You have a Microsoft 365 subscription.
You have the retention policies shown in the following table.
 
Both policies are applied to a Microsoft SharePoint site named Site1 that contains a file named File1.docx.
File1.docx was created on January 1, 2022 and last modified on January 31,2022. The file was NOT modified again.
When will File1.docx be deleted automatically?

A. January 1, 2023

B. January 1, 2024

C. January 31, 2023

D. January 31, 2024

E. never

You have a Microsoft 365 E5 subscription.
You need to compare the current Safe Links configuration to the Microsoft recommended configurations.
What should you use?

A. Microsoft Purview

B. Azure AD Identity Protection

C. Microsoft Secure Score

D. the configuration analyzer

You have a Microsoft 365 E5 subscription.
You onboard all devices to Microsoft Defender for Endpoint.
You need to use Defender for Endpoint to block access to a malicious website at www.contoso.com.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct answer is worth one point.

A. Create a web content filtering policy.

B. Enable Custom network indicators.

C. Enable automated investigation.

D. Create an indicator.

E. Configure an enforcement scope.

HOTSPOT -
You have a Microsoft 365 subscription that contains the users shown in the following table.
 
You need to configure a dynamic user group that will include the guest users in any department that contains the word Support.
How should you complete the membership rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT -
You have a Microsoft 365 subscription.
You deploy the anti-phishing policy shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

Your network contains an Active Directory domain named adatum.com that is synced to a Microsoft Entra tenant.
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?

A. From Windows PowerShell on a domain controller, run the Get-ADUser and Set-ADUser cmdlets.

B. From Azure Cloud Shell, run the Get-MgUser and Update-MgUser cmdlets.

C. From the Microsoft Entra admin center, select all the Microsoft Entra users, and then use the User settings blade.

D. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.

DRAG DROP
-
Your company has an Azure AD tenant named contoso.onmicrosoft.com.
You purchase a domain named contoso.com from a registrar and add all the required DNS records.
You create a user account named User1. User1 is configured to sign in as
user1@contoso.onmicrosoft.com
.
You need to configure User1 to sign in as
user1@contoso.com
.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 

HOTSPOT
-
You have a Microsoft 365 E5 subscription.
You create a Conditional Access policy named Policy1 and assign Policy1 to all users.
You need to configure Policy1 to enforce multi-factor authentication (MFA) if the user risk level is high.
Which two settings should you configure in Policy1? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
You notice that it takes several days to notify email recipients when an incoming email message is marked as spam, and then quarantined.
You need to ensure that the email recipients are notified within 24 hours.
What should you do?

A. Modify the default inbound anti-spam policy.

B. Modify the DefaultFullAccessPolicy quarantine policy.

C. Add a custom quarantine policy.

D. Modify the global settings for quarantine policies.

You have a Microsoft 365 E5 tenant.
You create an auto-labeling policy to encrypt emails that contain a sensitive info type. You specify the locations where the policy will be applied.
You need to deploy the policy.
What should you do first?

A. Run the policy in simulation mode.

B. Turn on co-authoring for files with sensitivity labels.

C. Review the sensitive information in Activity explorer.

D. Turn on the policy.

Your network contains three Active Directory forests. There are forests trust relationships between the forests.
You create an Azure AD tenant.
You plan to sync the on-premises Active Directory to Azure AD.
You need to recommend a synchronization solution. The solution must ensure that the synchronization can complete successfully and as quickly as possible if a single server fails.
What should you include in the recommendation?

A. one Azure AD Connect sync server and one Azure AD Connect sync server in staging mode

B. three Azure AD Connect sync servers and one Azure AD Connect sync server in staging mode

C. six Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode

D. three Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table.
 
You configure Azure AD Connect to sync contoso.com to Azure AD.
Which objects will sync to Azure AD?

A. Group1 only

B. User1 and User2 only

C. Group1 and User1 only

D. Group1, User1, and User2

You have a Microsoft 365 subscription that contains the alerts shown in the following table.
 
Which properties of the alerts can you modify?

A. Status only

B. Status and Comment only

C. Status and Severity only

D. Status, Severity, and Comment only

E. Status, Severity, Comment and Category

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the Teams Administrator role.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Intune.
Devices are onboarded by using Microsoft Defender for Endpoint.
You plan to block devices based on the results of the machine risk score calculated by Microsoft Defender for Endpoint.
What should you create first?

A. a device configuration policy

B. a device compliance policy

C. a conditional access policy

D. an endpoint detection and response policy

You have a Microsoft 365 E5 subscription that contains the groups shown in the following exhibit.
 
To which groups can you assign Microsoft 365 E5 licenses?

A. Group1 and Group2 only

B. Group2 and Group3 only

C. Group3 and Group4 only

D. Group1, Group2, and Group3 only

E. Group2, Group3, and Group4 only

DRAG DROP
-
You have a Microsoft 365 subscription.
You need to review reports to identify the following:
• The storage usage of files stored in Microsoft Teams
• The number of active users per team
Which report should you review for each requirement? To answer, drag the appropriate reports to the correct requirements. Each report may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
 
Each user has an Android device with the Microsoft Authenticator app installed and has set up phone sign-in.
The subscription has the following Conditional Access policy:
• Name: Policy1
• Assignments
• Users and groups: Group1, Group2
• Cloud apps or actions: All cloud apps
• Access controls
• Grant: Require multi-factor authentication
• Enable policy: On
From Microsoft Authenticator settings for the subscription, the Enable and Target settings are configured as shown in the exhibit. (Click the Exhibit tab.)
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

Your company has 10,000 users who access all applications from an on-premises data center.
You plan to create a Microsoft 365 subscription and to migrate data to the cloud.
You plan to implement directory synchronization.
User accounts and group accounts must sync to Azure AD successfully.
You discover that several user accounts fail to sync to Azure AD.
You need to resolve the issue as quickly as possible.
What should you do?

A. From Active Directory Administrative Center, search for all the users, and then modify the properties of the user accounts.

B. Run idfix.exe, and then click Edit.

C. From Windows PowerShell, run the start-AdSyncSyncCycle -PolicyType Delta command.

D. Run idfix.exe, and then click Complete.

DRAG DROP
-
You have a Microsoft 365 subscription.
You need to meet the following requirements:
• Report a Microsoft 365 service issue.
• Request help on how to add a new user to an Azure AD tenant.
What should you use in the Microsoft 365 admin center? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 subscription.
From the Microsoft 365 admin center, you open the Microsoft 365 Apps usage report as shown in the following exhibit.
 
You need ensure that the report meets the following requirements:
• The Username column must display the actual name of each user.
• Usage of the Microsoft Teams mobile app must be displayed.
What should you modify for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription.
You create a Conditional Access policy that blocks access to an app named App1 when users trigger a high-risk sign-in event.
You need to reduce false positives for impossible travel when the users sign in from the corporate network.
What should you configure?

A. exclusion groups

B. multi-factor authentication (MFA)

C. named locations

D. user risk policies

You have a Microsoft 365 subscription.
You plan to use Adoption Score and need to ensure that it can obtain device and software metrics.
What should you do?

A. Enable privileged access.

B. Enable Endpoint analytics.

C. Configure Support integration.

D. Run the Microsoft 365 network connectivity test on each device.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
• Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
• User passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?

A. Yes

B. No

HOTSPOT
-
Your network contains an on-premises Active Directory domain that is synced to Azure AD as shown in the following exhibit.
 
An on-premises Active Directory user account named Allan Yoo is synchronized to Azure AD. You view Allan’s account from Microsoft 365 and notice that his username is set to
Allan@adatum.onmicrosoft.com
.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription that is linked to an Azure AD tenant named contoso.com.
You purchase 100 Microsoft 365 Business Voice add-on licenses.
You need to ensure that the members of a group named Voice are assigned a Microsoft 365 Business Voice add-on license automatically.
What should you do?

A. From the Licenses page of the Microsoft 365 admin center, assign the licenses.

B. From the Microsoft Entra admin center, modify the settings of the Voice group.

C. From the Microsoft 365 admin center, modify the settings of the Voice group.

You have a Microsoft 365 subscription.
You need to configure a compliance solution that meets the following requirements:
Defines sensitive data based on existing data samples
Automatically prevents data that matches the samples from being shared externally in Microsoft SharePoint or email messages
Which two components should you configure? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. a trainable classifier

B. a sensitive info type

C. an insider risk policy

D. an adaptive policy scope

E. a data loss prevention (DLP) policy

You have a Microsoft 365 E5 subscription.
You need to create a mail-enabled contact.
Which portal should you use?

A. the Microsoft 365 admin center

B. the SharePoint admin center

C. the Microsoft Entra admin center

D. the Microsoft Purview compliance portal

You have a Microsoft 365 E5 subscription.
Users have Android or iOS devices and access Microsoft 365 resources from computers that run Windows 11 or MacOS.
You need to implement passwordless authentication. The solution must support all the devices.
Which authentication method should you use?

A. Windows Hello

B. FIDO2 compliant security keys

C. Microsoft Authenticator app

You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
A Built-in protection preset security policy is applied to the subscription.
Which two policy types will be applied by the Built-in protection policy? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Anti-malware

B. Safe Attachments

C. Safe Links

D. Anti-phishing

E. Anti-spam

HOTSPOT -
You have a Microsoft 365 E5 tenant.
You have the alerts shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription that contains a user named User1.
User1 exceeds the default daily limit of allowed email messages and is on the Restricted entities list.
You need to remove User1 from the Restricted entities list.
What should you use?

A. the Exchange admin center

B. the Microsoft Purview compliance portal

C. the Microsoft 365 admin center

D. the Microsoft 365 Defender portal

E. the Microsoft Entra admin center

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain.
You deploy an Azure AD tenant.
Another administrator configures the domain to synchronize to Azure AD.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All the other user accounts synchronized successfully.
You review Azure AD Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Azure AD.
Solution: From Azure AD Connect, you modify the Azure AD credentials.
Does this meet the goal?

A. Yes

B. No

You have an Azure AD tenant and a Microsoft 365 E5 subscription. The tenant contains the users shown in the following table.
 
You plan to implement Microsoft Defender for Endpoint.
You verify that role-based access control (RBAC) is turned on in Microsoft Defender for Endpoint.
You need to identify which user can view security incidents from the Microsoft 365 Defender portal.
Which user should you identify?

A. User1

B. User2

C. User3

D. User4

HOTSPOT
-
You have a Microsoft 365 subscription.
You need to create two groups named Group1 and Group2. The solution must meet the following requirements:
• Group1 must be mail-enabled and have an associated Microsoft SharePoint Online site.
• Group2 must support dynamic membership and role assignments but must NOT be mail-enabled.
Which types of groups should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription.
You need to create a mail-enabled contact.
Which portal should you use?

A. the Microsoft 365 admin center

B. the Microsoft Teams admin center

C. the Intune admin center

D. the Microsoft Purview compliance portal

HOTSPOT -
You have a Microsoft 365 tenant.
You plan to create a retention policy as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
 

HOTSPOT -
You have a Microsoft 365 subscription that contains a Microsoft SharePoint site named Site1. Site1 has the files shown in the following table.
 
For Site1, users are assigned the roles shown in the following table.
 
You create a data loss prevention (DLP) policy named Policy1 that contains a rule as shown in the following exhibit.
 
How many files will be visible to User1 and User2 after Policy1 is applied to Site1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 subscription that contains an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.
 
You create and assign a data loss prevention (DLP) policy named Policy1. Policy1 is configured to prevent documents that contain Personally Identifiable Information (PII) from being emailed to users outside your organization.
To which users can User1 send documents that contain PII?

A. User2 only

B. User2 and User3 only

C. User2, User3, and User4 only

D. User2, User3, User4, and User5

Your on-premises network contains an Active Directory domain.
You have a Microsoft 365 E5 subscription.
You plan to implement a hybrid configuration that has the following requirements:
• Minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources
• Supports the use of Azure AD Identity Protection
You need to configure Azure AD Connect to support the planned implementation.
Which two options should you select? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Password Hash Synchronization

B. Password writeback

C. Directory extension attribute sync

D. Enable single sign-on

E. Pass-through authentication

HOTSPOT
-
You have a Microsoft 365 subscription that contains the administrative units shown in the following table.
 
The groups contain the members shown in the following table.
 
The users are assigned the roles shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint.
You have devices enrolled in Microsoft Intune as shown in the following table.
 
You plan to use risk levels in Microsoft Defender for Endpoint to identify whether a device is compliant. Noncompliant devices must be blocked from accessing corporate resources.
You need to identify which devices can be onboarded to Microsoft Defender for Endpoint, and which Endpoint security policies must be configured.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
 
You plan to create an Endpoint security policy by using the Defender Update controls template.
To which devices can you apply the policy?

A. Device1 only

B. Device1 and Device2 only

C. Device1 and Device3 only

D. Device1, Device2, and Device3

HOTSPOT -
You have a Microsoft 365 subscription.
A user named
user1@contoso.com
was recently provisioned.
You need to use PowerShell to assign a Microsoft Office 365 E3 license to User1. Microsoft Bookings must NOT be enabled.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft 365 E5 subscription.
Conditional Access is configured to block high-risk sign-ins for all users.
All users are in France and are registered for multi-factor authentication (MFA).
Users in the media department will travel to various countries during the next month.
You need to ensure that if the media department users are blocked from signing in while traveling, the users can remediate the issue without administrator intervention.
What should you configure?

A. an exclusion group

B. the MFA registration policy

C. named locations

D. self-service password reset (SSPR)

HOTSPOT -
Your company uses Microsoft Defender for Endpoint. Microsoft Defender for Endpoint includes the device groups shown in the following table.
 
You onboard a computer named computer1 to Microsoft Defender for Endpoint as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft 365 E5 tenant.
You have a sensitivity label configured as shown in the Sensitivity label exhibit.
 
You have an auto-labeling policy as shown in the Auto-labeling policy exhibit.
 
A user sends an email that contains the components shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
 

HOTSPOT -
You have a Microsoft 365 E5 subscription.
You need to implement identity protection. The solution must meet the following requirements:
Identify when a user's credentials are compromised and shared on the dark web.
Provide users that have compromised credentials with the ability to self-remediate.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

Your company has a Microsoft 365 subscription.
You need to identify all the users in the subscription who are licensed for Office 365 through a group membership. The solution must include the name of the group used to assign the license.
What should you use?

A. Active users in the Microsoft 365 admin center

B. Reports in Microsoft Purview compliance portal

C. the Licenses blade in the Microsoft Entra admin center

D. Reports in the Microsoft 365 admin center

You have a Microsoft 365 subscription.
You need to be notified to your personal email address when a Microsoft Exchange Online service issue occurs.
What should you do?

A. From the Exchange admin center, create a contact.

B. From the Microsoft Outlook client, configure an Inbox rule.

C. From the Microsoft 365 admin center, update the technical contact details.

D. From the Microsoft 365 admin center, customize the Service health settings.