We recommend you to try the PREMIUM MS-102 Dumps From Exambible

https://www.exambible.com/MS-102-exam/ (312 Q&As)

Microsoft
Exam Questions MS-102
Microsoft 365 Administrator Exam

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

About Exambible

Your Partner of IT Exam

Found in 1998

Exambible is a company specialized on providing high quality IT exam practice study materials, especially Cisco CCNA, CCDA,
CCNP, CCIE, Checkpoint CCSE, CompTIA A+, Network+ certification practice exams and so on. We guarantee that the
candidates will not only pass any IT exam at the first attempt but also get profound understanding about the certificates they have
got. There are so many alike companies in this industry, however, Exambible has its unique advantages that other companies could
not achieve.

Our Advances

* 99.9% Uptime
All examinations will be up to date.
* 24/7 Quality Support
We will provide service round the clock.
* 100% Pass Rate
Our guarantee that you will pass the exam.
* Unique Gurantee
If you do not pass the exam at the first time, we will not only arrange FULL REFUND for you, but also provide you another
exam of your claim, ABSOLUTELY FREE!

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 1
HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 subscription.
You need to review metrics for the following: The daily active users in Microsoft Teams Recent Microsoft service issues
What should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Usage reports
The daily active users in Microsoft Teams
Microsoft 365 Reports in the admin center - Microsoft Teams usage activity
The brand-new Teams usage report gives you an overview of the usage activity in Teams, including the number of active users, channels and messages so you
can quickly see how many users across your organization are using Teams to communicate and collaborate. It also includes other Teams specific activities, such
as the number of active guests, meetings, and messages.
Box 2: Service Health
Recent Microsoft service issues
You can view the health of your Microsoft services, including Office on the web, Yammer, Microsoft Dynamics CRM, and mobile device management cloud
services, on the Service health page in the Microsoft 365 admin center. If you are experiencing problems with a cloud service, you can check the service health to
determine whether this is a known issue with a resolution in progress before you call support or spend time troubleshooting.

NEW QUESTION 2
- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection (ATP) settings and policies for Microsoft Teams, SharePoint, and
OneDrive.
Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the Teams Service Administrator role.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
You need to assign the Security Administrator role. Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide

NEW QUESTION 3
- (Topic 6)
You have a Microsoft 365 tenant that uses Microsoft Endpoint Manager for device management. You need to add the phone number of the help desk to the
Company Portal app. What should you do?

A. From Customization in the Microsoft Endpoint Manager admin center, modify the support information for the tenant.
B. From the Microsoft Endpoint Manager admin center, create an app configuration policy.
C. From the Microsoft 365 admin center, modify Organization information.
D. From the Microsoft 365 admin center, modify Help desk information.

Answer: A

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Explanation:
Reference:
https://systemcenterdudes.com/intune-company-portal-customization/

NEW QUESTION 4
- (Topic 6)
You have a Microsoft 365 subscription.
You discover that some external users accessed center for a Microsoft SharePoint site. You modify the sharePoint sharing policy to prevent sharing, outside your
organization. You need to be notified if the SharePoint sharing policy is modified in the future. Solution: From the Security $ Compliance admin center you create a
threat management
policy.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 5
- (Topic 6)
You have a Microsoft 365 E5 tenant that contains the resources shown in the following table.

To which resources can you apply a sensitivity label by using an auto-labeling policy?

A. Mailbox1 and Site1 only

B. Mailbox1, Account1, and Site1 only
C. Account1 and Site1 only
D. Mailbox1, Account1, Site1, and Channel1
E. Account1, Site1, and Channel1 only

Answer: E

Explanation:

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365- worldwide

NEW QUESTION 6
- (Topic 6)
Your company has 10,000 users who access all applications from an on-premises data center.
You plan to create a Microsoft 365 subscription and to migrate data to the cloud. You plan to implement directory synchronization.
User accounts and group accounts must sync to Azure AD successfully. You discover that several user accounts fail to sync to Azure AD.
You need to resolve the issue as quickly as possible. What should you do?

A. From Active Directory Administrative Center, search for all the users, and then modify the properties of the user accounts.
B. Run idfix.exe, and then click Edit.
C. From Windows PowerShell, run the start-AdSyncSyncCycle -PolicyType Delta command.
D. Run idfix.exe, and then click Complete.

Answer: B

Explanation:
IdFix is used to perform discovery and remediation of identity objects and their attributes in an on-premises Active Directory environment in preparation for
migration to Azure Active Directory. IdFix is intended for the Active Directory administrators responsible for directory synchronization with Azure Active Directory.
Reference:
https://docs.microsoft.com/en-us/office365/enterprise/prepare-directory-attributes-for- synch-with-idfix

NEW QUESTION 7
HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E5 subscription that contains two users named Admin1 and Admin2.
All users are assigned a Microsoft 365 Enterprise E5 license and auditing is turned on.
You create the audit retention policy shown in the exhibit. (Click the Exhibit tab.)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

After Policy1 is created, the following actions are performed:

? Admin1 creates a user named User1.
? Admin2 creates a user named User2.
How long will the audit events for the creation of User1 and User2 be retained? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 8
- (Topic 6)
From the Security & Compliance admin center, you create a content export as shown in the exhibit. (Click the Exhibit tab.)

What will be excluded from the export?

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. a 10-MB XLSX file

B. a 5-MB MP3 file
C. a 5-KB RTF file
D. an 80-MB PPTX file

Answer: B

Explanation:
Unrecognized file formats are excluded from the search.
Certain types of files, such as Bitmap or MP3 files, don't contain content that can be indexed. As a result, the search indexing servers in Exchange and SharePoint
don't perform full-text indexing on these types of files. These types of files are considered to be
unsupported file types.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/partially-indexed-items-in-content-search?view=o365-worldwide
https://docs.microsoft.com/en-us/office365/securitycompliance/export-a-content-search- report

NEW QUESTION 9
- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goats. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint. and OneDrive.
Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the SharePoint Administrator role.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 10
- (Topic 6)
You have a Microsoft E5 subscription.
You need to ensure that administrators who need to manage Microsoft Exchange Online are assigned the Exchange Administrator role for five hours at a time.
What should you implement?

A. Azure AD Privileged Identity Management (PIM)

B. a conditional access policy
C. a communication compliance policy)
D. Azure AD Identity Protection
E. groups that have dynamic membership

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-change-default-settings

NEW QUESTION 10
HOTSPOT - (Topic 6)
Your company has a Azure AD tenant named comoso.onmicrosoft.com that contains the users shown in the following table.

You need to identify which users can perform the following administrative tasks:
• Reset the password of User4.
• Modify the value for the manager attribute of User4.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 14
- (Topic 6)
You have a Microsoft 365 tenant that contains a Windows 10 device named Device1 and the Microsoft Endpoint Manager policies shown in the following table.

The policies are assigned to Device1.

Which policy settings will be applied to Device1?

A. only the settings of Policy1

B. only the settings of Policy2
C. only the settings of Policy3
D. no settings

Answer: D

NEW QUESTION 15
- (Topic 6)
You have a Microsoft 365 tenant.
You plan to implement Endpoint Protection device configuration profiles. Which platform can you manage by using the profile?

A. Android
B. CentOS Linux
C. iOS
D. Window 10

Answer: D

Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-protection-configure

NEW QUESTION 17
HOTSPOT - (Topic 6)
HOTSPOT

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Your network contains an on-premises Active Directory forest named contoso.com. The forest contains the following domains:
? Contoso.com
? East.contoso.com
The forest contains the users shown in the following table.

The forest syncs to an Azure AD tenant named contoso.com as shown in the exhibit. (Click
the Exhibit tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Yes
The UPN of user1 is user1@contoso.com so he can authenticate to Azure AD by using the username user1@contoso.com.
Box 2: No
The UPN of user2 is user2@east.contoso.com so he cannot authenticate to Azure AD by using the username user2@contoso.com.
Box 3: No
The UPN of user3 is user3@fabrikam.com so he cannot authenticate to Azure AD by using the username user3@contoso.com.

NEW QUESTION 22
- (Topic 6)
Your network contains an Active Directory forest named Contoso. Local. You have a Microsoft 365 subscription.
You plan to implement a directory synchronization solution that will use password hash synchronization.
From the Microsoft 365 admin center, you successfully verify the contoso.com domain name.
You need to prepare the environment for the planned directory synchronization solution. What should you do first?

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. From Active Directory Domains and Trusts, add contoso.com as a UPN suffix.
B. From the Microsoft 365 admin center verify the Contos
C. Local domain name.
D. From the public DNS zone of contoso.com, add a new mail exchanger (MX) record.
E. From Active Directory Users and Computers, modify the UPN suffix for all users.

Answer: A

NEW QUESTION 25
DRAG DROP - (Topic 6)
DRAG DROP
You have a Microsoft 365 E5 subscription. Several users have iOS devices.
You plan to enroll the iOS devices in Microsoft Endpoint Manager.
You need to ensure that you can create an iOS/iPadOS enrollment profile in Microsoft Endpoint Manager.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 27
HOTSPOT - (Topic 6)
HOTSPOT
Your company has a Microsoft 365 E5 subscription. You need to perform the following tasks:
View the Adoption Score of the company. Create a new service request to Microsoft.
Which two options should you use in the Microsoft 365 admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Reports
View the Adoption Score of the company.
How to enable Adoption Score To enable Adoption Score:
? Sign in to the Microsoft 365 admin center as a Global Administrator and go to Reports > Adoption Score
? Select enable Adoption Score. It can take up to 24 hours for insights to become
available.
Box 2: Support
Create a new service request to Microsoft.
Sign in to Microsoft 365 with your Microsoft 365 admin account, and select Support > New service request. If you're in the admin center, select Support > New
service request.

NEW QUESTION 29
HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

Each user has a device with the Microsoft Authenticator app installed.
From Microsoft Authenticator settings for the subscription, the Enable and Target settings are configured as shown in the exhibit. (Click the Exhibit tab.)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 32
- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goats. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain. You deploy a Microsoft Entra tenant.
Another administrator configures the domain to synchronize to the Microsoft Entra tenant.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to the Microsoft Entra tenant. All the other user accounts synchronized
successfully.
You review Microsoft Entra Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to the Microsoft Entra tenant.
Solution: From Microsoft Entra Connect, you modify the filtering settings. Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 33
- (Topic 6)
You have a Microsoft 365 E5 subscription.
You onboard all devices to Microsoft Defender for Endpoint

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

You need to use Defender for Endpoint to block access to a malicious website at www.contoso.com.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct answer is worth one point.

A. Create a web content filtering policy.

B. Configure an enforcement scope.
C. Enable Custom network indicators.
D. Create an indicator.
E. Enable automated investigation.

Answer: AC

NEW QUESTION 34
HOTSPOT - (Topic 6)
You have several devices enrolled in Microsoft Endpoint Manager
You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown In the following table.

The device limit restrictions in Endpoint manager are configured as shown in the following table.

You add user as a device enrollment manager in Endpoint manager

For each of the following statements, select Yes if the statement is true. Otherwise, select No

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 36
HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint and contains the devices shown in the following table.

Defender for Endpoint has the device groups shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

You create an incident email notification rule configured as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: No
Device1 is in Group2 as Name starts with Device and Tag contains Inventory. However, the Group2 has alert severity low.
Box 2: No
Computer1 does not belong to either Group1 or Group2
Box 3: Yes
Device3 belongs to both Group1 and Group2.
Note: Understanding alert severity
Microsoft Defender Antivirus and Defender for Endpoint alert severities are different because they represent different scopes.
The Microsoft Defender Antivirus threat severity represents the absolute severity of the detected threat (malware), and is assigned based on the potential risk to
the individual device, if infected.

NEW QUESTION 39
- (Topic 6)
You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Endpoint Manager.
Devices are onboarded by using Microsoft Defender for Endpoint.
You plan to block devices based on the results of the machine risk score calculated by Microsoft Defender for Endpoint.
What should you create first?

A. a device configuration policy

B. a device compliance policy
C. a conditional access policy
D. an endpoint detection and response policy

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure

NEW QUESTION 44
HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and the groups shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

You have a Microsoft Intune enrollment policy that has the following settings:
? MDM user scope: Some
? uk.co.certification.simulator.questionpool.PList@184e72e0
? MAM user scope: Some
? uk.co.certification.simulator.questionpool.PList@184e7360 You purchase the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 49
- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.

The domain syncs to an Azure AD tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

User2 fails to authenticate to Azure AD when signing in as user2@fabrikam.com. You need to ensure that User2 can access the resources in Azure AD.
Solution: From the Microsoft Entra admin center, you add fabrikam.com as a custom domain. You instruct User2 to sign in as user2@fabrikam.com.
Does this meet the goal?

A. Yes
B. No

Answer: A

Explanation:
The on-premises Active Directory domain is named contoso.com. To enable users to sign on using a different UPN (different domain), you need to add the domain
to Microsoft 365 as a custom domain.

NEW QUESTION 51
HOTSPOT - (Topic 6)
You have a Microsoft 365 tenant that contains 100 Windows 10 devices. The devices are managed by using Microsoft Endpoint Manager.
You plan to create two attack surface reduction (ASR) policies named ASR1 and ASR2. ASR1 will be used to configure Microsoft Defender Application Guard.
ASR2 will be used to configure Microsoft Defender SmartScreen.
Which ASR profile type should you use for each policy? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 55
- (Topic 6)
You have a Microsoft 365 subscription that uses an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.

You add another user named User5 to the User Administrator role. You need to identify which two management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Delete User2 and User4 only.

B. Reset the password of User4 only
C. Reset the password of any user in Azure AD.
D. Delete User1, User2, and User4 only.
E. Reset the password of User2 and User4 only.
F. Delete any user in Azure AD.

Answer: AE

Explanation:
Users with the User Administrator role can create users and manage all aspects of users with some restrictions (see below).
Only on users who are non-admins or in any of the following limited admin roles:
• Directory Readers
• Guest Inviter
• Helpdesk Administrator
• Message Center Reader
• Reports Reader
• User Administrator Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles

NEW QUESTION 58
- (Topic 6)
You have a Microsoft 365 subscription.
You configure a data loss prevention (DLP) policy.
You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.
You need to prevent the users from bypassing the DLP policy. What should you configure?

A. actions
B. incident reports
C. exceptions
D. user overrides

Answer: D

Explanation:
A DLP policy can be configured to allow users to override a policy tip and report a false positive.
You can educate your users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows
them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word.
If you find that users are incorrectly marking content as false positive and bypassing the DLP policy, you can configure the policy to not allow user overrides.
Reference:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention- policies

NEW QUESTION 60
HOTSPOT - (Topic 6)
Your company has a Microsoft 365 tenant
You plan to allow users that are members of a group named Engineering to enroll their mobile device in mobile device management (MDM)
The device type restriction are configured as shown in the following table.

The device limit restriction are configured as shown in the following table.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set#change-enrollment-restriction-priority

NEW QUESTION 65
- (Topic 6)
You have a Microsoft 365 subscription.
You plan to implement Microsoft Purview Privileged Access Management. Which Microsoft Office 365 workloads support privileged access?

A. Microsoft Exchange Online only

B. Microsoft Teams only
C. Microsoft Exchanqe Online and SharePoint Online only
D. Microsoft Teams and SharePoint Online only
E. Microsoft Teams, Exchanqe Online, and SharePoint Online

Answer: A

Explanation:
Privileged access management
Having standing access by some users to sensitive information or critical network configuration settings in Microsoft Exchange Online is a potential pathway for
compromised accounts or internal threat activities. Microsoft Purview Privileged Access Management helps protect your organization from breaches and helps to
meet compliance best practices by limiting standing access to sensitive data or access to critical configuration settings. Instead of administrators having constant
access, just-in-time access rules are implemented for tasks that need elevated permissions. Enabling privileged access management for Exchange Online in
Microsoft 365 allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access
vulnerabilities.
Note: When will privileged access support Office 365 workloads beyond Exchange? Privileged access management will be available in other Office 365 workloads
soon.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/compliance/privileged-access- management-solution-overview
https://learn.microsoft.com/en-us/microsoft-365/compliance/privileged-access-management

NEW QUESTION 67
- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the Security Administrator role.
Does this meet the goal?

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Yes
B. No

Answer: A

Explanation:
You need to assign the Security Administrator role. Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp

NEW QUESTION 71
- (Topic 6)
You have Windows 10 devices that are managed by using Microsoft Endpoint Manager. You need to configure the security settings in Microsoft Edge.
What should you create in Microsoft Endpoint Manager?

A. an app configuration policy

B. an app
C. a device configuration profile
D. a device compliance policy

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/deployedge/configure-edge-with-intune

NEW QUESTION 73
DRAG DROP - (Topic 6)
Your company has an Azure AD tenant named contoso.onmicrosoft.com.
You purchase a domain named contoso.com from a registrar and add all the required DNS records.
You create a user account named User1. User1 is configured to sign in as userl@contoso.onmicrosoft.com.
You need to configure User1 to sign in as user1@contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 76
- (Topic 6)
You have a Microsoft 365 E5 subscription.
Users have the devices shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

On which devices can you manage apps by using app configuration policies in Microsoft Endpoint Manager?

A. Device1, Device4, and Device6

B. Device2, Device3, and Device5
C. Device1, Device2, Device3, and Device6
D. Device1, Device2, Device4, and Device5

Answer: C

Explanation:
You can create and use app configuration policies to provide configuration settings for both iOS/iPadOS or Android apps on devices that are and are not enrolled
in Microsoft Endpoint Manager.
Reference:
https://docs.microsoft.com/en-us/mem/intune/apps/app-configuration-policies-overview

NEW QUESTION 80
HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.

At 08:00. you create an incident notification rule that has the following configurations:
• Name: Notification!
• Notification settings
o Notify on alert seventy: Low o Device group scope: All (3)
o Details: First notification per incident
• Recipients: Userl@contoso.com, User2@contoso.com
At 08:02. you create an incident notification rule that has the following configurations:
• Name: Notification
• Notification settings
o Notify on alert severity: Low. Medium
o Device group scope: DevtceGroup1, DeviceGroup2
• Recipients: Userl@contoso.com
in Microsoft 365 Defender, alerts are logged as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No1.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 81
DRAG DROP - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.

You need to onboard the devices to Microsoft Defender for Endpoint. The solution must minimize administrative effort.
What should you use to onboard each type of device? To answer, drag the appropriate onboarding methods to the correct device types. Each onboarding method
may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 84
HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices. You plan to attack surface reduction (ASR) rules for the Windows 10 devices.
You configure the ASR rules in audit mode and collect audit data in a Log Analytics workspace.
You need to find the ASR rules that match the activities on the devices.
How should you complete the Kusto query? To answer, select the appropriate options in
the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 85
- (Topic 6)
You have a Microsoft 365 E5 subscription that uses Endpoint security.
You need to create a group and assign the Endpoint Security Manager role to the group. Which type of group can you use?

A. Microsoft 365 only

B. security only
C. mail-enabled security and security only
D. mail-enabled security, Microsoft 365, and security only
E. distribution, mail-enabled security, Microsoft 365, and security

Answer: D

NEW QUESTION 89
HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have labels in Microsoft 365 as shown in the following table.

The content in Microsoft 365 is assigned labels as shown in the following table.

You have labels In Microsoft 365 as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

A. Mastered
B. Not Mastered

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Answer: A

Explanation:

NEW QUESTION 92
HOTSPOT - (Topic 6)
HOTSPOT
Your company uses Microsoft Defender for Endpoint. Microsoft Defender for Endpoint includes the device groups shown in the following table.

You onboard a computer named computer1 to Microsoft Defender for Endpoint as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Group3 and Group4 only Computer1 has no Demo Tag.
Computer1 is in the adatum domain and OS is Windows 10. Box 2: Group1, Group2, Group3 and Group4

NEW QUESTION 95
- (Topic 6)
You have a Microsoft 365 subscription.
You need to receive a notification each time a user in the service desk department grants Full Access permissions for a user mailbox.
What should you configure?

A. a data loss prevention (DLP) policy

B. an alert policy
C. an audit search
D. an insider risk management policy

Answer: B

NEW QUESTION 99
- (Topic 6)
You have a Microsoft 365 E5 subscription.
Users access Microsoft 365 from both their laptop and a corporate Virtual Desktop Infrastructure (VDI) solution.
From Azure AD Identity Protection, you enable a sign-in risk policy.
Users report that when they use the VDI solution, they are regularly blocked when they attempt to access Microsoft 365.
What should you configure?

A. the Tenant restrictions settings in Azure AD

B. a trusted location
C. a Conditional Access policy exclusion
D. the Microsoft 365 network connectivity settings

Answer: B

Explanation:
There are two types of risk policies in Azure Active Directory (Azure AD) Conditional Access you can set up to automate the response to risks and allow users to
self-remediate when risk is detected:
Sign-in risk policy User risk policy
Configured trusted network locations are used by Identity Protection in some risk detections to reduce false positives.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity- protection-configure-risk-policies
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/location- condition

NEW QUESTION 100

- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchange Administrator role.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
You need to assign the Security Administrator role. Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 102

FILL IN THE BLANK - (Topic 6)
You have a Microsoft 365 tenant.
You need to retain Azure Active Directory (Azure AD) audit logs for two years. Administrators must be able to query the audit log information by using the Azure
Active Directory admin center.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 105

DRAG DROP - (Topic 6)
DRAG DROP
You have a Microsoft 365 E5 tenant.
You need to implement compliance solutions that meet the following requirements:
• Use a file plan to manage retention labels.
• Identify, monitor, and automatically protect sensitive information.
• Capture employee communications for examination by designated reviewers.
Which solution should you use for each requirement? To answer, drag the appropriate solutions to the correct requirements. Each solution may be used once,
more than once, or not at all. You may need to drag the split bat between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 106

HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E5 subscription.
From Azure AD Identity Protection on August 1, you configure a Multifactor authentication registration policy that has the following settings:
? Assignments: All users
? Controls: Require Azure AD multifactor authentication registration
? Enforce Policy: On
? On August 3, you create two users named User1 and User2.
Users authenticate by using Azure Multi-Factor Authentication (MFA) for the first time on the dates shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

By which dates will User1 and User2 be forced to complete their Azure MFA registration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: August 19
Note: Security defaults will trigger a 14 day grace period for registration after a user's first login and security defaults being enabled. After 14 days users will be
required to register for MFA and will not be able to skip.
Conditional Access by itself without Azure Identity Protection does not allow for the 14 day grace period. Identity Protection includes the registration policy that
allows registration on its own with no apps assigned to the policy. If a Conditional Access policy requires Multi- Factor Authentication, then the user must be able to
pass that MFA request.
Box 2: August 21

NEW QUESTION 107

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
The subscription has the following two anti-spam policies:
• Name: AntiSpam1
• Priority: 0
• Induce these users, groups and domains o Users: User3
o Groups: Group!
• Exclude these users, groups and domains o Groups: Group2
• Message limits
o Set a daily message limit 100
• Name: AntiSpam2
• Priority: 1
• Include these users, groups and domains o Users: User! o Groups: Group2
• Exclude these users, groups and domains o Users: User3
• Message limits
o Set a daily message limit 50
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 111

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains a user named User1 and the administrators shown in the following table.
User1 reports that after sending 1,000 email messages in the morning, the user is blocked from sending additional emails. You need to identify the following:
• Which administrators can unblock User1
• What to configure to allow User1 to send at least 2,000 emails per day without being blocked
What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 112

- (Topic 6)
You have a new Microsoft 365 E5 tenant.
You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected.
What should you do first?

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Enable auditing.
B. Enable Microsoft 365 usage analytics.
C. Create an Insider risk management policy.
D. Create a communication compliance policy.

Answer: A

Explanation:
Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal
investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured,
recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and
compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization.
Note: Permissions alert policies
Example: Elevation of Exchange admin privilege
Generates an alert when someone is assigned administrative permissions in your Exchange Online organization. For example, when a user is added to the
Organization Management role group in Exchange Online.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-solutions-overview https://learn.microsoft.com/en-us/microsoft-365/compliance/alert-policies

NEW QUESTION 114

- (Topic 6)
Your network contains an on-premises Active Directory domain named contoso.local. The domain contains five domain controllers.
Your company purchases Microsoft 365 and creates an Azure AD tenant named contoso.onmicrosoft.com.
You plan to install Azure AD Connect on a member server and implement pass-through authentication.
You need to prepare the environment for the planned implementation of pass-through authentication.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From a domain controller install an Authentication Agent

B. From the Microsoft Entra admin center, confiqure an authentication method.
C. From Active Director,' Domains and Trusts add a UPN suffix
D. Modify the email address attribute for each user account.
E. From the Microsoft Entra admin center, add a custom domain name.
F. Modify the User logon name for each user account.

Answer: ABE

Explanation:
Deploy Azure AD Pass-through Authentication Step 1: Check the prerequisites
Ensure that the following prerequisites are in place. In the Entra admin center
* 1. Create a cloud-only Hybrid Identity Administrator account or a Hybrid Identity administrator account on your Azure AD tenant. This way, you can manage the
configuration of your tenant should your on-premises services fail or become unavailable.
(E) 2. Add one or more custom domain names to your Azure AD tenant. Your users can sign in with one of these domain names.
(A) In your on-premises environment
* 1. Identify a server running Windows Server 2016 or later to run Azure AD Connect. If not enabled already, enable TLS 1.2 on the server. Add the server to the
same Active Directory forest as the users whose passwords you need to validate. It should be noted that installation of Pass-Through Authentication agent on
Windows Server Core versions is not supported.
* 2. Install the latest version of Azure AD Connect on the server identified in the preceding step. If you already have Azure AD Connect running, ensure that the
version is supported.
* 3. Identify one or more additional servers (running Windows Server 2016 or later, with TLS 1.2 enabled) where you can run standalone Authentication Agents.
These additional servers are needed to ensure the high availability of requests to sign in. Add the servers to the same Active Directory forest as the users whose
passwords you need to validate.
* 4. Etc.
(B) Step 2: Enable the feature
Enable Pass-through Authentication through Azure AD Connect.
If you're installing Azure AD Connect for the first time, choose the custom installation path. At the User sign-in page, choose Pass-through Authentication as the
Sign On method. On successful completion, a Pass-through Authentication Agent is installed on the same server as Azure AD Connect. In addition, the Pass-
through Authentication feature is enabled on your tenant.
Incorrect:
Not C: From Active Directory Domains and Trusts, add a UPN suffix Not D. Modify the email address attribute for each user account. Not F. Modify the User logon
name for each user account.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/how-to-connect-pta- quick-start

NEW QUESTION 118

- (Topic 6)
You have a Microsoft 365 E5 subscription.
Users have Android or iOS devices and access Microsoft 365 resources from computers that run Windows 11 or MacOS.
You need to implement passwordless authentication. The solution must support all the devices.
Which authentication method should you use?

A. Windows Hello
B. FID02 compliant security keys
C. Microsoft Authenticator app

Answer: C

NEW QUESTION 120

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

You need to create a policy that will generate an email alert when a banned app is detected requesting permission to access user information or data in the
subscription.
What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 122

HOTSPOT - (Topic 6)
You work at a company named Contoso, Ltd.
Contoso has a Microsoft 365 subscription that is configured to use the DNS domains shown in the following table.
Contoso purchases a company named Fabrikam, Inc.
Contoso plans to add the following domains to the Microsoft 365 subscription:
• fabrikam.com
• east.fabrikam.com
• west.contoso.com
You need to ensure that the devices in the new domains can register by using Autodiscover.
How many domains should you verify, and what is the minimum number of enterprise registration DNS records you should add? To answer, select the appropriate
options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 123

HOTSPOT - (Topic 6)
You have a Microsoft 365 tenant that has Enable Security defaults set to No in Azure Active Directory (Azure AD).
The tenant has two Compliance Manager assessments as shown in the following table.

The SP800 assessment has the improvement actions shown in the following table.

You perform the following actions:

? For the Data Protection Baseline assessment, change the Test status of Establish a threat intelligence program to Implemented.
? Enable multi-factor authentication (MFA) for all users.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 128

- (Topic 6)
You purchase a new computer that has Windows 10, version 21H1 preinstalled.
You need to ensure that the computer is up-to-date. The solution must minimize the number of updates installed.
What should you do on the computer?

A. Install all the feature updates released since version 21H1 and the latest quality update only.
B. Install the latest feature update and all the quality updates released since version 21H1.
C. Install the latest feature update and the latest quality update only.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

D. Install all the feature updates released since version 21H1 and all the quality updates released since version 21H1 only.

Answer: C

NEW QUESTION 132

HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E3 subscription.
You plan to launch Attack simulation training for all users.
Which social engineering technique and training experience will be available? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Credential Harvest
Attack simulation training offers a subset of capabilities to E3 customers as a trial. The trial offering contains the ability to use a Credential Harvest payload and the
ability to select 'ISA Phishing' or 'Mass Market Phishing' training experiences. No other capabilities are part of the E3 trial offering.
Note: In Attack simulation training, multiple types of social engineering techniques are available:
Credential Harvest Malware Attachment Link to Malware
Etc.
Box 2: Mass Market Phishing

NEW QUESTION 136

HOTSPOT - (Topic 6)
You have three devices enrolled in Microsoft Endpoint Manager as shown in the following table.

The device compliance policies in Endpoint Manager are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 139

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint. You have devices enrolled in Microsoft Intune as shown in the following
table.

You plan to use risk levels in Microsoft Defender for Endpoint to identify whether a device is compliant. Noncompliant devices must be blocked from accessing
corporate resources.
You need to identify which devices can be onboarded to Microsoft Defender for Endpoint, and which Endpoint security policies must be configured.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Text, table Description automatically generated with medium confidence

NEW QUESTION 141

- (Topic 6)
You have a Microsoft 365 subscription. You add a domain named contoso.com.
When you attempt to verify the domain, you are prompted to send a verification email to admin@contoso.com.
You need to change the email address used to verify the domain. What should you do?

A. From the Microsoft 365 admin center, change the global administrator of the Microsoft 365 subscription.
B. Add a TXT record to the DNS zone of the domain.
C. From the domain registrar, modify the contact information of the domain.
D. Modify the NS records for the domain.

Answer: C

NEW QUESTION 145

HOTSPOT - (Topic 6)
You have three devices enrolled in Microsoft Endpoint Manager as shown in the following
table.

The device compliance policies in Endpoint Manager are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

For each of the following statements, select Yes if the statement Is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 150

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have a Microsoft Office 365 retention label named Retention1 that is published to Exchange email.
You have a Microsoft Exchange Online retention policy that is applied to all mailboxes. The retention policy contains a retention tag named Retention2.
Which users can assign Retention1 and Retention2 to their emails? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Explanation:

NEW QUESTION 152

- (Topic 4)
You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2.
Which authentication strategy should you implement for the pilot projects?

A. pass-through authentication
B. pass-through authentication and seamless SSO
C. password hash synchronization and seamless SSO
D. password hash synchronization

Answer: C

Explanation:
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Project2: After the successful completion of Project1, Microsoft Teams & Skype for Business will be enabled in Microsoft 365 for the sales department users.
After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud-based applications automatically.
Fabrikam does NOT plan to implement identity federation.
After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
You need to enable password hash synchronization to enable the users to continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
You need to enable SSO to enable all users to be signed in to on-premises and cloud- based applications automatically.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn

NEW QUESTION 155

- (Topic 3)
You need to create the DLP policy to meet the technical requirements. What should you configure first?

A. sensitive info types

B. the Insider risk management settings
C. the event types
D. the sensitivity labels

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide

NEW QUESTION 159

HOTSPOT - (Topic 3)
You plan to implement the endpoint protection device configuration profiles to support the planned changes.
You need to identify which devices will be supported, and how many profiles you should implement.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 162

HOTSPOT - (Topic 2)
You need to meet the technical requirement for the SharePoint administrator. What should
you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance#step-3-filter-the-search-results

NEW QUESTION 167

HOTSPOT - (Topic 1)
As of March, how long will the computers in each office remain supported by Microsoft? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:
https://support.microsoft.com/en-gb/help/13853/windows-lifecycle-fact-sheet March Feature Updates: Serviced for 18 months from release date September
Feature Updates: Serviced for 30 months from release date
References:
https://www.windowscentral.com/whats-difference-between-quality-updates-and-feature-updates-windows-10

NEW QUESTION 169

HOTSPOT - (Topic 1)
You need to meet the Intune requirements for the Windows 10 devices.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/intune/windows-enroll

NEW QUESTION 170

- (Topic 6)
You are testing a data loss prevention (DLP) policy to protect the sharing of credit card information with external users.
During testing, you discover that a user can share credit card information with external users by using email. However, the user is prevented from sharing files that
contain credit card information by using Microsoft SharePoint.
You need to prevent the user from sharing the credit card information by using email and SharePoint.
What should you configure?

A. the status of the DLP policy

B. the user overrides of the DLP policy rule
C. the locations of the DLP policy
D. the conditions of the DLP policy rule

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Answer: D

NEW QUESTION 174

- (Topic 6)
You have a Microsoft 365 E5 subscription.
You create a Conditional Access policy that blocks access to an app named App1 when users trigger a high-risk sign-in event.
You need to reduce false positives for impossible travel when the users sign in from the corporate network.
What should you configure?

A. exclusion groups
B. multi-factor authentication (MFA)
C. named locations
D. user risk policies

Answer: C

NEW QUESTION 176

- (Topic 6)
You have a Microsoft 365 E5 tenant.
You plan to deploy a monitoring solution that meets the following requirements:
? Captures Microsoft Teams channel messages that contain threatening or violent language.
? Alerts a reviewer when a threatening or violent message is identified.
What should you include in the solution?

A. Data Subject Requests (DSRs)

B. Insider risk management policies
C. Communication compliance policies
D. Audit log retention policies

Answer: C

NEW QUESTION 178

HOTSPOT - (Topic 6)
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.

All the groups are deleted.

Which groups can be restored, and what is the retention period? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Box 1: Group3 only

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Box 2: 30 days
If you've deleted a group, it will be retained for 30 days by default. This 30-day period is considered a "soft-delete" because you can still restore the group. After 30
days, the group and its associated contents are permanently deleted and cannot be restored.

NEW QUESTION 180

- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a
result, these questions will not appear in the review screen.
You have a computer that runs Windows 10.
You need to verify which version of Windows 10 is installed.
Solution: From the Settings app, you select System, and then you select About to view information about the system.
Does this meet the goal?

A. Yes
B. No

Answer: A

Explanation:
Reference:
https://support.microsoft.com/en-us/windows/which-version-of-windows-operating-system-am-i-running-628bec99-476a-2c13-5296-9dd081cdd808

NEW QUESTION 182

- (Topic 6)
You have a Microsoft 365 E5 tenant that uses Microsoft Intune.
You need to ensure that users can select a department when they enroll their device in Intune.
What should you create?

A. scope tags
B. device configuration profiles
C. device categories
D. device compliance policies

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/device-group-mapping

NEW QUESTION 185

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription that includes the following active eDiscovery case:
? Name: Case1
? Included content: Group1, User1, Site1
? Hold location: Exchange mailboxes, SharePoint sites, Exchange public folders
The investigation for Case1 completes, and you close the case.
What occurs after you close Case1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 189

HOTSPOT - (Topic 6)
You have a Microsoft 365 subscription that contains a user named User1 and a Microsoft SharePoint Online site named Site1. User1 is assigned the Owner role
for Site1. To Site1, you publish the file plan retention labels shown in the following table.

Site1 contains the files shown in the following table.

Which files can User1 rename, and which files can User1 delete? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

NEW QUESTION 192

- (Topic 6)
Your network contains an Active Directory forest named contoso.local. You purchase a Microsoft 365 subscription.
You plan to move to Microsoft 365 and to implement a hybrid deployment solution for the next 12 months.
You need to prepare for the planned move to Microsoft 365.
What is the best action to perform before you implement directory synchronization? More than one answer choice may achieve the goal. Select the BEST answer.

A. Purchase a third-party X.509 certificate.

B. Create an external forest trust.
C. Rename the Active Directory forest.
D. Purchase a custom domain name.

Answer: D

Explanation:
The first thing you need to do before you implement directory synchronization is to purchase a custom domain name. This could be the domain name that you use
in your on- premise Active Directory if it’s a routable domain name, for example, contoso.com.
If you use a non-routable domain name in your Active Directory, for example contoso.local, you’ll need to add the routable domain name as a UPN suffix in Active
Directory.
Incorrect:
Not C: No need to rename the Active Directory forest. As we use a non-routable domain name contoso.local, we just need to add the routable domain name as a
UPN suffix in Active Directory.
Reference:
https://docs.microsoft.com/en-us/office365/enterprise/set-up-directory-synchronization

NEW QUESTION 193

HOTSPOT - (Topic 6)
You have a Microsoft 365 subscription that contains the users shown in the following table.

You configure an Enrollment Status Page profile as shown in the following exhibit.

You assign the policy to Group1.

You purchase the devices shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 198

HOTSPOT - (Topic 6)
You use Microsoft Defender for Endpoint.
You have the Microsoft Defender for Endpoint device groups shown in the following table

You plan to onboard computers to Microsoft Defender for Endpoint as shown in the following table.

A. Mastered
B. Not Mastered

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Answer: A

Explanation:

NEW QUESTION 200

HOTSPOT - (Topic 6)
You have a Microsoft 365 E5 subscription.
All corporate Windows 11 devices are managed by using Microsoft Intune and onboarded to Microsoft Defender for Endpoint.
You need to meet the following requirements:
* View an assessment of the device configurations against the Center for Internet Security (CIS) vl.0.0 benchmark.
• Protect a folder named C:\Folder1 from being accessed by untrusted applications on the devices.
What should you do? To answer, select the appropriate options in the answer area.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 204

- (Topic 6)
You have a Microsoft 365 E5 subscription that contains the labels shown in the following table.

You have the items shown in the following table.

Which items can you view in Content explorer?

A. File1 only

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

B. File1 and File2 only

C. File1 and Mail! only
D. File2 and Mail2 only
E. File1, File2, Mail1, and Mail2

Answer: C

NEW QUESTION 209

- (Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain. The domain contains domain controllers that run Windows Server 2019. The functional level of the
forest and the domain is Windows Server 2012 R2.
The domain contains 100 computers that run Windows 10 and a member server named Server1 that runs Windows Server 2012 R2.
You plan to use Server1 to manage the domain and to configure Windows 10 Group Policy
settings.
You install the Group Policy Management Console (GPMC) on Server1.
You need to configure the Windows Update for Business Group Policy settings on Server1. Solution: You upgrade Server1 to Windows Server 2019.
Does this meet the goal?

A. yes
B. No

Answer: A

NEW QUESTION 212

......

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM MS-102 Dumps From Exambible
https://www.exambible.com/MS-102-exam/ (312 Q&As)

Relate Links

100% Pass Your MS-102 Exam with Exambible Prep Materials

https://www.exambible.com/MS-102-exam/

Contact us

We are proud of our high-quality customer service, which serves you around the clock 24/7.

Viste - https://www.exambible.com/

Your Partner of IT Exam visit - https://www.exambible.com

Powered by TCPDF (www.tcpdf.org)