Skip to Content

MS-101 Microsoft 365 Mobility and Security Exam Questions and Answers – Page 2

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

The latest MS-101 Microsoft 365 Mobility and Security certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the MS-101 Microsoft 365 Mobility and Security exam and earn MS-101 Microsoft 365 Mobility and Security certification.

Exam Question 161

You have a Microsoft 365 subscription.
You plan to enable Microsoft Azure Information Protection.
You need to ensure that only the members of a group named PilotUsers can protect content.
What should you do?

A. Run the Set-AadrmOnboardingControlPolicy cmdlet.
B. Run the Add-AadrmRoleBasedAdministrator cmdlet.
C. Create an Azure Information Protection policy.
D. Configure the protection activation status for Azure Information Protection.
Correct Answer:
C. Create an Azure Information Protection policy.

Exam Question 162

Your company has a Microsoft 365 subscription.
You need to identify which users performed the following privileged administration tasks:

  • Deleted a folder from the second-stage Recycle Bin of Microsoft SharePoint
  • Opened a mailbox of which the user was not the owner
  • Reset a user password

What should you use?

A. Microsoft Azure Active Directory (Azure AD) audit logs
B. Security & Compliance content search
C. Microsoft Azure Active Directory (Azure AD) sign-ins
D. Security & Compliance audit log search
Correct Answer:
A. Microsoft Azure Active Directory (Azure AD) audit logs

Exam Question 163

You have a Microsoft 365 subscription.
You have a user named User1.
You need to ensure that User1 can place a litigation hold on all mailbox content.
Which role should you assign to User1?

A. eDiscovery Manager from the Security & Compliance admin center
B. Compliance Management from the Exchange admin center
C. User management administrator from the Microsoft 365 admin center
D. Information Protection administrator from the Azure Active Directory admin center
Correct Answer:
A. eDiscovery Manager from the Security & Compliance admin center

Exam Question 164

You have a Microsoft 365 subscription.
All users are assigned a Microsoft 365 E3 license.
You enable auditing for your organization.
What is the maximum amount of time data will be retained in the Microsoft 365 audit log?

A. 2 years
B. 1 year
C. 30 days
D. 90 days
Correct Answer:
D. 90 days

Exam Question 165

Your company is based in the United Kingdom (UK).
Users frequently handle data that contains Personally Identifiable Information (PII).
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

If a user attempts to upload a document to a Microsoft SharePoint site, and the document contains one UK passport number, the document will be [answer choice].

  • Allowed
  • Blocked without warning
  • Blocked, but the user can override the policy

If a user attempts to email 100 UK passport numbers to a user in the same company, the email message will be [answer choice].

  • Allowed
  • Blocked without warning
  • Blocked, but the user can override the policy

Correct Answer:

  • If a user attempts to upload a document to a Microsoft SharePoint site, and the document contains one UK passport number, the document will be [blocked, but the user can override the policy].
  • If a user attempts to email 100 UK passport numbers to a user in the same company, the email message will be [blocked without warning].

Exam Question 166

You have a Microsoft 365 subscription that contains all the user data.
You plan to create the retention policy shown in the Locations exhibit. (Click the Locations tab.)
You plan to create the retention policy shown in the Locations exhibit. (Click the Locations tab.)
You configure the Advanced retention settings as shown in the Retention exhibit. (Click the Retention tab.)
You configure the Advanced retention settings as shown in the Retention exhibit. (Click the Retention tab.)
The locations specified in the policy include the groups shown in the following table.

Location Include
Exchange email A distribution group named LegalDL
Office 365 groups A security group named LegalSG

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

  • Any file stored in the Microsoft SharePoint Online group library by a user in the LegalSG group will be stored for five years, and then deleted.
  • An email message that contains the work takeover and is sent by a user in the LegalDL group will be deleted automatically after five years.
  • A user sends an email message that contains the word takeover. The following week, the user is added to the LegalDL group. The message will be deleted automatically after five years.

Correct Answer:

  • Any file stored in the Microsoft SharePoint Online group library by a user in the LegalSG group will be stored for five years, and then deleted: No
  • An email message that contains the work takeover and is sent by a user in the LegalDL group will be deleted automatically after five years: Yes
  • A user sends an email message that contains the word takeover. The following week, the user is added to the LegalDL group. The message will be deleted automatically after five years: Yes

Exam Question 167

You have retention policies in Microsoft 365 as shown in the following table.
You have retention policies in Microsoft 365 as shown in the following table.
Policy1 is configured as shown in the Policy1 exhibit. (Click the Policy1 tab.)
Policy1 is configured as shown in the Policy1 exhibit. (Click the Policy1 tab.)
Policy2 is configured as shown in the Policy2 exhibit. (Click the Policy2 tab.)
Policy2 is configured as shown in the Policy2 exhibit. (Click the Policy2 tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

  • If a user creates a file in Microsoft OneDrive on January 1, 2018, users will be able to access the file on January 15, 2020.
  • If a user deletes a Microsoft OneDrive file that was created on January 1, 2018, an administrator will be able to recover the file on April 15, 2020.
  • If a user deletes a Microsoft OneDrive file that was created on January 1, 2018, an administrator will be able to recover the file on April 15, 2023.

Correct Answer:

  • If a user creates a file in Microsoft OneDrive on January 1, 2018, users will be able to access the file on January 15, 2020: Yes
  • If a user deletes a Microsoft OneDrive file that was created on January 1, 2018, an administrator will be able to recover the file on April 15, 2020: Yes
  • If a user deletes a Microsoft OneDrive file that was created on January 1, 2018, an administrator will be able to recover the file on April 15, 2023: Yes

Exam Question 168

You have a Microsoft 365 subscription.
You configure a data loss prevention (DLP) policy.
You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.
You need to prevent the users from bypassing the DLP policy.
What should you configure?

A. incident reports
B. actions
C. exceptions
D. user overrides
Correct Answer:
D. user overrides

Exam Question 169

You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.
What should you do?

A. From the Security & Compliance admin center, create an eDiscovery case.
B. From the Exchange admin center, create a mail flow rule.
C. From the Security & Compliance admin center, start a message trace.
D. From Microsoft Cloud App Security, create an access policy.
Correct Answer:
A. From the Security & Compliance admin center, create an eDiscovery case.

Exam Question 170

You have a Microsoft 365 E5 subscription.
You run an eDiscovery search that returns the following Azure Rights Management (Azure RMS) – encrypted content:

  • Microsoft Exchange emails
  • Microsoft OneDrive documents
  • Microsoft SharePoint documents

Which content can be decrypted when you export the eDiscovery search results?

A. Exchange emails only
B. SharePoint documents, OneDrive documents, and Exchange emails
C. OneDrive documents only
D. SharePoint documents and OneDrive documents only
E. SharePoint documents only
Correct Answer:
A. Exchange emails only