[2021] Pass Microsoft MS-101 Test Practice Test Questions Exam Dumps [Q24-Q48]

[2021] Pass Microsoft MS-101 Test Practice Test Questions Exam Dumps

Verified MS-101 dumps Q&As - MS-101 dumps with Correct Answers

Main Skills Tested in Microsoft MS-101 Exam

The process of obtaining this expert-level badge requires applicants to spend enough time on studies. And the first step for you to do in this case is to get the MS-101 exam’s blueprint to identify the concepts covered and create a learning plan according to this list. Below, you will find complete details on each included topic and its connected subtopics:

Implementation of modern device services– in this chapter, you will discover concepts related to mobile device management implementation and device compliance management. Also, exam-takers will learn how to create effective planning for devices and applications. Finally, they will become able to handle Windows 10 deployment.
Microsoft 365 governance and compliance management – this is the final section of the assessment that is also divided into several subtopics. When they reach this section, candidates will need to understand how to configure Data Loss Prevention and implement sensitivity labels. Also, they will learn more about data governance, audit procedures, and eDiscovery services.
Implementation of Microsoft 365 security and threat management – IT specialists will need to learn how to implement Cloud App Security, threat management, and Microsoft Defender Advanced Threat Protection. Another skill involved in this domain focuses on monitoring security reports and alerts.

Microsoft MS-101: Exam Details

The Microsoft MS-101: Microsoft 365 Mobility & Security exam is available in two languages: English and Japanese. The test evaluates the expertise of the individuals in implementing contemporary device services, managing Microsoft 365 compliance and governance, as well as implementing Microsoft 365 threat management and security. The candidates must pay the fee of $165 to register for this certification exam. Microsoft does not provide any information about the details of its tests. However, the question formats that are common in the delivery of its exams, including Microsoft MS-101, are multiple choice, build list, active screen, short answer, best answer, and case studies, among others. The number of questions that may be included in the test is between 40 and 60. The allocated time is 2 hours.

NEW QUESTION 24
You have a Microsoft 365 subscription.
You are planning a threat management solution for your organization.
You need to minimize the likelihood that users will be affected by the following threats:
Opening files in Microsoft SharePoint that contain malicious content
Impersonation and spoofing attacks in email messages
Which policies should you create in the Security & Compliance admin center? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp#configure-atp-policies

NEW QUESTION 25
You have a Microsoft 365 subscription.
All users are assigned Microsoft Azure Active Directory Premium licenses.
From the Device Management admin center, you set Microsoft Intune as the MDM authority.
You need to ensure that when the members of a group named Marketing join a device to Azure Active Directory (Azure AD), the device is enrolled automatically in Intune. The Marketing group members must be limited to five devices enrolled in Intune.
Which two options should you use to perform the configurations? To answer, select the appropriate blades in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Device enrollment manager (DEM) is an Intune permission that can be applied to an Azure AD user account and lets the user enroll up to 1,000 devices You can create and manage enrollment restrictions that define what devices can enroll into management with Intune, including the:
* Number of devices.
* Operating systems and versions.
The Marketing group members must be limited to five devices enrolled in Intune References:
https://docs.microsoft.com/en-us/intune/enrollment/device-enrollment-manager-enroll
https://docs.microsoft.com/en-us/intune/enrollment/enrollment-restrictions-set

NEW QUESTION 26
You are testing a data loss prevention (DLP) policy to protect the sharing of credit card information with external users.
During testing, you discover that a user can share credit card information with external users by using email.
However, the user is prevented from sharing files that contain credit card information by using Microsoft SharePoint Online.
You need to prevent the user from sharing the credit card information by using email and SharePoint.
What should you configure?

A. the status of the DLP policy
B. the user overrides of the DLP policy rule
C. the conditions of the DLP policy rule
D. the locations of the DLP policy

Answer: D

Explanation:
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies

NEW QUESTION 27
Your company has a Microsoft 36S subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The company stores 2 TBs of data in SharePoint Online document libraries.
The tenant has the labels shown in the following table.

From the Azure portal, you active unified labeling.
For each of the following statements, select yes if the statement is true Otherwise , select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 28
You have 100 computers that run Windows 8.1 and are enrolled in Upgrade Readiness.
Two of the computers are configured as shown in the following table.

From Upgrade Readiness, you view the applications shown in the following table.

You enroll a computer named Computer3 in Upgrade Readiness. Computer3 has the following configurations:
* 8 GB of memory
* 64-bit architecture
* An application named App3 installed
App3 is installed on Computer3 only.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 29
Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.

You create a retention label named Label1 that has the following configurations:
Retains content for five years
Automatically deletes all content that is older than five years
You turn on Auto labeling for Label1 by using a policy named Policy1. Policy1 has the following configurations:
Applies to content that contains the word Merger
Specifies the OneDrive accounts and SharePoint sites locations
You run the following command.
Set-RetentionCompliancePolicy Policy1 -RestrictiveRetention $true -Force For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-retention/set-retentioncompliancepolicy?view=exchange-ps

NEW QUESTION 30
You deploy Microsoft Azure Information Protection.
You need to ensure that a security administrator named SecAdmin1 can always read and inspect data
protected by Azure Rights Management (Azure RMS).
What should you do?

A. From the Azure Active Directory admin center, add User1 to the Security Reader role group.
B. From Windows PowerShell, enable the super user feature and assign the role to SecAdmin1.
C. From the Security & Compliance admin center, add User1 to the eDiscovery Manager role group.
D. From the Security & Compliance admin center, add User1 to the Compliance Administrator role group.

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-super-users

NEW QUESTION 31
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.
Your company purchases a Microsoft 365 subscription.
You need to ensure that User1 is assigned the required role to create file policies and manage alerts in the Cloud App Security admin center.
Solution: From the Cloud App Security admin center, you assign the App/instance admin role for all Microsoft Online Services to User1.
Does this meet the goal?

A. No
B. Yes

Answer: A

Explanation:
Section: [none]
Explanation:
App/instance admin: Has full or read-only permissions to all of the data in Microsoft Cloud App Security that deals exclusively with the specific app or instance of an app selected.
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/manage-admins

NEW QUESTION 32
You create two device compliance policies for Android devices as shown in the following table.

The users belong to the groups shown in the following table.

The users enroll their device in Microsoft Intune.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-android

NEW QUESTION 33
You have a Microsoft 365 tenant named contoso.com. The tenant contains the users shown in the following table.

You have the eDiscovery cases shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/microsoft-365/compliance/assign-ediscovery-permissions

NEW QUESTION 34
You have a Microsoft 365 tenant.
You plan to create a retention policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 35
From the Security & Compliance admin center, you create a retention policy named Policy1.
You need to prevent all users from disabling the policy or reducing the retention period.
Which command should you run? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-retention/set-retentioncompliancepolicy?view=exchange-ps

NEW QUESTION 36
You have a Microsoft 365 E5 tenant.
You need to ensure that administrators are notified when a user receives an email message that contains malware. The solution must use the principle of least privilege.
Which type of policy should you create and which Microsoft 365 compliance center role is required to create the pokey? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 37
From the Security & Compliance admin center, you create a retention policy named Policy1.
You need to prevent all users from disabling the policy or reducing the retention period.
Which command should you run? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-retention/set-retentioncom

NEW QUESTION 38
Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.
The company purchases a cloud app named App1 that supports Microsoft Cloud App Security monitoring.
You configure App1 to be available from the My Apps portal.
You need to ensure that you can monitor App1 from Cloud App Security.
What should you do?

A. From the Azure Active Directory admin center, create an app registration.
B. From the Endpoint Management admin center, create an app configuration policy.
C. From the Endpoint Management admin center, create an app protection policy.
D. From the Azure Active Directory admin center, create a conditional access policy.

Answer: D

Explanation:
Section: [none]

NEW QUESTION 39
You have a Microsoft 365 subscription.
You recently configured a Microsoft SharePoint Online tenant in the subscription.
You plan to create an alert policy.
You need to ensure that an alert is generated only when malware is detected in more than five documents stored in SharePoint Online during a period of 10 minutes.
What should you do first?

A. Deploy Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)
B. Enable Microsoft Office 365 Analytics.
C. Enable Microsoft Office 365 Cloud App Security.

Answer: C

Explanation:
Section: [none]
Explanation/Reference:
https://docs.microsoft.com/en-us/cloud-app-security/use-case-admin-quarantine

NEW QUESTION 40
You plan to allow users from the engineering department to enroll their mobile device in mobile device management (MDM).
The device type restrictions are configured as shown in the following table.

The device limit restrictions are configured as shown in the following table.

What is the effective configuration for the members of the Engineering group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 41
You have a Microsoft 365 subscription.
From the Security & Compliance admin center, you create a content search of all the mailboxes that contain the work ProjectX.
You need to export the results of the content search.
What do you need to download the report?

A. an export key
B. a password
C. a user certificate
D. a certification authority (CA) certificate

Answer: A

Explanation:
Explanation/Reference:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/export-search-results

NEW QUESTION 42
You have a Microsoft 365 subscription.
From the Security & Compliance admin center, you create a content search of a mailbox.
You need to view the content of the mail messages found by the search as quickly as possible.
What should you select from the Content search settings?

A. Export results
B. View results
C. Export report
D. Re-run

Answer: A

Explanation:
Explanation
There is no 'View Results" option. You can preview results but that will only show up to 100 emails. To guarantee you're getting all results, you'll need to export them to a PST file.
References:
https://docs.microsoft.com/en-us/microsoft-365/compliance/limits-for-content-search

NEW QUESTION 43
You purchase a new Microsoft 365 subscription.
You create 100 users who are assigned Microsoft 365 E3 licenses.
From the Security & Compliance admin center, you enable auditing.
Six months later, a manager sends you an email message asking the following questions:
Question1: Who created a team named Team1 14 days ago?
Question2: Who signed in to the mailbox of User1 30 days ago?
Question3: Who changed the site collection administrators of a site 60 days ago?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance?redirectSourcePath=%252farticle%252f0d4d0f35-390b-4518-800e-0c7ec95e946c
https://docs.microsoft.com/en-us/office365/securitycompliance/enable-mailbox-auditing

NEW QUESTION 44
Your network contains an Active Directory forest named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).
You use Microsoft System Center Configuration Manager (Current Branch) for device management.
You have the Windows 10 devices shown in the following table.

You configure Configuration Manager co-management as follows:
* Automatic enrollment in Intune: Pilot
* Pilot collection: Collection2
You configure co-management workloads as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

NEW QUESTION 45
You need to ensure that User1 can enroll the devices to meet the technical requirements. What should you do?

A. From the Intune admin center, add User1 as a device enrollment manager.
B. From the Azure Active Directory admin center, configure the Maximum number of devices per user setting.
C. From the Azure Active Directory admin center, assign User1 the Cloud device administrator rote.
D. From the Intune admin center, configure the Enrollment restrictions.

Answer: A

Explanation:
Explanation
References:
https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/enroll-devices-with-device-enrollment-manager

NEW QUESTION 46
You configure a data loss prevention (DLP) policy named DLP1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Using a retention label in a policy is only supported for items in SharePoint Online and OneDrive for Business.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide

NEW QUESTION 47
You have a Microsoft Office 365 subscription.
You need to delegate eDiscovery tasks as shown in the following table.

The solution must follow the principle of the least privilege.
To which role group should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.