Free Microsoft 365 Mobility and Security MS-101 Exam Practice Test

You need to protect the U.S. PII data to meet the technical requirements.What should you create?

• a data loss prevention (DLP) policy that contains a domain exception
• a Security & Compliance retention policy that detects content containing sensitive data
• a Security & Compliance alert policy that contains an activity
• a data loss prevention (DLP) policy that contains a user override

Your company has digitally signed applications.You need to ensure that Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) considers the digitally signed applications safe and never analyzes them.What should you create in the Microsoft Defender Security Center?

• a custom detection rule
• an allowed/blocked list rule
• an alert suppression rule
• an indicator

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it As a result, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain contains domain controllers that run Windows Server 2019. The functional level of the forest and the domain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server named Server1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policy settings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1.Solution: You raise the domain functional level to Windows Server 2019. You copy the Group Policy Administrative Templates from a Windows 10 computer to the Netlogon share on all the domain controllers.Does this meet the goal?

• Yes
• No

You have a Microsoft 365 subscription.You need to be notified if users receive email containing a file that has a virus.What should you do?

• From the Exchange admin center, create an in-place eDiscovery & hold.
• From the Security & Compliance admin center, create a data governance event.
• From the Exchange admin center, create an anti-malware policy.
• From the Security & Compliance admin center, create a safe attachments policy.

You have a Microsoft 365 subscription.You plan to connect to Microsoft Exchange Online PowerShell and run the following cmdlets:Search-MailboxAuditLogTest-ClientAccessRuleSet-GroupMailboxGet-MailboxWhich cmdlet will generate an entry in the Microsoft Office 365 audit log?

• Search-MailboxAuditLog
• Test-ClientAccessRule
• Set-GroupMailbox
• Get-Mailbox D18912E1457D5D1DDCBD40AB3BF70D5D

Your company has a Microsoft 365 subscription. The subscription contains 500 devices that run Windows 10 and 100 devices that run iOS.You need to create Microsoft Intune device configuration profiles to meet the following requirements:* Configure Wi-Fi connectivity to a secured network named ContosoNet.* Require passwords of at least six characters to lock the devices.What is the minimum number of device configuration profiles that you should create?

• 1
• 4
• 2

Your company has a Microsoft 365 E5 subscription.Users in the research department work with sensitive data.You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.What should you do from the Security & Compliance admin center?

• Create a data toss prevention (DLP) policy that has a Content is shared condition.
• Modify the default safe links policy.
• Create a data loss prevention (DLP) policy that has a Content contains condition.
• Create a new safe links policy.

You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy.You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps.Which policy type should you configure?

• conditional access
• account protection
• attack surface reduction (ASR)
• Endpoint detection and response

You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.onmicrost.com.You have a Microsoft 365 subscription.You need to ensure that administrations in your organization can manage the configuration settings for the Windows 10 device in your organization.What should you configure?

• Windows enrollment settings
• Mobile device management (MDM) authority
• Exchange on-permission access settings
• Enrollment restriction

You plan to use Azure Sentinel and Microsoft Cloud App Security. You need to connect Cloud App Security to Azure Sentinel.What should you do in the Cloud App Security admin center?

• From Automatic log upload, add a log collector.
• From Automatic log upload, add a data source.
• From Connected apps, add an app connector.
• From Security extension, add a SIEM agent.