 services would be by using the direct Internet connections. However, the DNS lookups would still go over the WAN links to main office. The solution to provide the quickest possible access to Microsoft 365 services is to configure DNS name resolution so that the computers use public DNS servers for external hosts. That way DNS lookups for Office 365 and the connections to Office 365 will use the direct Internet connections.
Incorrect
Being a cloud service, Office 365 would be classed as an external host to the office computers. All the offices connect to the Internet and resolve external host names by using the main office connections. This means that all branch office computers perform DNS lookups and connect to the Internet over the WAN link. Each branch office will have a direct connection to the Internet so the quickest possible access to Microsoft 365 services would be by using the direct Internet connections. However, the DNS lookups would still go over the WAN links to main office. The solution to provide the quickest possible access to Microsoft 365 services is to configure DNS name resolution so that the computers use public DNS servers for external hosts. That way DNS lookups for Office 365 and the connections to Office 365 will use the direct Internet connections.
Unattempted
Being a cloud service, Office 365 would be classed as an external host to the office computers. All the offices connect to the Internet and resolve external host names by using the main office connections. This means that all branch office computers perform DNS lookups and connect to the Internet over the WAN link. Each branch office will have a direct connection to the Internet so the quickest possible access to Microsoft 365 services would be by using the direct Internet connections. However, the DNS lookups would still go over the WAN links to main office. The solution to provide the quickest possible access to Microsoft 365 services is to configure DNS name resolution so that the computers use public DNS servers for external hosts. That way DNS lookups for Office 365 and the connections to Office 365 will use the direct Internet connections.
Question 30 of 60
30. Question
DRAG DROP – You have a Microsoft 365 subscription. You have the devices shown in the following table. You need to onboard the devices to Windows Defender Advanced Threat Protection (ATP). The solution must avoid installing software on the devices whenever possible. Which onboarding method should you use for each operating system? To answer, drag the appropriate methods to the correct operating systems. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Select and Place:
Correct
Correct Answer:Â Box 1: To onboard down-level Windows client endpoints to Microsoft Defender ATP, you‘ll need to: Configure and update System Center Endpoint Protection clients. Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP Box 2: For Windows 10 clients, the following deployment tools and methods are supported: Group Policy System Center Configuration Manager Mobile Device Management (including Microsoft Intune) Local script. Box 3: Windows Server 2016 can be onboarded by using Azure Security Centre. When you add servers in the Security Centre, the Microsoft Monitoring Agent is installed on the servers.
Incorrect
Correct Answer:Â Box 1: To onboard down-level Windows client endpoints to Microsoft Defender ATP, you‘ll need to: Configure and update System Center Endpoint Protection clients. Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP Box 2: For Windows 10 clients, the following deployment tools and methods are supported: Group Policy System Center Configuration Manager Mobile Device Management (including Microsoft Intune) Local script. Box 3: Windows Server 2016 can be onboarded by using Azure Security Centre. When you add servers in the Security Centre, the Microsoft Monitoring Agent is installed on the servers.
Unattempted
Correct Answer:Â Box 1: To onboard down-level Windows client endpoints to Microsoft Defender ATP, you‘ll need to: Configure and update System Center Endpoint Protection clients. Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP Box 2: For Windows 10 clients, the following deployment tools and methods are supported: Group Policy System Center Configuration Manager Mobile Device Management (including Microsoft Intune) Local script. Box 3: Windows Server 2016 can be onboarded by using Azure Security Centre. When you add servers in the Security Centre, the Microsoft Monitoring Agent is installed on the servers.
Question 31 of 60
31. Question
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table. Group2 is a member of Group1. You assign a Microsoft Office 365 Enterprise E3 license to Group1. How many Office 365 E3 licenses are assigned?
Your company has a Microsoft 365 subscription. You have been tasked with configuring external collaboration settings for your company‘s Microsoft Azure Active Directory (Azure AD) tenant. You want to make sure that authorized users are able to create guest users in the tenant. Which of the following actions should you take? Which setting should you modify?
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. After acquiring a Microsoft 365 Enterprise subscription, you are tasked with migrating your company‘s Microsoft Exchange Server 2016 mailboxes and groups to Exchange Online. You have started a new migration batch. You, subsequently, receive complaints from on-premises Exchange Server users about slow performance. Your analysis shows that the issue has resulted from the migration. You want to make sure that the effect the mailbox migration has on users is decreased. Solution: You create a label policy. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 34 of 60
34. Question
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. After acquiring a Microsoft 365 Enterprise subscription, you are tasked with migrating your company‘s Microsoft Exchange Server 2016 mailboxes and groups to Exchange Online. You have started a new migration batch. You, subsequently, receive complaints from on-premises Exchange Server users about slow performance. Your analysis shows that the issue has resulted from the migration. You want to make sure that the effect the mailbox migration has on users is decreased. Solution: You modify the migration endpoint settings. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 35 of 60
35. Question
After your company migrates their on-premises email solution to Microsoft Exchange Online, you are tasked with assessing which licenses to acquire. You are informed that licenses acquired for the company?€™s IT and Managers groups should allow for the following: ? The IT group needs to have access to the Microsoft Azure Active Directory (Azure AD) Privileged Identity Management. ? Both the IT and Managers groups should have access to Microsoft Azure Active Directory (Azure AD) conditional access. You need to make sure that the licensing costs are kept to a minimum. Which two of the following options should you recommend? (Choose two.)
Correct
Incorrect
Unattempted
Question 36 of 60
36. Question
You work for a company manages all their identities in the cloud. After acquiring a new domain name, you are tasked with making sure that the primary email address of all new mailboxes uses the new domain. Which of the following is the Microsoft Exchange Online PowerShell cmdlet that you should run?
DRAG DROP – Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You purchase a domain named contoso.com from a registrar and add all the required DNS records. You create a user account named User1. User1 is configured to sign in as [email protected]. You need to configure User1 to sign in as [email protected]. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Select and Place:
Correct
The first step is to add the contoso.com domain to Office 365. You do this by adding a custom domain. When you add a custom domain to office 365, you can use the domain as your email address or to sign in to Office 365. The second step is to verify the custom domain. This is to prove that you own the domain. You can verify the custom domain by adding a DNS record to the domain DNS zone. When you have added and verified the domain, you can configure the user accounts to use it. To configure User1 to sign in as [email protected], you need to change the username of User1. In Office 365, the username is composed of two parts. The first part is the actual username (User1) and the second part is the domain. You need to modify the username of User1 by selecting the contoso.com domain from the dropdown list of domains. The dropdown list of domains contains the .onmicrosoft.com domain and any custom domains that have been added. Reference: https://docs.microsoft.com/en-us/office365/admin/setup/add-domain?view=o365-worldwide
Incorrect
The first step is to add the contoso.com domain to Office 365. You do this by adding a custom domain. When you add a custom domain to office 365, you can use the domain as your email address or to sign in to Office 365. The second step is to verify the custom domain. This is to prove that you own the domain. You can verify the custom domain by adding a DNS record to the domain DNS zone. When you have added and verified the domain, you can configure the user accounts to use it. To configure User1 to sign in as [email protected], you need to change the username of User1. In Office 365, the username is composed of two parts. The first part is the actual username (User1) and the second part is the domain. You need to modify the username of User1 by selecting the contoso.com domain from the dropdown list of domains. The dropdown list of domains contains the .onmicrosoft.com domain and any custom domains that have been added. Reference: https://docs.microsoft.com/en-us/office365/admin/setup/add-domain?view=o365-worldwide
Unattempted
The first step is to add the contoso.com domain to Office 365. You do this by adding a custom domain. When you add a custom domain to office 365, you can use the domain as your email address or to sign in to Office 365. The second step is to verify the custom domain. This is to prove that you own the domain. You can verify the custom domain by adding a DNS record to the domain DNS zone. When you have added and verified the domain, you can configure the user accounts to use it. To configure User1 to sign in as [email protected], you need to change the username of User1. In Office 365, the username is composed of two parts. The first part is the actual username (User1) and the second part is the domain. You need to modify the username of User1 by selecting the contoso.com domain from the dropdown list of domains. The dropdown list of domains contains the .onmicrosoft.com domain and any custom domains that have been added. Reference: https://docs.microsoft.com/en-us/office365/admin/setup/add-domain?view=o365-worldwide
Question 38 of 60
38. Question
You need to consider the underlined segment to establish whether it is accurate. You have been tasked with deploying a Windows 10 Enterprise image to a large number of Windows 8.1 devices. These devices are joined to an Active Directory domain. You use the in-place upgrade Windows 10 deployment method for the task. Select ?€No adjustment required?€ if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option. What should you recommend?
Your company has a Microsoft Azure Active Directory (Azure AD) tenant with multi-factor authentication enabled. You have also configured the Allow users to submit fraud alerts, and the Block user when fraud is reported settings to ON. A tenant user has submitted a fraud alert for his account. Which of the following is the length of time that the user?€™s account will automatically be blocked for?
Your company‘s Microsoft Azure Active Directory (Azure AD) tenant includes four users that are configured with the Privileged role administrator, the User administrator, the Security administrator, and the Billing administrator roles respectively. A security group has been included in the tenant for the purpose of managing administrative accounts. Which of the four roles can be used to add a user with the Security administrator role to the security group?
Your network contains an Active Directory domain that spans a number of cities and a multitude of users. After acquiring Microsoft 365, you intend to deploy quite a few Microsoft 365 services. You want to make sure that pass-through authentication and seamless SSO can be used in your environment. You also decide that Azure AD Connect won‘t be configured to be in staging mode. With regards to redundancy limits, which of the following is the most amount of servers that can run standalone Authentication Agents?
Correct
Incorrect
Unattempted
Question 42 of 60
42. Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use Dashboard in Security & Compliance. Does this meet the goal?
Correct
Incorrect
Unattempted
Question 43 of 60
43. Question
Your company has acquired Microsoft 365 for their Active Directory domain, which includes five domain controllers. Prior to implementing a number of Microsoft 365 services, you are tasked with making use of an authentication solution that allows users to access Microsoft 365 by using their on-premises credentials. The solution should also only make use of the current server infrastructure. Furthermore, must allow for all user passwords to only be stored on-premises, and be highly available. Solution: You configure the use of password hash synchronization only. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 44 of 60
44. Question
Your company‘s Microsoft Azure Active Directory (Azure AD) tenant includes four users that are configured with the Privileged role administrator, the User administrator, the Security administrator, and the Billing administrator roles respectively. A security group has been included in the tenant for the purpose of managing administrative accounts. Which of the four roles can be used to create a guest user account?
HOTSPOT – You have a Microsoft Azure Active Directory (Azure AD) tenant. Your company implements Windows Information Protection (WIP). You need to modify which users and applications are affected by WIP. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
Correct
Microsoft Intune has an easy way to create and deploy a Windows Information Protection (WIP) policy. You can choose which apps to protect, the level of protection, and how to find enterprise data on the network. The devices can be fully managed by Mobile Device Management (MDM), or managed by Mobile Application Management (MAM), where Intune manages only the apps on a user‘s personal device. The MAM User scope determines which users are affected by WIP. App protection policies are used to configure which applications are affected by WIP. Reference: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
Incorrect
Microsoft Intune has an easy way to create and deploy a Windows Information Protection (WIP) policy. You can choose which apps to protect, the level of protection, and how to find enterprise data on the network. The devices can be fully managed by Mobile Device Management (MDM), or managed by Mobile Application Management (MAM), where Intune manages only the apps on a user‘s personal device. The MAM User scope determines which users are affected by WIP. App protection policies are used to configure which applications are affected by WIP. Reference: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
Unattempted
Microsoft Intune has an easy way to create and deploy a Windows Information Protection (WIP) policy. You can choose which apps to protect, the level of protection, and how to find enterprise data on the network. The devices can be fully managed by Mobile Device Management (MDM), or managed by Mobile Application Management (MAM), where Intune manages only the apps on a user‘s personal device. The MAM User scope determines which users are affected by WIP. App protection policies are used to configure which applications are affected by WIP. Reference: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure
Question 46 of 60
46. Question
Your company has an Active Directory domain as well as a Microsoft Azure Active Directory (Azure AD) tenant. After configuring directory synchronization for all users in the organization, you configure a number of new user accounts to be created automatically. You want to run a command to make sure that the new user accounts synchronize to Azure AD in the shortest time required. Which of the following is the command that you should use?
You have been tasked with enable Microsoft Azure Information Protection for your company‘s Microsoft 365 subscription. You are informed that only the members of a group, named Group1, are able to protect content. To achieve your goal, you plan to run a PowerShell cmdlet. Which of the following is the cmdlet you should run?
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. After acquiring a Microsoft 365 Enterprise subscription, you are tasked with migrating your company‘s Microsoft Exchange Server 2016 mailboxes and groups to Exchange Online. You have started a new migration batch. You, subsequently, receive complaints from on-premises Exchange Server users about slow performance. Your analysis shows that the issue has resulted from the migration. You want to make sure that the effect the mailbox migration has on users is decreased. Solution: You create a label policy. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 49 of 60
49. Question
Your network contains an Active Directory domain that spans a number of cities and a multitude of users. After acquiring Microsoft 365, you intend to deploy quite a few Microsoft 365 services. You want to make sure that pass-through authentication and seamless SSO can be used in your environment. You also decide that Azure AD Connect won?€™t be configured to be in staging mode. With regards to redundancy limits, which of the following is the maximum amount of servers that can run Azure AD Connect?
Correct
Incorrect
Unattempted
Question 50 of 60
50. Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use the View service requests option in the Microsoft 365 admin center. Does this meet the goal?
Correct
Message Center is the right place.
Incorrect
Message Center is the right place.
Unattempted
Message Center is the right place.
Question 51 of 60
51. Question
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. After acquiring a Microsoft 365 Enterprise subscription, you are tasked with migrating your company‘s Microsoft Exchange Server 2016 mailboxes and groups to Exchange Online. You have started a new migration batch. You, subsequently, receive complaints from on-premises Exchange Server users about slow performance. Your analysis shows that the issue has resulted from the migration. You want to make sure that the effect the mailbox migration has on users is decreased. Solution: You create a mail flow rule. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 52 of 60
52. Question
You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase. You want the members of two groups named IT and Managers to be able to use the features shown in the following table. The IT group contains 50 users. The Managers group contains 200 users. You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs. Which licenses should you recommend?
Correct
E3 has Conditional Access, PIM is E5
Incorrect
E3 has Conditional Access, PIM is E5
Unattempted
E3 has Conditional Access, PIM is E5
Question 53 of 60
53. Question
Your company has a Microsoft Office 365 subscription with a number of Microsoft SharePoint Online sites. Currently, users are able to invite external users to access files on the SharePoint sites. You are tasked with making sure that users are only able to authenticated guest users to the SharePoint sites. Which of the following actions should you take?
Correct
Incorrect
Unattempted
Question 54 of 60
54. Question
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements. Your company currently has an on-premises Active Directory forest. You have been tasked with assessing the application of Microsoft 365 and the utilization of an authentication strategy. You have been informed that the authentication strategy should permit sign in via smart card-based certificates, and also permitting the use of SSO to connect to on-premises and Microsoft 365 services. Solution: You recommend the use of password hash synchronization and seamless SSO as the authentication strategy. Does the solution meet the goal?
Correct
Incorrect
Unattempted
Question 55 of 60
55. Question
HOTSPOT – Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table. Another administrator removes User1 from Group1 and adds Group2 to Group1. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
You are responsible for your company‘s Microsoft 365 subscription. The company introduces a security policy that requires DLP incident reports to be automatically sent to legal department users. You are required to configure the reports to be delivered via email as often you can. Which of the following is the option you should use?
Correct
Incorrect
Unattempted
Question 57 of 60
57. Question
You need to consider the underlined segment to establish whether it is accurate. You company has a Microsoft 365 subscription. To prevent your company from receiving phishing email messages, create a new mail flow rule. Select No adjustment required?€ if the underlined segment is accurate. If the underlined segment is inaccurate, select the accurate option.
You have been tasked with detecting all users in your company‘s Microsoft 365 subscription who has a Microsoft Office 365 license as a result of belonging to a group. You need to make sure that the group used to assign the license is included in your results. Which of the following actions should you take?
Correct
Incorrect
Unattempted
Question 59 of 60
59. Question
Your company has a Microsoft Azure Active Directory (Azure AD) tenant with multi-factor authentication enabled. You have also configured the Allow users to submit fraud alerts, and the Block user when fraud is reported settings to ON. A tenant user has submitted a fraud alert for his account. After receiving an alert call, the user needs to enter a special code followed by #. Which of the following is default special code?
Your company‘s Microsoft 365 tenant includes Microsoft Exchange Online. You have been tasked with enabling calendar sharing with a partner organization, who also has a Microsoft 365 tenant. You have to make sure that users in the partner organization has access to the calendar of every user instantly. Which of the following actions should you take?