Skip Navigation Links
 

Microsoft - MS-101: Microsoft 365 Mobility and Security

Sample Questions

Question: 232
Measured Skill:

You work as an administrator for a company. Your company has digitally signed applications.

You need to ensure that Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) considers the digitally signed applications safe and never analyzes them.

What should you create in the Microsoft Defender Security Center?

AA custom detection rule
B An automation folder exclusion
C An alert suppression rule
D An indicator

Correct answer: D

Explanation:

We can create an indicator based on the certificate that was used to sign the applications.

Alternatively, we can create an indicator based on the file hash. With this variant, however, a separate indicator would have to be created for each application.

Reference: Create indicators based on certificates

Question: 233
Measured Skill: Implement Modern Device Services (30-35%)

You have a Microsoft 365 subscription that contains the users in the following table.



In Microsoft Endpoint Manager, you create two device type restrictions that have the settings shown in the following table.



In Microsoft Endpoint Manager, you create three device limit restrictions that have the settings shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AUser1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: Yes
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: Yes
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: Yes
B User1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: Yes
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: Yes
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: No
C User1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: Yes
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: No
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: Yes
D User1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: No
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: Yes
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: No
E User1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: No
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: No
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: Yes
F User1 can enroll up to 10 Windows devices in Microsoft Endpoint Manager: No
User2 can enroll up to 10 iOS devices in Microsoft Endpoint Manager: No
User3 can enroll up to five Android devices in Microsoft Endpoint Manager: No

Correct answer: C

Explanation:

If multiple device type or multiple device limit restrictions are assigned to a user, the restriction with the highest priority (highest value) is applied.

User1 is a member of Group1. Group1 has assigned the device type restriction TypeRest1 (Android and Windows devices) and the device limit restriction LimitRest2 (10 devices). User1 can register a maximum of 10 Windows devices.

User1 is a member of Group1. Group1 has assigned the device type restriction TypeRest1 (Android and Windows devices) and the device limit restrictions LimitRest1 (7 devices) and LimitRest2 (10 devices). LimitRest1 has the higher priority. User1 can register a maximum of 7 Android or Windows devices.

User3 is a member of Group3. Group3 has not assigned a device type restriction. The standard device type restrictions apply (all platforms allowed). In addition, the device limit restriction DevicesLimit3 (5 devices) is applied. User3 can register a maximum of 5 devices of any type.

Question: 234
Measured Skill: Implement Modern Device Services (30-35%)

You have a Microsoft 365 E5 subscription. Users have the devices shown in the following table.



On which devices can you manage apps by using app configuration policies in Microsoft Endpoint Manager?

ADevice1, Device4, and Device6
B Device2, Device3, and Device5
C Device1, Device2, Device3, and Device6
D Device1, Device2, Device4, and Device5

Correct answer: C

Explanation:

App configuration policies can help you eliminate app setup up problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don't need to take action. The configuration settings are unique for each app.

You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps. These configuration settings allow an app to be customized by using app configuration and management. The configuration policy settings are used when the app checks for these settings, typically the first time the app is run.

An app configuration setting, for example, might require you to specify any of the following details:

  • A custom port number
  • Language settings
  • Security settings
  • Branding settings such as a company logo

If end-users were to enter these settings instead, they could do this incorrectly. App configuration policies can help provide consistency across an enterprise and reduce helpdesk calls from end-users trying to configure settings on their own. By using app configuration policies, the adoption of new apps can be easier and quicker.

Reference: App configuration policies for Microsoft Intune



Question: 235
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

You have a Microsoft 365 subscription that links to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

A user named User1 stores documents in Microsoft OneDrive.

You need to place the contents of User1's OneDrive account on an eDiscovery hold.

Which URL should you use for the eDiscovery hold?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

Ahttps://onedrive.live.com/user1
B https://contoso.onmicrosoft.com/contoso_onmicrosoft_com/user1
C https://contoso.onmicrosoft.com/user1
D https://contoso.sharepoint.com/personal/user1_contoso_onmicrosoft_com
E https://contoso.sharepoint.com/sites/user1
F https://contoso-my.sharepoint.com/personal/user1_contoso_onmicrosoft_com

Correct answer: F

Explanation:

You can use a Core eDiscovery case to create holds to preserve content that might be relevant to the case. You can place a hold on the Exchange mailboxes and OneDrive for Business accounts of people you're investigating in the case. You can also place a hold on the mailboxes and sites that are associated with Microsoft Teams, Office 365 Groups, and Yammer Groups. When you place content locations on hold, content is preserved until you remove the hold from the content location or until you delete the hold.

After you create an eDiscovery hold, it may take up to 24 hours for the hold to take effect.

When you create a hold, you have the following options to scope the content that is preserved in the specified content locations:

  • You create an infinite hold where all content in the specified locations is placed on hold. Alternatively, you can create a query-based hold where only the content in the specified locations that matches a search query is placed on hold.

  • You can specify a date range to preserve only the content that was sent, received, or created within that date range. Alternatively, you can hold all content in specified locations regardless of when it was sent, received, or created.

The URL for a user's OneDrive account includes their user principal name (UPN). For example:

https://alpinehouse-my.sharepoint.com/personal/sarad_alpinehouse_onmicrosoft_com

In the rare case that a person's UPN is changed, their OneDrive URL will also change to incorporate the new UPN. If a user's OneDrive account is part of an eDiscovery hold, old and their UPN is changed, you need to update the hold and you'll have to update the hold and add the user's new OneDrive URL and remove the old one. 

Reference: Create an eDiscovery hold



Question: 236
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

You have a Microsoft 365 subscription. In the Exchange admin center, you have a data loss prevention (DLP) policy named Policy1 that has the following configurations:
  • Block emails that contain financial data.
  • Display the following policy tip text: Message blocked.
From the Security & Compliance admin center, you create a DLP policy named Policy2 that has the following configurations:
  • Use the following location: Exchange email.
  • Display the following policy tip text: Message contains sensitive data.
  • When a user sends an email, notify the user if the email contains health records.
What is the result of the DLP policies when the user sends an email?

(To answer, drag the appropriate results to the correct scenarios. Each result may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AWhen the user sends an email that contains financial data and health record: The email will be blocked, and the user will receive the policy tip: Message conatins sensitive data.
When the user sends an email that contains only financial data: The email will be allowed, and the user will receive the policy tip: Message conatins sensitive data.
B When the user sends an email that contains financial data and health record: The email will be blocked, and the user will receive the policy tip: Message blocked.
When the user sends an email that contains only financial data: The email will be allowed, and the user will receive the policy tip: Message conatins sensitive data.
C When the user sends an email that contains financial data and health record: The email will be allowed, and the user will receive the policy tip: Message conatins sensitive data.
When the user sends an email that contains only financial data: The email will be allowed, and a message policy tip will NOT be displayed.
D When the user sends an email that contains financial data and health record: The email will be allowed, and a message policy tip will NOT be displayed.
When the user sends an email that contains only financial data: The email will be allowed, and the user will receive the policy tip: Message conatins sensitive data.
E When the user sends an email that contains financial data and health record: The email will be blocked, and the user will receive the policy tip: Message blocked.
When the user sends an email that contains only financial data: The email will be blocked, and the user will receive the policy tip: Message conatins sensitive data.
F When the user sends an email that contains financial data and health record: The email will be allowed, and the user will receive the policy tip: Message blocked.
When the user sends an email that contains only financial data: The email will be blocked, and the user will receive the policy tip: Message conatins sensitive data.

Correct answer: B

Explanation:

In Office 365, you can create a data loss prevention (DLP) policy in two different admin centers:

  • In the Security & Compliance Center, you can create a single DLP policy to help protect content in SharePoint, OneDrive, Exchange, and now Microsoft Teams. When possible, we recommend that you create a DLP policy here.

  • In the Exchange admin center, you can create a DLP policy to help protect content only in Exchange. This policy can use Exchange mail flow rules (also known as transport rules), so it has more options specific to handling email.

How DLP in the Security & Compliance Center works with DLP and mail flow rules in the Exchange admin center

After you create a DLP policy in the Security & Compliance Center, the policy is deployed to all of the locations included in the policy. If the policy includes Exchange Online, the policy's synced there and enforced in exactly the same way as a DLP policy created in the Exchange admin center.

If you've created DLP policies in the Exchange admin center, those policies will continue to work side by side with any policies for email that you create in the Security & Compliance Center. But note that rules created in the Exchange admin center take precedence. All Exchange mail flow rules are processed first, and then the DLP rules from the Security & Compliance Center are processed.

This means that:

  • Messages that are blocked by Exchange mail flow rules won't get scanned by DLP rules created in the Security & Compliance Center.

  • If an Exchange mail flow rule modifies a message in a way that causes it to match a DLP policy in the Security & Compliance Center - such as adding external users - then the DLP rules will detect this and enforce the policy as needed.

Also note that Exchange mail flow rules that use the "stop processing" action don't affect the processing of DLP rules in the Security & Compliance Center - they'll still be processed.

Policy tips in the Security & Compliance Center vs. the Exchange admin center

Policy tips can work either with DLP policies and mail flow rules created in the Exchange admin center, or with DLP policies created in the Security & Compliance Center, but not both. This is because these policies are stored in different locations, but policy tips can draw only from a single location.

If you've configured policy tips in the Exchange admin center, any policy tips that you configure in the Security & Compliance Center won't appear to users in Outlook on the web and Outlook 2013 and later until you turn off the tips in the Exchange admin center. This ensures that your current Exchange mail flow rules will continue to work until you choose to switch over to the Security & Compliance Center.

Note that while policy tips can draw only from a single location, email notifications are always sent, even if you're using DLP policies in both the Security & Compliance Center and the Exchange admin center.

Reference: How DLP works between the Security & Compliance Center and Exchange admin center





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2020 by cert2brain.com