Home / Microsoft / MS-102

Microsoft MS-102 Practice Test - Questions Answers, Page 14

Question list

List of questions

Question 131

(0)

You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Endpoint Manager. Devices are onboarded by using Microsoft Defender for Endpoint. You pl

Question 132

(0)

HOTSPOT You have a Microsoft 365 subscription that contains three groups named All users, Sales team, and Office users, and two users shown in the following table. In Microsoft Endpoint Manager,

Question 133

(0)

You have a Microsoft 365 tenant that contains a Windows 10 device. The device is onboarded to Microsoft Defender for Endpoint. From Microsoft Defender Security Center, you perform a security invest

Question 134

(0)

You have a Microsoft 365 E5 subscription. You plan to implement Microsoft 365 compliance policies to meet the following requirements: Identify documents that are stored in Microsoft Teams and Shar

Question 135

(0)

HOTSPOT You have a Microsoft 365 E5 subscription that contains the users shown in the following table. In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the

Question 136

(0)

You have a Microsoft 365 tenant. You plan to enable BitLocker Disk Encryption (BitLocker) automatically for all Windows 10 devices that enroll in Microsoft Intune. What should you use?

Question 137

(0)

You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy. You need to ensure that only devices marked as compliant can access M

Question 138

(0)

You have a Microsoft 365 tenant that contains a Windows 10 device named Device1 and the Microsoft Endpoint Manager policies shown in the following table. The policies are assigned to Device1. Wh

Question 139

(0)

HOTSPOT You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices. You plan to attack surface reduction (ASR) rules for the Windows 10 devices. You configure the ASR rules in audit

Question 140

(0)

HOTSPOT You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint. You have devices enrolled in Microsoft Intune as shown in the following table. You plan to use risk

Related questions

HOTSPOT Your company has a Microsoft 365 subscription that contains the users shown in the following table. External collaboration settings have default configuration. You need to identify which users can perform the following administrative tasks: * Modify the password protection policy. * Create guest user accounts. Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains the labels shown in the following table. You have the items shown in the following table. Which items can you view in Content explorer?

HOTSPOT You have a Microsoft 365 E5 subscription that contains 200 Android devices enrolled in Microsoft Intune. You create an Android app protection policy named Policy! that is targeted to all Microsoft apps and assigned to all users. Policy! has the Data protection settings shown in the following exhibit. Use the drop-down menus to select 'he answer choice that completes each statement based on the information presented in the graphic.

You need to ensure that all the sales department users can authenticate successfully during Project1 and Project2. Which authentication strategy should you implement for the pilot projects?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure a pilot for co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: Define a Configuration Manager device collection as the pilot collection. Add Device1 to the collection. Does this meet the goal?

You have a Microsoft 365 subscription that contains the users shown in the following table. You plan to use Exchange Online to manage email for a DNS domain. An administrator adds the DNS domain to the subscription. The DNS domain has a status of Incomplete setup. You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege. Which user should you identify?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen. Your network contains an Active Directory forest. You deploy Microsoft 365. You plan to implement directory synchronization. You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements: * Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable. * User passwords must be 10 characters or more. Solution: Implement pass-through authentication and configure password protection in the Azure AD tenant. Does this meet the goal?

HOTSPOT You have a Microsoft 365 E5 subscription that contains the devices shown in the following table. All the devices are onboarded To Microsoft Defender for Endpoint You plan to use Microsoft Defender Vulnerability Management to meet the following requirements: * Detect operating system vulnerabilities.

You have an Azure AD tenant. You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD. You purchase a Microsoft 365 E3 subscription. You need to deploy Windows 10 Enterprise to the computers. The solution must minimize administrative effort. What should you do?

You have a Microsoft 365 E5 subscription. You create an account tor a new security administrator named SecAdmin1. You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint and OneDrive. Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the Teams Administrator role. Does this meet the goal?

Question 131

You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Endpoint Manager.

Devices are onboarded by using Microsoft Defender for Endpoint.

You plan to block devices based on the results of the machine risk score calculated by Microsoft Defender for Endpoint.

What should you create first?

a device configuration policy

a device compliance policy

a conditional access policy

an endpoint detection and response policy

Show Answer Comment (0)

Question 132

HOTSPOT

You have a Microsoft 365 subscription that contains three groups named All users, Sales team, and Office users, and two users shown in the following table.

In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the following exhibit.

The policies use the settings shown in the following table.

What is the default share folder location for User1 and the default Office theme for User2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 133

You have a Microsoft 365 tenant that contains a Windows 10 device. The device is onboarded to Microsoft Defender for Endpoint.

From Microsoft Defender Security Center, you perform a security investigation.

You need to run a PowerShell script on the device to collect forensic information.

Which action should you select on the device page?

Initiate Live Response Session

Initiate Automated Investigation

Collect investigation package

Go hunt

Show Answer Comment (0)

Question 134

You have a Microsoft 365 E5 subscription.

You plan to implement Microsoft 365 compliance policies to meet the following requirements:

Identify documents that are stored in Microsoft Teams and SharePoint Online that contain Personally Identifiable Information (PII).

Report on shared documents that contain PII.

What should you create?

an alert policy

a data loss prevention (DLP) policy

a retention policy

a Microsoft Cloud App Security policy

Show Answer Comment (0)

Question 135

HOTSPOT

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the following table.

The policies use the settings shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 136

You have a Microsoft 365 tenant.

You plan to enable BitLocker Disk Encryption (BitLocker) automatically for all Windows 10 devices that enroll in Microsoft Intune.

What should you use?

an attack surface reduction (ASR) policy

an app configuration policy

a device compliance policy

a device configuration profile

Show Answer Comment (0)

Question 137

You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy.

You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps.

Which policy type should you configure?

conditional access

account protection

attack surface reduction (ASR)

Endpoint detection and response

Show Answer Comment (0)

Question 138

You have a Microsoft 365 tenant that contains a Windows 10 device named Device1 and the Microsoft Endpoint Manager policies shown in the following table.

The policies are assigned to Device1.

Which policy settings will be applied to Device1?

only the settings of Policy1

only the settings of Policy2

only the settings of Policy3

no settings

Show Answer Comment (0)

Question 139

HOTSPOT

You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices.

You plan to attack surface reduction (ASR) rules for the Windows 10 devices.

You configure the ASR rules in audit mode and collect audit data in a Log Analytics workspace.

You need to find the ASR rules that match the activities on the devices.

How should you complete the Kusto query? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 140

HOTSPOT

You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint.

You have devices enrolled in Microsoft Intune as shown in the following table.

You plan to use risk levels in Microsoft Defender for Endpoint to identify whether a device is compliant. Noncompliant devices must be blocked from accessing corporate resources.

You need to identify which devices can be onboarded to Microsoft Defender for Endpoint, and which Endpoint security policies must be configured.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.