NEW QUESTION 1
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You have a Microsoft 365 subscription.
You need to ensure that users can manage the configuration settings for all the Windows 10 devices in your organization.
What should you configure?

• A. the Enrollment restrictions
• B. the mobile device management (MDM) authority
• C. the Exchange on-premises access settings
• D. the Windows enrollment settings

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/intune/mdm-authority-set

NEW QUESTION 2
HOTSPOT
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
A user named User1 has files on a Windows 10 device as shown in the following table.

In Azure Information Protection, you create a label named Label1 that is configured to apply automatically. Label1 is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification

NEW QUESTION 3
You have a Microsoft 365 subscription.
You need to view the IP address from which a user synced a Microsoft SharePoint library.
What should you do?

• A. From the SharePoint admin center, view the usage reports.
• B. From the Security & Compliance admin center, perform an audit log search.
• C. From the Microsoft 365 admin center, view the usage reports.
• D. From the Microsoft 365 admin center, view the properties of the user’s user account.

Answer: B

Explanation:
References:
https://docs.microsoft.com/enHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance"- us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

NEW QUESTION 4
HOTSPOT
You need to meet the technical requirement for log analysis.
What is the minimum number of data sources and log collectors you should create from Microsoft Cloud App Security? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/cloud-app-security/discovery-docker

NEW QUESTION 5
A user receives the following message when attempting to sign in to https://myapps.microsoft.com: "Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location device, or app. Before you can continue, we need to verity your identity. Please contact your admin.”
Which configuration prevents the users from signing in?

• A. Microsoft Azure Active Directory (Azure AD) Identity Protection policies
• B. Microsoft Azure Active Directory (Azure AD) conditional access policies
• C. Security & Compliance supervision policies
• D. Security & Compliance data loss prevention (DIP) policies

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

NEW QUESTION 6
HOTSPOT
You purchase a new Microsoft 365 subscription.
You create 100 users who are assigned Microsoft 365 E3 licenses. From the Security & Compliance admin center, you enable auditing.
Six months later, a manager sends you an email message asking the following questions: Question1: Who created a team named Team1 14 days ago?
Question2: Who signed in to the mailbox of User1 30 days ago?
Question3: Who changed the site collection administrators of a site 60 days ago?
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliaHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance?redirectSourcePath=%2farticle%2f0d4d0f35-390b-4518-800e-0c7ec95e946c"nce/search-the-audit-log-in-security-and-compliance?redirectSourcePath=%252farticle%252f0d4d0f35-390b-4518-800e-0c7ec95e946c
https://docs.microsoft.com/HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing"en-us/office365/securitycompliance/enable-mailbox-auditing

NEW QUESTION 7
You need to protect the U.S. PII data to meet the technical requirements. What should you create?

• A. a data loss prevention (DLP) policy that contains a domain exception
• B. a Security & Compliance retention policy that detects content containing sensitive data
• C. a Security & Compliance alert policy that contains an activity
• D. a data loss prevention (DLP) policy that contains a user override

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/create-activity-alerts

NEW QUESTION 8
HOTSPOT
You have a document in Microsoft OneDrive that is encrypted by using Microsoft Azure Information Protection as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protection

NEW QUESTION 9
HOTSPOT
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You have three applications named App1, App2, and App3 that have the same file format.
Your company uses Windows Information Protection (WIP). WIP has the following configurations: Windows Information Protection mode: Silent
Protected apps: App1 Exempt apps: App2
From App1, you create a file named File1.
What is the effect of the configurations? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 10
HOTSPOT
You have a new Microsoft 365 subscription.
A user named User1 has a mailbox in Microsoft Exchange Online.
You need to log any changes to the mailbox folder permissions of User1.
Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://support.microsoft.com/en-us/help/4026501/office-auditing-in-office-365-for-admins https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set- mailbox?view=exchange-ps

NEW QUESTION 11
You need to recommend a solution for the security administrator. The solution must meet the technical
requirements.
What should you include in the recommendation?

• A. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management
• B. Microsoft Azure Active Directory (Azure AD) Identity Protection
• C. Microsoft Azure Active Directory (Azure AD) conditional access policies
• D. Microsoft Azure Active Directory (Azure AD) authentication methods

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/untrusted-networks

NEW QUESTION 12
HOTSPOT
You need to configure a conditional access policy to meet the compliance requirements. You add Exchange Online as a cloud app.
Which two additional settings should you configure in Policy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 13
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it As a result these questions will not appear In the review screen.
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You create an Azure Advanced Threat Protection (ATP) workspace named Workspace1. The tenant contains users shown in the following table.

You need to modify the configuration of the Azure ATP sensors.
Solution: You instruct User1 to modify the Azure ATP sensor configuration. Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 14
HOTSPOT
You have a data loss prevention (DIP) policy.
You need to increase the likelihood that the DLP policy will apply to data that contains medical terms from the International Classification of Diseases (ICD-9-CM). The solution must minimize the number of false positives.
Which two settings should you modify? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies https://docs.microsoft.com/en-us/office365/securitycompliance/what-the-sensitive-inHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/what-the-sensitive-information-types-look-for#international-classification-of-diseases-icd-9-cm"formation-types-look-for#international-classification-of-diseases-icd-9-cm

NEW QUESTION 15
HOTSPOT
You have a Microsoft 365 tenant.
You plan to create a retention policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 16
You have a Microsoft 365 subscription that contains a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
In the tenant, you create a user named User1.
You need to ensure that User1 can publish retention labels from the Security & Compliance admin center. The solution must use the principle of least privilege.
To which role group should you add User1?

• A. Security Administrator
• B. Records Management
• C. Compliance Administrator
• D. eDiscovery Manager

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/file-plan-manager

NEW QUESTION 17
You plan to use the Security & Compliance admin center to import several PST files into Microsoft 365 mailboxes.
Which three actions should you perform before you import the data? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. From the Exchange admin center, create a public folder.
• B. Copy the PST files by using AzCopy.
• C. From the Exchange admin center, assign admin roles.
• D. From the Microsoft Azure portal, create a storage account that has a blob container.
• E. From the Microsoft 365 admin center, deploy an add-in.
• F. Create a mapping file that uses the CSV file format.

Answer: BCF

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/use-network-upload-to-import-pst- files

NEW QUESTION 18
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are deploying Microsoft Intune.
You successfully enroll Windows 10 devices in Intune.
When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune.
Solution: You add your user account as a device enrollment manager. Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 19
You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User 1. You need to preserve a copy of all the email messages that contain the word Project X.
WDM should you do?

• A. From the Security & Compliance admin center, create an eDiscovery case.
• B. From the Exchange admin center, create a mail now rule.
• C. From the Security fit Compliance adman center, start a message trace.
• D. From Microsoft Cloud App Security, create an access policy.

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/ediscovery-cases#step-2-create-a-new-case

NEW QUESTION 20
HOTSPOT
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.

The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-tHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of- role-groups-to-assigned-roles"o-assigned-roles

NEW QUESTION 21
On which server should you install the Azure ATP sensor?

• A. Server 1
• B. Server 2
• C. Server 3
• D. Server 4
• E. Server 5

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-capacity-planning

NEW QUESTION 22
You have a Microsoft 365 subscription.
You need to investigate user activity in Microsoft 365, including from where users signed in, which applications were used, and increases in activity during the past month. The solution must minimize administrative effort.
Which admin center should you use?

• A. Azure ATP
• B. Security & Compliance
• C. Cloud App Security
• D. Flow

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

NEW QUESTION 23
......