Ask Question
Microsoft MS-900 Practice Test - Questions Answers, Page 17
List of questions
Question 161
You are a Microsoft 365 administrator for a company.
You need to ensure that company documents are marked as confidential. You must prevent employees from sharing documents with people outside the company. What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Validate outbound emails by using DomainKeys Identified Mail (DKIM)
Create sensitive information types
Configure Secure/Multipurpose Internet Mail Extensions (S/MIME) settings for Outlook
Create a data-loss prevention policy
Apply sensitivity labels to documents
Explanation:
B: Sensitive information types can also be used with the Azure Information Protection scanner to classify and protect files on premises. Sensitive information types define how the automated process recognizes specific information types such as health service numbers and credit card numbers.
E: With sensitivity labels you can classify and help protect your sensitive content. Protection options include labels, watermarks, and encryption.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/protect-information
Question 162
You are the Microsoft 365 administrator for a company.
An employee requests personal data under General Data Protection Regulation (GDPR) guidelines.
You need to retrieve data for the employee.
What should you do?
Create a data subject request case.
Create a retention policy.
Create a data-loss prevention policy.
Create a GDPR assessment.
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-office365
Question 163
A company has a Microsoft 365 subscription. Employees are permitted to use devices that the company does not own to access company data in the cloud.You need to restrict employees from copying data to personal OneDrive folders. What should you use?
Information Rights Management
Microsoft Azure Security Center
Microsoft Defender for Office 365
Microsoft Endpoint Manager
Explanation:
Reference: https://docs.microsoft.com/en-us/intune/app-protection-policy
Question 164
You are the network administrator of a company.
The Microsoft 365 tenant contains sensitive information. Employees must verify their identities when they sign into Microsoft 365 by providing information in addition to their Azure AD password. You need to select the tools that employees can use to verify their identities.
Which two tools should you select? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Customer Lockbox for Office 365
Azure Security Center
Windows Hello for Business
Microsoft Authenticator
Explanation:
Two-step authentication can be implemented by using Windows Hello for Business or Microsoft Authenticator.
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-manage-in-organization https://support.microsoft.com/en-us/help/4026727/microsoft-account-how-to-use-the-microsoft-authenticator-app
Question 165
You need to move videos to a Microsoft 365 tenant and ensure that the contents are automatically transcribed. Which Microsoft 365 service should you use?
Yammer
Stream
Flow
Explanation:
Microsoft Stream is used for video services, and includes deep search within automatic audio transcription.
Reference:
https://docs.microsoft.com/en-us/stream/office-365-video-feature-breakdown
Question 166
An organization uses Microsoft 365 Business to secure their data.
Many users install the organization's data on their personal tablets and phones.
You need to protect the organization's data stored on users' devices.
Which three features support device security? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Remotely wiping company data
Enabling Advanced Threat Protection for users
Disabling the device remotely
Automatically deleting files after 90 days of inactivity
Requiring users to have a PIN on their device
Explanation:
You can manage many of the Microsoft 365 Business security features in the admin center, which gives you a simplified way to turn these features on or off. In the admin center, you can do the following:
Set application management settings for Android or iOS devices.
These settings include deleting files from an inactive device after a set period, encrypting work files, requiring that users set a PIN, and so on. Set application protection settings for Windows 10 devices.
These settings can be applied to company data on both company-owned, or personally owned devices. Set device protection settings for Windows 10 devices. You can enable BitLocker encryption to help protect data in case a device is lost or stolen, and enable Windows Exploit Guard to provide advanced protection against ransomware. Remove company data from devices. You can remotely wipe company data if a device is lost, stolen, or an employee leaves your company.
Reset Windows 10 devices to their factory settings.
You can reset any Windows 10 devices that have device protection settings applied to them.
Reference: https://docs.microsoft.com/en-us/microsoft-365/business/security-features
Question 167
This question-requires that you evaluate the underlined text to determine if it is correct.
You use Microsoft Intune for device management. You must determine how many devices run each operating system. You must launch Intune and navigate to the Mobile Apps blade.
Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.
Device configuration
Device compliance
No change is needed
Devices
Explanation:
Reference: https://docs.microsoft.com/en-us/intune/device-inventory
Question 168
You are the Microsoft 365 administrator for a company.
You need to ensure that users receive a warning message if they select links in emails that might be unsafe. What should you do?
Use Windows PowerShell to install the latest antimalware engine updates
Enable Microsoft Office 365 Advanced Threat Protection
Use the Microsoft Exchange Admin Center to configure a new spam-filter policy
Use the Microsoft Exchange Admin Center to create a new antimalware policy
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/atp-safe-links
Question 169
A business acquaintance from another company sends you a document that is encrypted by Azure Information Protection (AIP). You are unable to open the document because the user account cannot be authenticated by the company's Azure Active Directory. You need to access the document.
What should you do?
Implement Azure Rights Management (RMS) for individuals for the user account.
Implement Information Rights Management (IRM) for the Office application.
Upgrade your account to include AIP for Office 365.
Explanation:
Reference: https://docs.microsoft.com/en-us/azure/information-protection/rms-for-individuals
Question 170
A company deploys Microsoft Azure AD. You enable multi-factor authentication.
You need to inform users about the multi-factor authentication methods that they can use.
Which of the following methods is NOT a valid multi-factor authentication method in Microsoft 365?
Receive an automated call on the desk phone that includes a verification code
Insert a small card in to a desktop computer and provide a PIN code when prompted
Receive a call on a mobile phone and select the pound sign (#) when prompted
Receive an SMS text message that includes a verification code
Explanation:
Reference: http://techgenix.com/multifactor-authentication-office-365/
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
.png)
Question