MS-100 Test 2
Your company's Microsoft 365 subscription is your responsibility.
The corporation implements a security policy requiring DLP incident reports to be provided to legal department users automatically.
You must set up the reports to be distributed as frequently as possible via email.
Which of the following options should you choose?
Correct!
Wrong!
The correct answer:
Weekly
You used the Security & Compliance admin center to upload a number of archive PST files to Microsoft 365 earlier.
You discover that the PST files have been removed from Microsoft 365 45 days later when you try to run an import job for them.
Which of the following is the amount of days Microsoft 365 keeps PST files before automatically deleting them?
Correct!
Wrong!
The correct answer:
30 days
You are a subscriber to Microsoft 365 E5.
When users attempt to access Microsoft SharePoint Online resources, you must guarantee that they are prompted for multi-factor authentication (MFA). When attempting to access other Microsoft 365 services, users should not be requested for MFA.
What are your options?
Correct!
Wrong!
The correct answer:
Create a conditional access policy in the Azure Active Directory admin center
You're a subscriber to Microsoft 365.
In the subscription, you recently configured a Microsoft SharePoint Online tenant.
You intend to create a policy for alerts.
You must guarantee that an alert is generated only if malware is found in more than five SharePoint Online documents in a 10-minute period.
What should you start with?
Correct!
Wrong!
The correct answer:
Deploy Windows Defender Advanced Threat Protection (Windows Defender ATP)
You're a subscriber to Microsoft 365.
A data loss prevention (DLP) policy is set up.
Users are wrongly tagging content as false positive, allowing the DLP policy to be bypassed.
You must prevent users from circumventing the DLP policy.
What should you set up?
Correct!
Wrong!
The correct answer:
user overrides
Contoso.com is an on-premises Active Directory domain on your network. There are 1,000 Windows 10 devices on the domain.
You deploy Windows Defender Advanced Threat Protection (ATP) for 10 test devices as a proof of concept (PoC). You configure Windows Defender ATP-related data to be stored in the United States during the onboarding process.
In Europe, you want to connect all devices to Windows Defender ATP data.
What should you start with?
Correct!
Wrong!
The correct answer:
Offboard the test devices
TPT Limited has one Active Directory domain and two Microsoft Azure Active Directory (Azure AD) tenants on its network. TPT Limited's administrator, Robert, is working on directory synchronization for both Azure AD tenants. Some Active Directory users will be present in each tenant.
What should the solution for the next directory synchronization contain?
Correct!
Wrong!
The correct answer:
Deploy two Azure AD Connect servers, and then utilize organizational unit (OU)-based filtering to filter the users for each tenant.
TPT Limited has a Microsoft 365 subscription and a testpreptraining.com Azure Active Directory (Azure AD) tenant with Azure AD Identity Protection enabled. The tenant has a user named User1 who should be able to check the list of users who have been flagged for risk in Azure AD Identity Protection.
<br?
According to the concept of least privilege, which role should be provided to User1?
Correct!
Wrong!
The correct answer:
Security reader
You're a Microsoft 365 subscriber.
App1 is a line-of-business application that users can access through the My Apps site.
You utilize Conditional Access App Control to set a conditional access policy for App1 after some recent security breaches.
If App1 detects impossible travel for a user, you must be notified via email. The solution must ensure that only App1 generates alerts.
What are your options?
Correct!
Wrong!
The correct answer:
Modify the impossible travel alert policy in Microsoft Cloud App Security.
