Home > Microsoft > Quizzes > Exam MS-101: Microsoft 365 Mobility and Security
Exam MS-101: Microsoft 365 Mobility and Security
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 26% Most missed: “From the Security & Compliance admin center, you create a content export as show…”
Exam MS-101: Microsoft 365 Mobility and Security
Time left 00:00
25 Questions

1. You have computers that run Windows 10 Enterprise and are joined to the domain. You plan to delay the installation of new Windows builds so that the IT department can test application compatibility. You need to prevent Windows from being updated for the next 30 days. Which Group Policy settings should you configure?
2. You need to meet the technical requirement for the EU PII data. What should you create?
3. You have a Microsoft 365 tenant. You have a line-of-business application named App1 that users access by using the My Apps portal. After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control. You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only. What should you do?
4. You have a Microsoft 365 subscription. You configure a data loss prevention (DLP) policy. You discover that users are incorrectly marking content as false positive and bypassing the DLP policy. You need to prevent the users from bypassing the DLP policy. What should you configure?
5. You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You need to provide a user with the ability to sign up for Microsoft Store for Business for contoso.com. The solution must use the principle of least privilege. Which role should you assign to the user?
6. You need to protect the U.S. PII data to meet the technical requirements. What should you create?
7. You use Microsoft System Center Configuration Manager (Current Branch) to manage devices. Your company uses the following types of devices: Windows 10 Windows 8.1 Android iOS Which devices can be managed by using co-management?
8. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You create a device configuration profile from the Intune admin center. Does this meet the goal?
9. Your company uses Microsoft Azure Advanced Threat Protection (ATP) and Windows Defender ATP. You need to integrate Windows Defender ATP and Azure ATP. What should you do?
10. In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments. Policy1 is configured as shown in the exhibit. (Click the Exhibit tab.) You need to ensure that internal users can email documents that contain US bank account numbers to external users who have an email suffix of contoso.com. What should you configure?
11. Your company has a Microsoft 365 tenant. The company sells products online and processes credit card information. You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents. What should you use?
12. Your company has a Microsoft 365 subscription. You implement Microsoft Azure Information Protection. You need to automatically protect email messages that contain the word Confidential in the subject line. What should you create?
13. You create a new Microsoft 365 subscription and assign Microsoft 365 E3 licenses to 100 users. From the Security & Compliance admin center, you enable auditing. You are planning the auditing strategy. Which activities will be audited by default?
14. Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices. You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States. You plan to onboard all the devices to Windows Defender ATP. You need to store the Windows Defender ATP data in Europe. What should you first?
15. You have a Microsoft 365 tenant. All users are assigned the Enterprise Mobility + Security license. You need to ensure that when users join their device to Microsoft Azure Active Directory (Azure AD), the device is enrolled in Microsoft Intune automatically. What should you configure?
16. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future. Solution: From the SharePoint site, you create an alert. Does this meet the goal?
17. Which report should the New York office auditors view?
18. You have a Microsoft 365 subscription. Your company purchases a new financial application named App1. From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered apps page and discover that many applications have a low score because they are missing information about domain registration and consumer popularity. You need to prevent the missing information from affecting the score. What should you configure from the Cloud Discover settings?
19. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You configure the Apple MDM Push certificate. Does this meet the goal?
20. You plan to use the Security & Compliance admin center to import several PST files into Microsoft 365 mailboxes. Which actions should you perform before you import the data?
21. You have Windows 10 Pro devices that are joined to an Active Directory domain. You plan to create a Microsoft 365 tenant and to upgrade the devices to Windows 10 Enterprise. You are evaluating whether to deploy Windows Hello for Business for SSO to Microsoft 365 services. What are the prerequisites of the deployment?
22. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You add your user account as a device enrollment manager. Does this meet the goal?
23. You deploy Microsoft Azure Information Protection. You need to ensure that a security administrator named SecAdmin1 can always read and inspect data protected by Azure Rights Management (Azure RMS). What should you do?
24. Your company has five security information and event management (SIEM) appliances. The traffic logs from each appliance are saved to a file share named Logs. You need to analyze the traffic logs. What should you do from Microsoft Cloud App Security?
25. You are testing a data loss prevention (DLP) policy to protect the sharing of credit card information with external users. During testing, you discover that a user can share credit card information with external users by using email. However, the user is prevented from sharing files that contain credit card information by using Microsoft SharePoint Online. You need to prevent the user from sharing the credit card information by using email and SharePoint. What should you configure?