NEW QUESTION 1
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Azure Active Directory admin center, you create a trusted location and a conditional access policy.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Onlineand-OneDrive-for/ba-p/46678

NEW QUESTION 2
HOTSPOT
You have a Microsoft 365 subscription that contains all the user data.
You plan to create the retention policy shown in the Locations exhibit. (Click the Locations tab.)

You configure the Advanced retention settings as shown in the Retention exhibit. (Click the Retention tab.)

The locations specified in the policy include the groups shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/retention-policies

NEW QUESTION 3
HOTSPOT
Your company uses Microsoft Cloud App Security.
You plan to integrate Cloud App Security and security information and event management (SIEM). You need to deploy a SIEM agent on a server that runs Windows Server 2021.
What should you do? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/integrate-your-siem-server-with-office-365-cas

NEW QUESTION 4
You deploy Microsoft Azure Information Protection.
You need to ensure that a security administrator named SecAdmin1 can always read and inspect data protected by Azure Rights Management (Azure RMS).
What should you do?

• A. From the Security & Compliance admin center, add User1 to the eDiscovery Manager role group.
• B. From the Azure Active Directory admin center, add User1 to the Security Reader role group.
• C. From the Security & Compliance admin center, add User1 to the Compliance Administrator role group.
• D. From Windows PowerShell, enable the super user feature and assign the role to SecAdmin1.

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-super-users

NEW QUESTION 5
HOTSPOT
You configure an anti-phishing policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies#learn-about-HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies#learn-about-atp-anti-phishing-policy-options"atp-anti-phishing-policy-options

NEW QUESTION 6
HOTSPOT
Your company uses Windows Defender Advanced Threat Protection (ATP). Windows Defender ATP includes the machine groups shown in the following table.

You onboard a computer named computer1 to Windows Defender ATP as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 7
DRAG DROP
You have a Microsoft 365 subscription.
You have the devices shown in the following table.

You need to onboard the devices to Windows Defender Advanced Threat Protection (ATP). The solution must avoid installing software on the devices whenever possible.
Which onboarding method should you use for each operating system? To answer, drag the appropriate methods to the correct operating systems. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
hHYPERLINK "https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection"ttps://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-HYPERLINK "https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection"windows-defender-advanced-threat-protection

NEW QUESTION 8
HOTSPOT
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. Your company implements Windows Information Protection (WIP).
You need to modify which users and applications are affected by WIP.
What should you do? To answer, select the appropriate options m the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protectHYPERLINK "https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure"ion/create-wip- policy-using-intune-azure

NEW QUESTION 9
HOTSPOT
You have a Microsoft 365 tenant.
You plan to create a retention policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 10
HOTSPOT
You purchase a new Microsoft 365 subscription.
You create 100 users who are assigned Microsoft 365 E3 licenses. From the Security & Compliance admin center, you enable auditing.
Six months later, a manager sends you an email message asking the following questions: Question1: Who created a team named Team1 14 days ago?
Question2: Who signed in to the mailbox of User1 30 days ago?
Question3: Who changed the site collection administrators of a site 60 days ago?
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliaHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance?redirectSourcePath=%2farticle%2f0d4d0f35-390b-4518-800e-0c7ec95e946c"nce/search-the-audit-log-in-security-and-compliance?redirectSourcePath=%252farticle%252f0d4d0f35-390b-4518-800e-0c7ec95e946c
https://docs.microsoft.com/HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing"en-us/office365/securitycompliance/enable-mailbox-auditing

NEW QUESTION 11
DRAG DROP
You need to meet the requirement for the legal department
Which three actions should you perform in sequence from the Security & Compliance admin center? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://www.sherweb.com/blog/edisHYPERLINK "https://www.sherweb.com/blog/ediscovery-office-365/"covery-office-365/

NEW QUESTION 12
HOTSPOT
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.

The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-tHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of- role-groups-to-assigned-roles"o-assigned-roles

NEW QUESTION 13
HOTSPOT
From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/quickstart-configure-named-locations

NEW QUESTION 14
Your company has a Microsoft 365 subscription.
You implement Microsoft Azure Information Protection.
You need to automatically protect email messages that contain the word Confidential in the subject line.
What should you create?

• A. a mail flow rule from the Exchange admin center
• B. a message trace from the Security & Compliance admin center
• C. a supervision policy from the Security & Compliance admin center
• D. a sharing policy from the Exchange admin center

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-exo-rules

NEW QUESTION 15
You have a Microsoft 365 subscription.
You need to view the IP address from which a user synced a Microsoft SharePoint library.
What should you do?

• A. From the SharePoint admin center, view the usage reports.
• B. From the Security & Compliance admin center, perform an audit log search.
• C. From the Microsoft 365 admin center, view the usage reports.
• D. From the Microsoft 365 admin center, view the properties of the user’s user account.

Answer: B

Explanation:
References:
https://docs.microsoft.com/enHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance"- us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

NEW QUESTION 16
HOTSPOT
You have several devices enrolled in Microsoft Intune.
You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown in the following table.

The device limit restrictions in Intune are configured as shown in the following table.

You add User3 as a device enrollment manager in Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/sHYPERLINK "https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/enroll-devices-with-device-enrollment-manager"ccm/mdm/deploy- use/enroll-devices-with-device-enrollment-manager

NEW QUESTION 17
HOTSPOT
Your company is based in the United Kingdom (UK).
Users frequently handle data that contains Personally Identifiable Information (PII).
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies"com/en-us/office365/securitycompliance/data-loss-prevention-policies

NEW QUESTION 18
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Microsoft 365 admin center, you configure the Organization profile settings. Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
References:
https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Onlineand-OneDrive-for/ba-p/46678A

NEW QUESTION 19
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint shoring policy to prevent sharing outside your organization.
You need to be notified if the SharePoint sharing policy is modified m the future. Solution: From the SharePoint site, you create an alert.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 20
HOTSPOT
You have three devices enrolled in Microsoft Intune as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 21
You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
In the tenant, you create a user named User1.
You need to ensure that User1 can publish retention labels from the Security & Compliance admin center. The solution must use the principle of least privilege.
To which role group should you add User1?

• A. Security Administrator
• B. Records Management
• C. Compliance Administrator
• D. eDiscovery Manager

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/file-plan-manager

NEW QUESTION 22
HOTSPOT
You have a Microsoft 365 subscription that uses a default domain named contoso.com. Three files were created on February 1, 2021, as shown in the following table.

On March 1, 2021, you create two retention labels named Label1 and Label2.
The settings for Lable1 are configured as shown in the Label1 exhibit. (Click the Label1 tab.)

The settings for Lable2 are configured as shown in the Label2 exhibit. (Click the Label2 tab.)

You apply the retention labels to Exchange email, SharePoint sites, and OneDrive accounts.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/labels https://docs.microsoft.com/en-us/office365/securitycompliance/disposition-reviews

NEW QUESTION 23
Your network contains an on premises Active Directory domain.
Your company has a security policy that prevents additional software from txnrwj installed on domain controllers.
You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP). What should you do? More than one answer choice may achieve the goal. Select the BEST answer.

• A. Deploy an Azure ATP sensor, and then configure port mirroring.
• B. Deploy an Azure ATP sensor, and then configure detections.
• C. Deploy an Azure ATP standalone sensor, and then configure detections.
• D. Deploy an Azure ATP standalone sensor, and then configure port mirroring.

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/instHYPERLINK "https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5"all-atp-step5

NEW QUESTION 24
You have a Microsoft 365 subscription.
From the Security & Compliance admin center, you create a content search of all the mailboxes that contain the word Project X.
You need to export the results of the content search. What do you need to download the report?

• A. a certification authority (CA) certificate
• B. an export key
• C. a password
• D. a user certificate

Answer: B

Explanation:
References:
https://docs.HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/export-search-results"microsoft.com/en-us/office365/securitycompliance/export-search-results

NEW QUESTION 25
You have a Microsoft 36S subscription.
Your company purchases a new financial application named App1.
From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered apps page and discover that many applications have a low score because they are missing information about domain registration and consumer popularity.
You need to prevent the missing information from affecting the score. What should you configure from the Cloud Discover settings?

• A. Organization details
• B. Default behavior
• C. Score metrics
• D. App tags

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/cloud-app-security/discovered-app-queries

NEW QUESTION 26
......