Your company has a Microsoft 365 subscription. The company does not permit users to enroll personal devices in mobile device management (MDM). Users in the sales department have personal iOS devices. You need to ensure that the sales department users can use the Microsoft Power BI app from iOS devices to access the Power BI data in your tenant. The users must be prevented from backing up the app's data to iCloud. What should you create?

B. an app protection policy in Microsoft Endpoint Manager

A. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a device state condition

C. a conditional access policy in Microsoft Azure Active Directory (Azure AD) that has a client apps condition

D. a device compliance policy in Microsoft Endpoint Manager

Your company has a main o ce and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present in the office. What should you include in the configuration?

C. a named location in Azure Active Directory (Azure AD)

You have a Microsoft 365 E5 subscription. Some users are required to use an authenticator app to access Microsoft SharePoint Online. You need to view which users have used an authenticator app to access SharePoint Online. The solution must minimize costs. What should you do?

D. From the Enterprise applications blade of the Azure Active Directory admin center, view the sign-ins.

A. From the Microsoft 365 Security admin center, download a report.

B. From Azure Log Analytics, query the logs.

C. From the Microsoft 365 Security admin center, perform an audit log search.

You have a Microsoft 365 E5 subscription. Some users are required to use an authenticator app to access Microsoft SharePoint Online. You need to view which users have used an authenticator app to access SharePoint Online. The solution must minimize costs. What should you do?

A. From the Azure Active Directory admin center, view the sign-ins.

B. From the Microsoft 365 Security admin center, download a report.

C. From the Enterprise applications blade of the Azure Active Directory admin center, view the audit logs.

D. From the Azure Active Directory admin center, view the authentication methods.

You con gure several Microsoft Defender for O ce 365 policies in a Microsoft 365 subscription. You need to allow a user named User1 to view Defender for O ce 365 reports from the Threat management dashboard. Which role provides User1 with the required role permissions?

B. Information Protection administrator

You have a Microsoft 365 subscription that contains a user named User1. You plan to use Compliance Manager. You need to ensure that User1 can assign Compliance Manager roles to users. The solution must use the principle of least privilege. Which role should you assign to User1?

D. Compliance Manager Administrator

You need to ensure that you can see additional details including the risk level and the risk detection type. What should you do?

A. Purchase Microsoft 365 Enterprise E5 licenses.

B. Activate an instance of Microsoft Defender for Identity.

C. Con gure Diagnostic settings in Azure Active Directory (Azure AD).

D. Deploy Azure Sentinel and add a Microsoft Office 365 connector.

You have a Microsoft 365 E5 subscription. You plan to create a conditional access policy named Policy1. You need to be able to use the sign-in risk level condition in Policy1. What should you do rst?

D. Onboard Azure Active Directory (Azure AD) Identity Protection.

A. Connect Microsoft Endpoint Manager and Microsoft Defender for Endpoint.

B. From the Azure Active Directory admin center, con gure the Diagnostics settings.

C. From the Endpoint Management admin center, create a device compliance policy.

You have a Microsoft 365 tenant that is linked to a hybrid Azure Active Directory (Azure AD) tenant named contoso.com . You need to enable Azure AD Seamless Single Sign-On (Azure AD SSO) for contoso.com . What should you use?

B. the Microsoft 365 Defender portal

C. the Microsoft 365 Security admin center

D. the Microsoft 365 admin center

You have a Microsoft 365 subscription. You need to recommend a passwordless authentication solution that uses biometric authentication. What should you include in the recommendation?

C. the Microsoft Authenticator app

our network contains an on-premises Active Directory domain and a Microsoft 365 subscription. You plan to deploy a hybrid Azure Active Directory (Azure AD) tenant that has Azure AD Identity Protection risk policies enabled. You need to con gure Azure AD Connect to support the planned deployment. Which Azure AD Connect authentication method should you select?

B. Federation with PingFederate

C. Password Hash Synchronization

You have a Microsoft 365 subscription named contoso.com . You need to con gure Microsoft OneDrive for Business external sharing to meet the following requirements: ✑ Enable le sharing for users that have a Microsoft account. ✑ Block le sharing for anonymous users. What should you do?

D. From the External sharing settings for OneDrive, select New and existing external users.

A. From Advanced settings for external sharing, select Allow or block sharing with people on speci c domains and add contoso.com.

B. From the External sharing settings for OneDrive, select Only people in your organization.

C. From the External sharing settings for OneDrive, select Existing external users.

Your network contains an on-premises Active Directory domain named contoso.local that has a forest functional level of Windows Server 2008 R2. You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant named contoso.com . You plan to install Azure AD Connect and enable single sign-on (SSO). You need to prepare the domain to support SSO. The solution must minimize administrative effort. What should you do?

B. Modify the UPN su x of all domain users.

A. Raise the forest functional level to Windows Server 2016.

C. Populate the mail attribute of all domain users.

You have a Microsoft 365 tenant. You need to implement a policy to enforce the following requirements: ✑ If a user uses a Windows 10 device that is NOT hybrid Azure Active Directory (Azure AD) joined, the user must be allowed to connect to Microsoft SharePoint Online only from a web browser. The user must be prevented from downloading les or syncing les from SharePoint Online. ✑ If a user uses a Windows 10 device that is hybrid Azure AD joined, the user must be able connect to SharePoint Online from any client application, download les, and sync les. What should you create?

B. a conditional access policy in Azure AD that has Session controls configured

A. a conditional access policy in Azure AD that has Client apps conditions configured

C. a compliance policy in Microsoft Endpoint Manager that has the Device Properties settings configured

D. a compliance policy in Microsoft Endpoint Manager that has the Device Health settings configured

You have a hybrid deployment of Azure Active Directory (Azure AD) that contains two users named User1 and User2. You need to assign Role Based Access Control (RBAC) roles to User1 and User2 to meet the following requirements: ✑ Use the principle of least privilege. ✑ Enable User1 to view sync errors by using Azure AD Connect Health. ✑ Enable User2 to configure Azure Active Directory Connect Health Settings. Which two roles should you assign? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. The Monitoring Reader role in Azure AD Connect Health to User1

E. The Monitoring Contributor role in Azure AD Connect Health to User2

B. The Security reader role in Azure AD to User1

C. The Reports reader role in Azure AD to User1

D. The Contributor role in Azure AD Connect Health to User2

You have a Microsoft 365 subscription that contains a user named User1. You need to assign User1 permissions to search Microsoft O ce 365 audit logs. What should you use?

A. the Azure Active Directory admin center

C. the Microsoft 365 Defender portal

D. the Microsoft 365 Compliance center

You have a Microsoft 365 tenant that has modern authentication enabled. You have Windows 10, MacOS, Android, and iOS devices that are managed by using Microsoft Endpoint Manager. Some users have older email client applications that use Basic authentication to connect to Microsoft Exchange Online. You need to implement a solution to meet the following security requirements: ✑ Allow users to connect to Exchange Online only by using email client applications that support modern authentication protocols based on OAuth 2.0. ✑ Block connections to Exchange Online by any email client applications that do NOT support modern authentication. What should you implement?

A. a conditional access policy in Azure Active Directory (Azure AD)

B. an application control pro le in Microsoft Endpoint Manager

C. a compliance policy in Microsoft Endpoint Manager

D. an OAuth app policy in Microsoft Defender for Cloud Apps

You have a Microsoft 365 E5 subscription that contains 100 users. Each user has a computer that runs Windows 10 and either an Android mobile device or an iOS mobile device. All the devices are registered with Azure Active Directory (Azure AD). You enable passwordless authentication for all the users. You need to ensure that the users can sign in to the subscription by using passwordless authentication. What should you instruct the users to do on their mobile device first?

C. Install the Microsoft Authenticator app.

A. Install a device certificate.

D. Register for self-service password reset (SSPR).

Your network contains an on-premises Active Directory domain. The domain contains a domain controller named DC1. You have a Microsoft 365 E5 subscription. You install the Microsoft Defender for Identity sensor on DC1. You need to con gure enhanced threat detection in Defender for Identity. The solution must ensure that the following events are collected from DC1: ✑ 4726 - User Account Deleted ✑ 4728 - Member Added to Global Security Group ✑ 4776 - Domain Controller Attempted to Validate Credentials for an Account (NTLM) What should you do on DC1?

D. Configure the Advanced Audit Policy Configuration policy.

A. Install the Azure Monitor agent.

B. Install System Monitor (SYSMON).

C. Configure the Windows Event Collector service.

You have a Microsoft 365 E5 subscription that uses Azure Active Directory (Azure AD) Privileged Identity Management (PIM). A user named User1 is eligible for the User Account Administrator role. You need User1 to request to activate the User Account Administrator role. From where should User1 request to activate the role?

B. the Microsoft 365 Defender portal

C. the Microsoft 365 admin center

D. the Azure Active Directory admin center

You have a Microsoft 365 E5 subscription. You need to enable support for sensitivity labels in Microsoft SharePoint Online. What should you use?

C. the Microsoft 365 Compliance center

B. the Microsoft 365 admin center

D. the Azure Active Directory admin center

You have a Microsoft 365 E5 subscription that contains a user named User1. You need to ensure that User1 can use the Microsoft 365 compliance center to search audit logs and identify which users were added to Microsoft 365 role groups. The solution must use the principle of least privilege. To which role group should you add User1?

A. View-Only Organization Management

Topic 1 Multiple Choices Questions

Authored by Fuckundo Mustafa

Other

Professional Development

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

46 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have several Conditional Access policies that block noncompliant devices from connecting to services.
You need to identify which devices are blocked by which policies.
What should you use?

A. the Setting compliance report in the Microsoft Endpoint Manager admin center

B. Sign-ins in the Azure Active Directory admin center

C. Activity log in the Cloud App Security portal

D. Audit logs in the Azure Active Directory admin center

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Azure AD app and attribute filtering settings.
Does that meet the goal?

A. Yes

B. No

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?

A. Yes

B. No

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Source Anchor settings.
Does that meet the goal?

A. Yes

B. No

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have a hybrid Microsoft 365 environment. All computers run Windows 10 and are managed by using Microsoft Endpoint Manager.
You need to create a Microsoft Azure Active Directory (Azure AD) conditional access policy that will allow only Windows 10 computers marked as
compliant to establish a VPN connection to the on-premises network.
What should you do first?

A. From the Azure Active Directory admin center, create a new certi cate

B. Enable Application Proxy in Azure AD

C. From Active Directory Administrative Center, create a Dynamic Access Control policy

D. From the Azure Active Directory admin center, con gure authentication methods

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have a Microsoft 365 subscription.
From the Microsoft 365 admin center, you create a new user.
You plan to assign the Reports reader role to the user.
You need to view the permissions of the Reports reader role.
Which admin center should you use?

A. Microsoft 365 Defender

B. Azure Active Directory

C. Microsoft Defender for Identity

D. Microsoft Defender for Cloud Apps

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You have a Microsoft 365 E5 subscription.
You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factor
authentication (MFA) to request the permissions.
What should you use to achieve the goal?

A. Microsoft 365 Compliance permissions

B. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management

C. Microsoft Azure AD group management

D. Microsoft 365 user management

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

41 questions

Four Corners 2, Unit 4 Quiz

Quiz

•

9th Grade - Professio...

44 questions

Minecraft

Quiz

•

KG - Professional Dev...

50 questions

UQ/L-3/BK-3/Assessment/English

Quiz

•

Professional Development

43 questions

THE ULTIMATE LOGO QUIZ (LOGO QUIZ 05)

Quiz

•

KG - Professional Dev...

43 questions

star wars

Quiz

•

KG - Professional Dev...

49 questions

Test Your Knowledge_AS New_RO

Quiz

•

Professional Development

51 questions

COSAS BARIAS

Quiz

•

Professional Development

45 questions

6035 Cold water Quiz 1

Quiz

•

Professional Development

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Other

15 questions

LOTE_SPN2 5WEEK3 Day 2 Itinerary

Quiz

•

Professional Development

6 questions

Copy of G5_U6_L5_22-23

Lesson

•

KG - Professional Dev...

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

10 questions

suffixes FUL OR LESS

Quiz

•

Professional Development

Topic 1 Multiple Choices Questions

You have several Conditional Access policies that block noncompliant devices from connecting to services. You need to identify which devices are blocked by which policies. What should you use?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection. Solution: You modify the Azure AD app and attribute filtering settings. Does that meet the goal?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection. Solution: You modify the Password Hash Synchronization settings. Does that meet the goal?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection. Solution: You modify the Source Anchor settings. Does that meet the goal?

You have a Microsoft 365 subscription. From the Microsoft 365 admin center, you create a new user. You plan to assign the Reports reader role to the user. You need to view the permissions of the Reports reader role. Which admin center should you use?

You have a Microsoft 365 E5 subscription. You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factorauthentication (MFA) to request the permissions. What should you use to achieve the goal?

Your company has a main o ce and a Microsoft 365 subscription. You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically presentin the office. What should you include in the configuration?

You install and run Azure AD Connect on a server named Server1 that runs Windows Server. You need to view Azure AD Connect events. Solution: You use the Security event log on Server1. Does that meet the goal?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other

You have several Conditional Access policies that block noncompliant devices from connecting to services.
You need to identify which devices are blocked by which policies.
What should you use?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Azure AD app and attribute filtering settings.
Does that meet the goal?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Password Hash Synchronization settings.
Does that meet the goal?

You need to ensure that you can use leaked credentials detection in Azure AD Identity Protection.
Solution: You modify the Source Anchor settings.
Does that meet the goal?

You have a Microsoft 365 subscription.
From the Microsoft 365 admin center, you create a new user.
You plan to assign the Reports reader role to the user.
You need to view the permissions of the Reports reader role.
Which admin center should you use?

You have a Microsoft 365 E5 subscription.
You need to ensure that users who are assigned the Exchange administrator role have time-limited permissions and must use multi-factor
authentication (MFA) to request the permissions.
What should you use to achieve the goal?

Your company has a main o ce and a Microsoft 365 subscription.
You need to enforce Microsoft Azure Multi-Factor Authentication (MFA) by using conditional access for all users who are NOT physically present
in the office.
What should you include in the configuration?

You install and run Azure AD Connect on a server named Server1 that runs Windows Server.
You need to view Azure AD Connect events.
Solution: You use the Security event log on Server1.
Does that meet the goal?