Skip Navigation Links
 

Microsoft - MS-900: Microsoft 365 Fundamentals

Sample Questions

Question: 430
Measured Skill: Explain security, compliance, privacy, and trust in Microsoft 365 (30-35%)

A company is evaluating Microsoft 365 identity and access management solutions.

You need to describe the differences between user- and system-assigned managed identity solutions.

Which managed identities should you describe?

(To answer, drag the appropriate managed identities to the correct descriptions. Each managed identity may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ADeleted only when the parent Azure resource is deleted: User-assigned
Independent of any resource and must be explicitly deleted: System-assigned
Can be used only with a single Azure resource and is not shared with other resources: System-assigned
Can be used with multiple Azure resources and can be shared with other resources: User-assigned
B Deleted only when the parent Azure resource is deleted: System-assigned
Independent of any resource and must be explicitly deleted: User-assigned
Can be used only with a single Azure resource and is not shared with other resources: User-assigned
Can be used with multiple Azure resources and can be shared with other resources: System-assigned
C Deleted only when the parent Azure resource is deleted: System-assigned
Independent of any resource and must be explicitly deleted: User-assigned
Can be used only with a single Azure resource and is not shared with other resources: System-assigned
Can be used with multiple Azure resources and can be shared with other resources: User-assigned
D Deleted only when the parent Azure resource is deleted: System-assigned
Independent of any resource and must be explicitly deleted: System-assigned
Can be used only with a single Azure resource and is not shared with other resources: User-assigned
Can be used with multiple Azure resources and can be shared with other resources: User-assigned

Correct answer: C

Explanation:

A common challenge for developers is the management of secrets, credentials, certificates, and keys used to secure communication between services. Managed identities eliminate the need for developers to manage these credentials.

There are two types of managed identities:

  • System-assigned. Some Azure resources, such as virtual machines allow you to enable a managed identity directly on the resource. When you enable a system-assigned managed identity:

    • A service principal of a special type is created in Microsoft Entra ID for the identity. The service principal is tied to the lifecycle of that Azure resource. When the Azure resource is deleted, Azure automatically deletes the service principal for you.
    • By design, only that Azure resource can use this identity to request tokens from Microsoft Entra ID.
    • You authorize the managed identity to have access to one or more services.
    • The name of the system-assigned service principal is always the same as the name of the Azure resource it is created for. For a deployment slot, the name of its system-assigned identity is <app-name>/slots/<slot-name>.
  • User-assigned. You may also create a managed identity as a standalone Azure resource. You can create a user-assigned managed identity and assign it to one or more Azure Resources. When you enable a user-assigned managed identity:

    • A service principal of a special type is created in Microsoft Entra ID for the identity. The service principal is managed separately from the resources that use it.
    • User-assigned identities can be used by multiple resources.
    • You authorize the managed identity to have access to one or more services.

Reference: What are managed identities for Azure resources?



Question: 431
Measured Skill: Explain security, compliance, privacy, and trust in Microsoft 365 (30-35%)

A company plans to use Microsoft Defender XDR.

You need to identify the tools that support the Microsoft Defender XDR features.

Which tool should you identify?

(To answer, drag the appropriate tools to the correct features. Each tool may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AA group of alerts when suspicious or malicious activity is detected: Incidents
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity: Advanced hunting
A measure of the security posture of the company's apps, devices, data, and identities: Secure Score
B A group of alerts when suspicious or malicious activity is detected: Incidents
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity: Advanced hunting
A measure of the security posture of the company's apps, devices, data, and identities: Threat analytics
C A group of alerts when suspicious or malicious activity is detected: Advanced hunting
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity: Incidents
A measure of the security posture of the company's apps, devices, data, and identities: Threat analytics
D A group of alerts when suspicious or malicious activity is detected: Advanced hunting
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity:
A measure of the security posture of the company's apps, devices, data, and identities: Secure Score
E A group of alerts when suspicious or malicious activity is detected: Threat analytics
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity: Secure Score
A measure of the security posture of the company's apps, devices, data, and identities: Advanced hunting
F A group of alerts when suspicious or malicious activity is detected: Secure Score
A query-based tool that lets administrators search raw data for threats, malware, and malicious activity: Advanced hunting
A measure of the security posture of the company's apps, devices, data, and identities: Incidents

Correct answer: A

Explanation:

An incident in Microsoft Defender XDR is a collection of correlated alerts and associated data that make up the story of an attack.

Microsoft Secure Score is a measurement of an organization's security posture, with a higher number indicating more recommended actions taken. It can be found at Microsoft Secure Score in the Microsoft Defender portal.

Threat analytics is designed to assist security teams to be as efficient as possible while facing emerging threats, such as:

  • Active threat actors and their campaigns
  • Popular and new attack techniques
  • Critical vulnerabilities
  • Common attack surfaces
  • Prevalent malware

Advanced hunting is a query-based threat hunting tool that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. The flexible access to data enables unconstrained hunting for both known and potential threats.

References:

Incident response with Microsoft Defender XDR

Microsoft Secure Score

Threat analytics in Microsoft Defender XDR

Proactively hunt for threats with advanced hunting in Microsoft Defender XDR



Question: 432
Measured Skill: Describe core Microsoft 365 services and concepts (30-35%)

A company is evaluating Microsoft 365.

You need to identify the capabilities of Microsoft Exchange.

Which feature should you identify?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AAn email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Shared mailbox
An email sent to this entity will be delivered to the entity and has a calendar: Distribution list
B An email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Shared mailbox
An email sent to this entity will be delivered to the entity and has a calendar: Mail contact
C An email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Distribution list
An email sent to this entity will be delivered to the entity and has a calendar: Shared mailbox
D An email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Distribution list
An email sent to this entity will be delivered to the entity and has a calendar: Mail contact
E An email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Equipment mailbox
An email sent to this entity will be delivered to the entity and has a calendar: Distribution list
F An email sent to this entity will be delivered to individual users associated with the entity and does not have a calendar: Equipment mailbox
An email sent to this entity will be delivered to the entity and has a calendar: Shared mailbox

Correct answer: C

Explanation:

Shared mailboxes are used when multiple people need access to the same mailbox, such as a company information or support email address, reception desk, or other function that might be shared by multiple people. Users with permissions to the group mailbox can send as or send on behalf of the mailbox email address if the administrator has given that user permissions to do that. 

A mail contact contains information about a person who's outside of your Exchange Online organization. A mail contact has an external email address, but the mail contact is visible in your organization's shared address book (also known as the global address list or GAL) and other address lists.

An equipment mailbox is a type of resource mailbox that's assigned to a resource that's not location-specific, such as a portable computer, projector, microphone, or a company car. Equipment mailboxes can be included as resources in meeting requests.
Manage resource mailboxes

Distribution groups (also known as distribution lists) provide a single point of contact for delivering email to the members of the group.

Reference: Recipients in Exchange Online



Question: 433
Measured Skill: Describe core Microsoft 365 services and concepts (30-35%)

A company plans to implement Microsoft 365 Apps.

The company has the following productivity requirements:
  • Provide feedback on a presenter's body language.
  • Provide recommendations on spelling and grammar.
You need to recommend the Microsoft 365 feature for each requirement.

Which features should you recommend?

(To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AFeedback on a presenter's body language: Speaker Coach
Recommendations on spelling and grammar: Microsoft Researcher
B Feedback on a presenter's body language: Speaker Coach
Recommendations on spelling and grammar: Microsoft Editor
C Feedback on a presenter's body language: Microsoft Editor
Recommendations on spelling and grammar: PowerPoint Designer
D Feedback on a presenter's body language: Microsoft Researcher
Recommendations on spelling and grammar: Speaker Coach
E Feedback on a presenter's body language: Microsoft Researcher
Recommendations on spelling and grammar: Microsoft Editor
F Feedback on a presenter's body language: PowerPoint Designer
Recommendations on spelling and grammar: Microsoft Researcher

Correct answer: B

Explanation:

Speaker Coach provides private, personalized insight into how you spoke during your meeting or presentation, as well as a summary afterwards. Live insights are only seen by you and are not saved in recorded meeting transcripts.

Speaker Coach helps you prepare in private to give more effective presentations.

Speaker Coach evaluates your pacing, pitch, your use of filler words, informal speech, euphemisms, and culturally sensitive terms, and it detects when you're being overly wordy or are simply reading the text on a slide.

After each rehearsal, you get a report that includes statistics and suggestions for improvements.

Microsoft Editor is a free browser extension that includes a grammar checker to improve your writing, catch mistakes, and use best practices to write like a pro.

References:

Preview: Speaker Coach in Microsoft Teams meetings

Rehearse your slide show with Speaker Coach

Microsoft Editor grammar checker



Question: 434
Measured Skill: Describe core Microsoft 365 services and concepts (30-35%)

A company plans to use Microsoft 365 to deploy devices.

The company has the following deployment requirements:
  • Sales users must use a deployment process that will customize the out-of-box experience (OOBE) for Windows devices.
  • Kiosk devices must use a package that contains all the configurations, settings, and apps that apply to the devices. The kiosk devices are not connected to the internet.
You need to identify which tool to use to deploy the devices.

Which tool should you use?

(To answer, drag the appropriate tools to the correct devices. Each tool may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ASales: Windows Autopilot
Kiosk: Windows 365 Business
B Sales: Windows Autopilot
Kiosk: Windows Imaging and Configuration Designer (ICD)
C Sales: Windows 365 Business
Kiosk: Windows Insider Program
D Sales: Windows 365 Enterprise
Kiosk: Windows Imaging and Configuration Designer (ICD)
E Sales: Windows Insider Program
Kiosk: Windows Autopilot
F Sales: Windows Imaging and Configuration Designer (ICD)
Kiosk: Windows 365 Enterprise

Correct answer: B

Explanation:

Windows Autopilot is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use. Windows Autopilot can be used to deploy Windows PCs or HoloLens 2 devices.

You can also use Windows Autopilot to reset, repurpose, and recover devices. This solution enables an IT department to achieve these goals with little to no infrastructure to manage, with a process that's easy and simple.

Windows Configuration Designer can create provisioning packages for Windows client desktop, including Windows IoT Core, Microsoft Surface Hub, and Microsoft HoloLens. 

A provisioning package (.ppkg) is a container for a collection of configuration settings. With Windows client, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image.

Provisioning packages are simple enough that with a short set of written instructions, a student, or non-technical employee can use them to configure their device. It can result in a significant reduction in the time required to configure multiple devices in your organization.

References:

Overview of Windows Autopilot

Install Windows Configuration Designer, and learn about any limitations

Provisioning packages for Windows





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2024 by cert2brain.com