MS-101 Microsoft 365 Mobility and Security Exam Questions and Answers – Page 2

The latest MS-101 Microsoft 365 Mobility and Security certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the MS-101 Microsoft 365 Mobility and Security exam and earn MS-101 Microsoft 365 Mobility and Security certification.

Exam Question 151

You have a Microsoft 365 tenant named contoso.com. The tenant contains the users shown in the following table.

NameAzure AD roleOffice 365 role group
User1Application administratoreDiscovery Administrator
User2Application administratorOrganization Management
User3Cloud application administratorGlobal Administrator
User4Compliance administratoreDiscovery Manager

You have the eDiscovery cases shown in the following table.

NameCreated by
Case1User1
Case2User2
Case3User3
Case4User4

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

  • User1 can delete Case4
  • User3 can add members to Case2
  • User4 can close Case3

Correct Answer:

  • User1 can delete Case4: Yes
  • User3 can add members to Case2: No
  • User4 can close Case3: No

Exam Question 152

You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.
What should you do?

A. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.
B. From the Security & Compliance admin center, create a label and a label policy.
C. From the Security & Compliance admin center, start a message trace.
D. From Microsoft Cloud App Security, create an activity policy.
Correct Answer:
B. From the Security & Compliance admin center, create a label and a label policy.

Exam Question 153

You have a Microsoft 365 tenant.
You discover that administrative tasks are unavailable in the Microsoft Office 365 audit logs of the tenant.
You run the Get-AdminAuditLogConfig cmdlet and receive the following output:
You run the Get-AdminAuditLogConfig cmdlet and receive the following output.
You need to ensure that administrative tasks are logged in the Office 365 audit logs.
Which attribute should you modify?

A. TestCmdletLoggingEnabled
B. UnifiedAuditLogIngestionEnabled
C. AdminAuditLogEnabled
Correct Answer:
B. UnifiedAuditLogIngestionEnabled

Exam Question 154

You have a new Microsoft 365 subscription.
You need to prevent users from sending email messages that contain Personally Identifiable Information (PII).
Solution: From the Security & Compliance admin center, you create a data loss prevention (DLP) policy.
Does this meet the goal?

A. Yes
B. No
Correct Answer:
A. Yes

Exam Question 155

Your company has a Microsoft 365 tenant.
The company sells products online and processes credit card information.
You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents.
What should you use?

A. a Security & Compliance data loss prevention (DLP) policy
B. a Microsoft Cloud App Security access policy
C. a Security & Compliance retention policy
D. a Microsoft Cloud App Security file policy
Correct Answer:
A. a Security & Compliance data loss prevention (DLP) policy

Exam Question 156

You configure an anti-phishing policy as shown in the following exhibit.
You configure an anti-phishing policy as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

If a message is identified as a domain impersonation, [answer choice]:

  • The message is delivered to the Inbox folder
  • The message is moved to the Deleted Items folder
  • The messages are moved to the Junk Email folder
  • The message is NOT delivered

To reduce the likelihood of the impersonation policy generating false positive, configure [answer choice]:

  • Domain impersonation
  • Enable antispoofing protection
  • Mailbox intelligence

Correct Answer:

  • If a message is identified as a domain impersonation, [The message is NOT delivered].
  • To reduce the likelihood of the impersonation policy generating false positive, configure [Mailbox intelligence].

Exam Question 157

You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department’s Microsoft SharePoint Online site.
What should you do?

A. From the Security & Compliance admin center, create an alert policy.
B. From the SharePoint Online site, create an alert.
C. From the SharePoint Online admin center, modify the sharing settings.
D. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.
Correct Answer:
A. From the Security & Compliance admin center, create an alert policy.

Exam Question 158

You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.

NameTask
User1Download all Security and Compliance reports
User2Create and manage Security and Compliance

The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

User1:

  • Records Management
  • Security Administrator
  • Security Reader
  • Supervisory Review

User2:

  • Compliance Administrator
  • Organization Management
  • Security Administrator
  • Security Reader
  • Supervisory Review

Correct Answer:

  • User1: Security Administrator
  • User2: Compliance Administrator

Exam Question 159

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
Your company implements Windows Information Protection (WIP).
You need to modify which users and applications are affected by WIP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

To modify which users are affected by WIP, configure:

  • The Azure AD app registration
  • The Azure AD device settings
  • The MAM User scope
  • The mobile device management (MDM) authority

To modify which applications are affected by WIP, configure:

  • App configuration policies
  • App protection policies
  • Compliance policies
  • Device configuration profiles

Correct Answer:

  • To modify which users are affected by WIP, configure the MAM User scope
  • To modify which applications are affected by WIP, configure App protection policies

Exam Question 160

You have a Microsoft 365 subscription.
All users are assigned Microsoft Azure Active Directory Premium licenses.
From the Device Management admin center, you set Microsoft Intune as the MDM authority.
You need to ensure that when the members of a group named Marketing join a device to Azure Active Directory (Azure AD), the device is enrolled automatically in Intune. The Marketing group members must be limited to five devices enrolled in Intune.
Which two options should you use to perform the configurations? To answer, select the appropriate blades in the answer area.
NOTE: Each correct selection is worth one point.
Which two options should you use to perform the configurations?

Correct Answer:
Answer: Which two options should you use to perform the configurations?
Answer Description:
Device enrollment manager (DEM) is an Intune permission that can be applied to an Azure AD user account and lets the user enroll up to 1,000 devices
You can create and manage enrollment restrictions that define what devices can enroll into management with Intune, including the:

  • Number of devices.
  • Operating systems and versions.

The Marketing group members must be limited to five devices enrolled in Intune