Skip Navigation Links
 

Microsoft - MS-101: Microsoft 365 Mobility and Security

Sample Questions

Question: 316
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

Note: This question requires that you evaluate the underlined text to determine if it is correct.

Your company’s Microsoft 365 subscription includes a Microsoft Azure Active Directory (Azure AD) tenant.

To make sure that a tenant user has the ability to publish retention labels from the Compliance admin center using the minimum permissions necessary, you should assign the user the Global Administrator role.

(Instructions: )Review the underlined text. If it makes the statement correct, select "No change is needed". If the statement is incorrect, select the answer choice that makes the statement correct.)

ANo change is needed
B Records Management
C Compliance Administrator
D Compliance Data Administrator

Correct answer: C

Explanation:

When you publish retention labels, they're included in a retention label policy that makes them available for admins and users to apply to content.

  1. A single retention label can be included in multiple retention label policies.

  2. Retention label policies specify the locations to publish the retention labels. The same location can be included in multiple retention label policies.

Members of your compliance team who will create and manage retention policies and retention labels need permissions to the Microsoft 365 compliance center. By default, the tenant admin (global administrator) has access to this location and can give compliance officers and other people access without giving them all the permissions of a tenant admin. To grant permissions for this limited administration, Microsoft recommends that you add users to the Compliance Administrator admin role group.

Alternatively to using this default role, you can create a new role group and add the Retention Management role to this group. For a read-only role, use View-Only Retention Management.

Note: The Exchange administrator role Records Management allows a user to manage Exchange retention tags, but not Microsoft 365 retention labels.

References:

Learn about retention policies and retention labels

Permissions required to create and manage retention policies and retention labels



Question: 317
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

Your company has a Microsoft 365 subscription. User email is stored in Microsoft Exchange Online.

You have been instructed to keep a copy of all email messages that includes a specific word in the mailbox of a specified user.

Which of the following actions should you take from the Microsoft 365 Compliance admin center?

AYou should create a label and a label policy.
B You should create a mail flow rule.
C You should configure an in-place hold.
D You should configure a retention policy.

Correct answer: C

Explanation:

This question provides two correct answer options (A and C).

We can either create a retention label and use a retention policy to automatically apply the label to content in Exchange that contains the specific word, or we can create an in-place hold (also known as a compliance archive) that only keeps those items within the mailbox containing the specific word.

Auto-labeling policies can be applied to many locations in Microsoft 365. In-place hold is a feature of Exchange and the appropriate solution for this scenario.

Note:

A retention policy (answer D) allows all content to be kept in specific locations. Retaining content that contains certain words or meets certain criteria is not possible using retention policies.

References:

Learn about retention policies and retention labels

Create or remove an In-Place Hold



Question: 318
Measured Skill: Implement Microsoft 365 Security and Threat Management (20-25%)

Your company has a Microsoft 365 subscription in which you have just configured a Microsoft SharePoint Online tenant.

You are planning to create an alert policy that only produces an alert when malware is discovered in 6 or more documents stored in SharePoint Online over a 10-minute cycle.

What should you do first?

AYou should enable Microsoft Office 365 Cloud App Security.
B You should deploy Microsoft Defender for Endpoint.
C You should create a data loss prevention (DLP) policy.
D You should upgrade the Microsoft 365 subscription.
E You should create the alert policy without any preparations.

Correct answer: E

Explanation:

Microsoft 365 uses a common virus detection engine for scanning files that users upload to SharePoint Online, OneDrive, and Microsoft Teams. This protection is included with all subscriptions that include SharePoint Online, OneDrive, and Microsoft Teams.



Reference: Built-in virus protection in SharePoint Online, OneDrive, and Microsoft Teams



Question: 319
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

Note: This question is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.

Your company has a Microsoft 365 subscription, with a data loss prevention (DLP) policy configured.

You discover that users are erroneously flagging content as false positive and circumventing the DLP policy.

You want to make sure that the DLP policy is not circumvented.

Solution: You configure an alert policy.

Does this meet the goal?

AYes
B No

Correct answer: B

Explanation:

You can use notifications and overrides to educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification.

The email can notify the person who sent, shared, or last modified the content and, for site content, the primary site collection administrator and document owner. In addition, you can add or remove whomever you choose from the email notification.

In addition to sending an email notification, a user notification displays a policy tip:

  • In Outlook and Outlook on the web.

  • For the document on a SharePoint Online or OneDrive for Business site.

  • In Excel, PowerPoint, and Word, when the document is stored on a site included in a DLP policy.

The email notification and policy tip explain why content conflicts with a DLP policy. If you choose, the email notification and policy tip can allow users to override a rule by reporting a false positive or providing a business justification. This can help you educate users about your DLP policies and enforce them without preventing people from doing their work. Information about overrides and false positives is also logged for reporting (see below about the DLP reports) and included in the incident reports (next section), so that the compliance officer can regularly review this information.

In order to prevent users from circumventing the DLP policy, we should disable User overrides from the policy settings.

Reference: Data loss prevention reference



Question: 320
Measured Skill: Manage Microsoft 365 Governance and Compliance (35-40%)

Note: This question is part of a series of questions that present the same scenario. Each questions in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.

Your company has a Microsoft 365 subscription, with a data loss prevention (DLP) policy configured.

You discover that users are erroneously flagging content as false positive and circumventing the DLP policy.

You want to make sure that the DLP policy is not circumvented.

Solution: You configure incident reports.

Does this meet the goal?

AYes
B No

Correct answer: B

Explanation:

You can use notifications and overrides to educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification.

The email can notify the person who sent, shared, or last modified the content and, for site content, the primary site collection administrator and document owner. In addition, you can add or remove whomever you choose from the email notification.

In addition to sending an email notification, a user notification displays a policy tip:

  • In Outlook and Outlook on the web.

  • For the document on a SharePoint Online or OneDrive for Business site.

  • In Excel, PowerPoint, and Word, when the document is stored on a site included in a DLP policy.

The email notification and policy tip explain why content conflicts with a DLP policy. If you choose, the email notification and policy tip can allow users to override a rule by reporting a false positive or providing a business justification. This can help you educate users about your DLP policies and enforce them without preventing people from doing their work. Information about overrides and false positives is also logged for reporting (see below about the DLP reports) and included in the incident reports (next section), so that the compliance officer can regularly review this information.

In order to prevent users from circumventing the DLP policy, we should disable User overrides from the policy settings.

Reference: Data loss prevention reference





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2021 by cert2brain.com