The latest MS-101 Microsoft 365 Mobility and Security certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the MS-101 Microsoft 365 Mobility and Security exam and earn MS-101 Microsoft 365 Mobility and Security certification.
Exam Question 151
You have a Microsoft 365 tenant named contoso.com. The tenant contains the users shown in the following table.
| Name | Azure AD role | Office 365 role group |
|---|---|---|
| User1 | Application administrator | eDiscovery Administrator |
| User2 | Application administrator | Organization Management |
| User3 | Cloud application administrator | Global Administrator |
| User4 | Compliance administrator | eDiscovery Manager |
You have the eDiscovery cases shown in the following table.
| Name | Created by |
|---|---|
| Case1 | User1 |
| Case2 | User2 |
| Case3 | User3 |
| Case4 | User4 |
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
- User1 can delete Case4
- User3 can add members to Case2
- User4 can close Case3
Correct Answer:
- User1 can delete Case4: Yes
- User3 can add members to Case2: No
- User4 can close Case3: No
Exam Question 152
You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.
What should you do?
A. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.
B. From the Security & Compliance admin center, create a label and a label policy.
C. From the Security & Compliance admin center, start a message trace.
D. From Microsoft Cloud App Security, create an activity policy.
Correct Answer:
B. From the Security & Compliance admin center, create a label and a label policy.
Exam Question 153
You have a Microsoft 365 tenant.
You discover that administrative tasks are unavailable in the Microsoft Office 365 audit logs of the tenant.
You run the Get-AdminAuditLogConfig cmdlet and receive the following output:
You need to ensure that administrative tasks are logged in the Office 365 audit logs.
Which attribute should you modify?
A. TestCmdletLoggingEnabled
B. UnifiedAuditLogIngestionEnabled
C. AdminAuditLogEnabled
Correct Answer:
B. UnifiedAuditLogIngestionEnabled
Exam Question 154
You have a new Microsoft 365 subscription.
You need to prevent users from sending email messages that contain Personally Identifiable Information (PII).
Solution: From the Security & Compliance admin center, you create a data loss prevention (DLP) policy.
Does this meet the goal?
A. Yes
B. No
Correct Answer:
A. Yes
Exam Question 155
Your company has a Microsoft 365 tenant.
The company sells products online and processes credit card information.
You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents.
What should you use?
A. a Security & Compliance data loss prevention (DLP) policy
B. a Microsoft Cloud App Security access policy
C. a Security & Compliance retention policy
D. a Microsoft Cloud App Security file policy
Correct Answer:
A. a Security & Compliance data loss prevention (DLP) policy
Exam Question 156
You configure an anti-phishing policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
If a message is identified as a domain impersonation, [answer choice]:
- The message is delivered to the Inbox folder
- The message is moved to the Deleted Items folder
- The messages are moved to the Junk Email folder
- The message is NOT delivered
To reduce the likelihood of the impersonation policy generating false positive, configure [answer choice]:
- Domain impersonation
- Enable antispoofing protection
- Mailbox intelligence
Correct Answer:
- If a message is identified as a domain impersonation, [The message is NOT delivered].
- To reduce the likelihood of the impersonation policy generating false positive, configure [Mailbox intelligence].
Exam Question 157
You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department’s Microsoft SharePoint Online site.
What should you do?
A. From the Security & Compliance admin center, create an alert policy.
B. From the SharePoint Online site, create an alert.
C. From the SharePoint Online admin center, modify the sharing settings.
D. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.
Correct Answer:
A. From the Security & Compliance admin center, create an alert policy.
Exam Question 158
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.
| Name | Task |
|---|---|
| User1 | Download all Security and Compliance reports |
| User2 | Create and manage Security and Compliance |
The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
User1:
- Records Management
- Security Administrator
- Security Reader
- Supervisory Review
User2:
- Compliance Administrator
- Organization Management
- Security Administrator
- Security Reader
- Supervisory Review
Correct Answer:
- User1: Security Administrator
- User2: Compliance Administrator
Exam Question 159
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
Your company implements Windows Information Protection (WIP).
You need to modify which users and applications are affected by WIP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
To modify which users are affected by WIP, configure:
- The Azure AD app registration
- The Azure AD device settings
- The MAM User scope
- The mobile device management (MDM) authority
To modify which applications are affected by WIP, configure:
- App configuration policies
- App protection policies
- Compliance policies
- Device configuration profiles
Correct Answer:
- To modify which users are affected by WIP, configure the MAM User scope
- To modify which applications are affected by WIP, configure App protection policies
Exam Question 160
You have a Microsoft 365 subscription.
All users are assigned Microsoft Azure Active Directory Premium licenses.
From the Device Management admin center, you set Microsoft Intune as the MDM authority.
You need to ensure that when the members of a group named Marketing join a device to Azure Active Directory (Azure AD), the device is enrolled automatically in Intune. The Marketing group members must be limited to five devices enrolled in Intune.
Which two options should you use to perform the configurations? To answer, select the appropriate blades in the answer area.
NOTE: Each correct selection is worth one point.
Correct Answer:
Answer Description:
Device enrollment manager (DEM) is an Intune permission that can be applied to an Azure AD user account and lets the user enroll up to 1,000 devices
You can create and manage enrollment restrictions that define what devices can enroll into management with Intune, including the:
- Number of devices.
- Operating systems and versions.
The Marketing group members must be limited to five devices enrolled in Intune