MS-101 : Microsoft 365 Mobility and Security : Part 09

MS-101 : Microsoft 365 Mobility and Security : Part 09

1. HOTSPOT

   You have retention policies in Microsoft 365 as shown in the following table.

   

   Policy1 is configured as shown in the Policy1 exhibit. (Click the Policy1 tab.)

   

   Policy2 is configured as shown in the Policy2 exhibit. (Click the Policy2 tab.)

   

   For each of the following statements, select Yes if the statement is true. Otherwise, select No.

   NOTE: Each correct selection is worth one point.

   

   

2. You have a Microsoft 365 subscription.

   You configure a data loss prevention (DLP) policy.

   You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.

   You need to prevent the users from bypassing the DLP policy.

   What should you configure?

   • incident reports
   • actions
   • exceptions
   • user overrides

3. You have a Microsoft 365 subscription.

   All users have their email stored in Microsoft Exchange Online.

   In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.

   What should you do?

   • From the Security & Compliance admin center, create an eDiscovery case.
   • From the Exchange admin center, create a mail flow rule.
   • From the Security & Compliance admin center, start a message trace.
   • From Microsoft Cloud App Security, create an access policy.

4. You have a Microsoft 365 E5 subscription.

   You run an eDiscovery search that returns the following Azure Rights Management (Azure RMS) – encrypted content:

   -​Microsoft Exchange emails
   -​Microsoft OneDrive documents
   -​​Microsoft SharePoint documents

   Which content can be decrypted when you export the eDiscovery search results?

   • Exchange emails only
   • SharePoint documents, OneDrive documents, and Exchange emails
   • OneDrive documents only
   • SharePoint documents and OneDrive documents only
   • SharePoint documents only

5. You have a Microsoft 365 subscription.

   You plan to connect to Microsoft Exchange Online PowerShell and run the following cmdlets:

   - Search-MailboxAuditLog
   - Test-ClientAccessRule
   - Set-GroupMailbox
   - Get-Mailbox

   Which cmdlet will generate an entry in the Microsoft Office 365 audit log?

   • Search-MailboxAuditLog

   • Test-ClientAccessRule

   • Set-GroupMailbox

   • Get-Mailbox

6. HOTSPOT

   Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.

   

   You create a retention label named Label1 that has the following configurations:

   – Retains content for five years
   – Automatically deletes all content that is older than five years

   You turn on Auto labeling for Label1 by using a policy named Policy1. Policy1 has the following configurations:

   – Applies to content that contains the word Merger
   – Specifies the OneDrive accounts and SharePoint sites locations

   You run the following command.

   Set-RetentionCompliancePolicy Policy1 –RestrictiveRetention $true
   -Force

   For each of the following statements, select Yes if the statement is true. Otherwise, select No.

   NOTE: Each correct selection is worth one point.

   

   

7. HOTSPOT

   You have an Azure Active Directory (Azure AD) tenant that contains two users named User1 and User2.

   On September 5, 2019, you create and enforce a terms of use (ToU) in the tenant. The ToU has the following settings:

   – Name: Terms1
   – Display name: Terms1 name
   – Require users to expand the terms of use: Off
   – Require users to consent on every device: Off
   – Expire consents: On
   – Expire starting on: October 10, 2019
   – Frequency: Monthly

   User1 accepts Terms1 on September 5, 2019. User2 accepts Terms1 on October 5, 2019.

   When will Terms1 expire for the first time for each user? To answer, select the appropriate options in the answer area.

   NOTE: Each correct selection is worth one point.

   

   

8. Your company uses on-premises Windows Server File Classification Infrastructure (FCI). Some documents on the on-premises file servers are classified as Confidential.

   You migrate the files from the on-premises file servers to Microsoft SharePoint Online.

   You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.

   What should you do first?

   • From the SharePoint admin center, configure hybrid search.
   • From the SharePoint admin center, create a managed property.
   • From the Security & Compliance Center PowerShell, run the New-DataClassification cmdlet.
   • From the Security & Compliance Center PowerShell, run the New-DlpComplianceRule cmdlet.

9. You have a Microsoft 365 subscription.

   From the Security & Compliance admin center, you create a content search of all the mailboxes that contain the work ProjectX.

   You need to export the results of the content search.

   What do you need to download the report?

   • a certification authority (CA) certificate
   • an export key
   • a password
   • a user certificate

10. HOTSPOT

    You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

    You have three applications named App1, App2, and App3. The apps use files that have the same file extensions.

    Your company uses Windows Information Protection (WIP). WIP has the following configurations:

    – Windows Information Protection mode: Silent
    – Protected apps: App1
    – Exempt apps: App2

    From App1, you create a file named File1.

    What is the effect of the configurations? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    

    

11. HOTSPOT

    You have a Microsoft 365 subscription.

    You have a group named Support. Users in the Support group frequently send email messages to external users.

    The manager of the Support group wants to randomly review messages that contain attachments.

    You need to provide the manager with the ability to review messages that contain attachments sent from the Support group users to external users. The manager must have access to only 10 percent of the messages.

    What should you do? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    

    

12. Your company has a Microsoft 365 subscription.

    You implement Microsoft Azure Information Protection.

    You need to automatically protect email messages that contain the word Confidential in the subject line.

    What should you create?

    • a mail flow rule from the Exchange admin center
    • a message trace from the Security & Compliance admin center
    • a supervision policy from the Security & Compliance admin center
    • a sharing policy from the Exchange admin center

13. You have a Microsoft 365 subscription.

    You need to investigate user activity in Microsoft 365, including from where users signed in, which applications were used, and increases in activity during the past month. The solution must minimize administrative effort.

    Which admin center should you use?

    • Azure ATP
    • Security & Compliance
    • Cloud App Security
    • Flow

14. HOTSPOT

    A user named User1 has files in Microsoft OneDrive as shown in the following table.

    

     

    On February 1, 2019, you apply a retention policy named Policy1 as shown in the following exhibit. 

    

    On February 5, 2019, User1 edits File2.

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    

     

    

15. You have a Microsoft 365 subscription that uses a default domain named contoso.com.

    You have two users named User1 and User2.

    From the Security & Compliance admin center, you add User1 to the eDiscovery Manager role group.

    From the Security & Compliance admin center, User1 creates a case named Case1.

    You need to ensure that User1 can add User2 as a case member. The solution must use the principle of least privilege.

    To which role group should you add User2?

    • eDiscovery Manager
    • eDiscovery Administrator
    • Security Administrator

16. Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.

    You sign up for Microsoft Store for Business.

    The tenant contains the users shown in the following table.

    

    Microsoft Store for Business has the following Shopping behavior settings:

    – Allow users to shop is set to On.
    – Make everyone a Basic Purchaser is set to Off.

    You need to identify which users can install apps from the Microsoft for Business private store.

    Which users should you identify?

    • User1 and User2 only
    • User1 only
    • User1, User2, User3, and User4 only
    • User3 and User4 only
    • User1, User2, User3, User4, and User5
    Explanation:
    Allow users to shop controls the shopping experience in Microsoft Store for Education. When this setting is on, Purchasers and Basic Purchasers can purchase products and services from Microsoft Store for Education.

17. You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.

    

    You create and assign a data loss prevention (DLP) policy named Policy1. Policy1 is configured to prevent documents that contain Personally Identifiable Information (PII) from being emailed to users outside your organization.

    To which users can User1 send documents that contain PII?

    • User2 only
    • User2 and User3 only
    • User2, User3, and User4 only
    • User2, User3, User4, and User5
    Explanation:
    Guest accounts are considered “outside your organization”. Users who have non-guest accounts in a host organization’s Active Directory or Azure Active Directory tenant are considered as people inside the organization.

18. HOTSPOT

    You have a Microsoft 365 subscription that contains the users shown in the following table.

    

    You run the following cmdlet.

    Set-MailboxAuditBypassAssociation –Identity User2 
    –AuditByPassEnabled $true

    The users perform the following actions:

    – User1 accesses an item in the mailbox of User2.
    – User2 modifies a mailbox item in the mailbox of User3.
    – User3 signs in to her mailbox.

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    

    

19. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have a new Microsoft 365 subscription.

    You need to prevent users from sending email messages that contain Personally Identifiable Information (PII).

    Solution: From the Exchange admin center, you create a data loss prevention (DLP) policy.

    Does this meet the goal?

    • Yes
    • No
    Explanation:
    In Microsoft 365, you can create a data loss prevention (DLP) policy in two different admin centers:
    – In the Security & Compliance admin center (now known as the Microsoft 365 Compliance Center), you can create a single DLP policy to help protect content in SharePoint, OneDrive, Exchange, Teams, and now Endpoint Devices.
    – In the Exchange admin center, you can create a DLP policy to help protect content only in Exchange.