MS-101 | Microsoft MS-101 Tutorials 2021

NEW QUESTION 1
You use Microsoft System Center Configuration Manager (Current Branch) to manage devices. Your company uses the following types of devices:
•Windows 10
•Windows 8.1
•Android
• iOS
Which devices can be managed by using co-management?

• A. Windows 10 and Windows 8.1 only
• B. Windows 10, Android, and iOS only
• C. Windows 10 only
• D. Windows 10, Windows 8.1, Android, and iOS

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/sccm/core/plan-design/choose-a-device-management-solution#bkmk_intune

NEW QUESTION 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com that is synced to Microsoft
Azure Active Directory (Azure AD).
You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).
You configure pilot co-management
You add a new device named Device 1 to the domain. You install the Configuration Manager client on Device1.
You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.
Solution: You add Device1 to a Configuration Manager device collection. Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 3
HOTSPOT
Your company uses Windows Defender Advanced Threat Protection (ATP). Windows Defender ATP includes the machine groups shown in the following table.

You onboard a computer named computer1 to Windows Defender ATP as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 4
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are deploying Microsoft Intune.
You successfully enroll Windows 10 devices in Intune.
When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You create the Mobility (MDM and MAM) settings. Does this meet the goal?

• A. Yes
• B. No

Answer: B

NEW QUESTION 5
The users at your company use Dropbox to store documents. The users access Dropbox by using the MyApps portal.
You need to ensure that user access to Dropbox is authenticated by using a Microsoft 365 identify. The documents must be protected if the data is downloaded to an untrusted device.
What should you do?

• A. From the Intune admin center, configure the Conditional access settings.
• B. From the Azure Active Directory admin center, configure the Organizational relationships settings
• C. From the Azure Active Directory admin center, configure the Application proxy settings.
• D. From the Azure Active Directory admin center, configure the Devices settings.

Answer: B

NEW QUESTION 6
HOTSPOT
You have three devices enrolled in Microsoft Intune as shown in the following table.

The device compliance policies in Intune are configured as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 7
HOTSPOT
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
A user named User1 has files on a Windows 10 device as shown in the following table.

In Azure Information Protection, you create a label named Label1 that is configured to apply automatically. Label1 is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-classification

NEW QUESTION 8
Your company has a Microsoft 365 tenant.
The company sells products online and processes credit card information.
You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents.
What should you use?

• A. a Security & Compliance data loss prevention (DLP) policy
• B. a Microsoft Cloud App Security access policy
• C. a Security & Compliance retention policy
• D. a Microsoft Cloud App Security file policy

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies

NEW QUESTION 9
You need to protect the U.S. PII data to meet the technical requirements. What should you create?

• A. a data loss prevention (DLP) policy that contains a domain exception
• B. a Security & Compliance retention policy that detects content containing sensitive data
• C. a Security & Compliance alert policy that contains an activity
• D. a data loss prevention (DLP) policy that contains a user override

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/create-activity-alerts

NEW QUESTION 10
HOTSPOT
You have a data loss prevention (DIP) policy.
You need to increase the likelihood that the DLP policy will apply to data that contains medical terms from the International Classification of Diseases (ICD-9-CM). The solution must minimize the number of false positives.
Which two settings should you modify? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies https://docs.microsoft.com/en-us/office365/securitycompliance/what-the-sensitive-inHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/what-the-sensitive-information-types-look-for#international-classification-of-diseases-icd-9-cm"formation-types-look-for#international-classification-of-diseases-icd-9-cm

NEW QUESTION 11
Your company has five security information and event management (SIEM) appliances. The traffic logs from each appliance are saved to a file share named Logs.
You need to analyze the traffic logs.
What should you do from Microsoft Cloud App Security?

• A. Click Investigate, and then click Activity log.
• B. Click Control, and then click Policie
• C. Create a file policy.
• D. Click Discover, and then click Create snapshot report.
• E. Click Investigate, and then click Files.

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/investigate-an-activity-in-office- 365-cas

NEW QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
From the Security & Compliance admin center, you create a role group named US eDiscovery Managers by copying the eDiscovery Manager role group.
You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States.
Solution: From Windows PowerShell, you run the New-AzureRmRoleAssignment cmdlet with the appropriate parameters.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

Explanation:
References:
https://docs.microsoft.com/en-us/powershell/module/azurerm.resources/new- azurermroleassignment?
view=azurermps-6.13.0

NEW QUESTION 13
HOTSPOT
You have a new Microsoft 365 subscription.
A user named User1 has a mailbox in Microsoft Exchange Online.
You need to log any changes to the mailbox folder permissions of User1.
Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://support.microsoft.com/en-us/help/4026501/office-auditing-in-office-365-for-admins https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set- mailbox?view=exchange-ps

NEW QUESTION 14
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals- Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.
You need to be notified if the SharePoint sharing policy is modified in the future.
Solution: From the Security & Compliance admin center, you create a threat management policy. Does this meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION 15
Your network contains an on premises Active Directory domain.
Your company has a security policy that prevents additional software from txnrwj installed on domain controllers.
You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP). What should you do? More than one answer choice may achieve the goal. Select the BEST answer.

• A. Deploy an Azure ATP sensor, and then configure port mirroring.
• B. Deploy an Azure ATP sensor, and then configure detections.
• C. Deploy an Azure ATP standalone sensor, and then configure detections.
• D. Deploy an Azure ATP standalone sensor, and then configure port mirroring.

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/instHYPERLINK "https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5"all-atp-step5

NEW QUESTION 16
HOTSPOT
As of March, how long will the computers in each office remain supported by Microsoft? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://www.windowscentral.com/whats-difference-HYPERLINK "https://www.windowscentral.com/whats-difference-between-quality-updates-and-feature-updates-windows-10"between-quality-updates-and-feature-updates-windows-10

NEW QUESTION 17
You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department’s Microsoft SharePoint site.
What should you do?

• A. From the Security & Compliance admin center, create an alert policy.
• B. From the SharePoint site, create an alert.
• C. From the SharePoint admin center, modify the sharing settings.
• D. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/create-activity-alerts

NEW QUESTION 18
You need to meet the compliance requirements for the Windows 10 devices. What should you create from the Intune admin center?

• A. a device compliance policy
• B. a device configuration profile
• C. an application policy
• D. an app configuration policy

Answer: D

NEW QUESTION 19
Which report should the New York office auditors view?

• A. DLP policy matches
• B. DLP false positives and overrides
• C. DLP incidents
• D. Top Senders and Recipients

Answer: C

Explanation:
References:
https://docs.microsoft.com/en-us/office365/sHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies"ecuritycompliance/data-loss- prevention-policies

NEW QUESTION 20
You have a Microsoft 365 subscription.
You need to view the IP address from which a user synced a Microsoft SharePoint library.
What should you do?

• A. From the SharePoint admin center, view the usage reports.
• B. From the Security & Compliance admin center, perform an audit log search.
• C. From the Microsoft 365 admin center, view the usage reports.
• D. From the Microsoft 365 admin center, view the properties of the user’s user account.

Answer: B

Explanation:
References:
https://docs.microsoft.com/enHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance"- us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance

NEW QUESTION 21
HOTSPOT
You have three devices enrolled in Microsoft Intune as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 22
HOTSPOT
You configure an anti-phishing policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies#learn-about-HYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies#learn-about-atp-anti-phishing-policy-options"atp-anti-phishing-policy-options

NEW QUESTION 23
HOTSPOT
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.

The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups-tHYPERLINK "https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of- role-groups-to-assigned-roles"o-assigned-roles

NEW QUESTION 24
......