This page was exported from Actual Test Materials [ http://blog.actualtests4sure.com ] Export date:Wed Nov 20 16:12:52 2024 / +0000 GMT ___________________________________________________ Title: Real MS-102 dumps Accurate Questions and Answers with Free and Fast Updates [Q210-Q230] --------------------------------------------------- Real MS-102 dumps Accurate Questions and Answers with Free and Fast Updates Real MS-102 Quesions Pass Certification Exams Easily Microsoft MS-102 Exam Syllabus Topics: TopicDetailsTopic 1Manage compliance by using Microsoft Purview: Implementation of Microsoft Purview information protection and data lifecycle management is discussed in this topic. Moreover, questions about implementing Microsoft Purview data loss prevention (DLP) also appear.Topic 2Deploy and manage a Microsoft 365 tenant: Management of roles in Microsoft 365 and management of users and groups are discussion points of this topic. It also focuses on implementing and managing a Microsoft 365 tenant.Topic 3Implement and manage Microsoft Entra identity and access: In this topic, questions about Microsoft Entra tenant appear. Moreover, it delves into implementation and management of authentication and secure access.Topic 4Manage security and threats by using Microsoft Defender XDR: This topic discusses how to use Microsoft Defender portal to manage security reports and alerts. It also focuses on usage of Microsoft Defender for Office 365 to implement and manage email and collaboration protection. Lastly, it discusses the usage of Microsoft Defender for Endpoint for the implementation and management of endpoint protection.   NO.210 You have a Microsoft 365 E5 subscription that contains the users shown in the following table.You ate implementing Microsoft Defender for EndpointYou need to enable role-based access control (RBAQ to restrict access to the Microsoft 365 Defender portal.Which users can enable RBAC, and winch users will no longer have access to the Microsoft 365 Defender portal after RBAC is enabled? To answer, select the appropriate options in the answer area.NOTE Each correct selection is worth one point. ExplanationNO.211 You have a Microsoft 365 subscription that contains the users shown in the following table.You plan to use Exchange Online to manage email for a DNS domain.An administrator adds the DNS domain to the subscription.The DNS domain has a status of Incomplete setup.You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.Which user should you identify?  User1  User2  User3  User4 NO.212 You have a Microsoft 365 E5 subscription that has published sensitivity labels shown in the following exhibit.Which labels can users apply to content?  Label1, Label2, and Label5 only  Label3. Label4, and Label6 only  Label1, Label3, Labe2, and Label6 only  Label1, Label2, Label3, Label4, Label5. and Label6 NO.213 You have a Microsoft 365 E5 subscription that uses Microsoft intune. The subscription contains the resources shown in the following table.User1 is the owner of Device1.You add Microsoft 365 Apps Windows 10 and later app types to Intune as shown in the following table.On Thursday, you review the results of the app deployments.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Explanation:NO.214 You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint site named Sitel. Site!contains the files shown in the following table.You have a data loss prevention (DLP) policy named DLP1 that has the advanced DLP rules shown in the following table.You apply DLP1 to Site1.Which policy tip is displayed for each file? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:NO.215 Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the objects shown in the following table.You configure Azure AD Connect to sync contoso.com to Azure AD.Which objects will sync to Azure AD?  Group1 only  User1 and User2 only  Group1 and User1 only  Group1, User1, and User2 Disabled accountsDisabled accounts are synchronized as well to Azure AD. Disabled accounts are common to represent resources in Exchange, for example conference rooms. The exception is users with a linked mailbox; as previously mentioned, these will never provision an account to Azure AD.The assumption is that if a disabled user account is found, then we won’t find another active account later and the object is provisioned to Azure AD with the userPrincipalName and sourceAnchor found. In case another active account will join to the same metaverse object, then its userPrincipalName and sourceAnchor will be used.Reference:https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/concept-azure-ad-connect-sync-user- and-contactsNO.216 You have the sensitivity labels shown in the following exhibit.Which labels can users apply to content?  Label3, Label4, and Label6 only  Label1, Label2. Label3. Label4. Label5. and Label6  Label1, Label2, and Label5 only  Label1, Label3, Label4, and Label6 only Reference:https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwideNO.217 You have a Microsoft 365 subscription that contains a user named User1 and a Microsoft SharePoint Online site named Site1. User1 is assigned the Owner role for Site1. To Site1, you publish the file plan retention labels shown in the following table.Site1 contains the files shown in the following table.Which files can User1 rename, and which files can User1 delete? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:NO.218 You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.You plan to publish a sensitivity label named Label1.To which groups can you publish Label1?  Group1 only  Group1 and Group2 only  Group1 and Group4 only  Group1, Group2, and Group3 only  Group1 Group2, Group3, and Group4 In addition to using sensitivity labels to protect documents and emails, you can also use sensitivity labels to protect content in the following containers: Microsoft Teams sites, Microsoft 365 groups (formerly Office 365 groups), and SharePoint sites.Reference:https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sitesNO.219 You have a Microsoft 365 subscription that contains an Azure AD tenant named contoso.com. The tenant contains the users shown in the following table.You create and assign a data loss prevention (DLP) policy named Policy1. Policy1 is configured to prevent documents that contain Personally Identifiable Information (Pll) from being emailed to users outside your organization.To which users can User! send documents that contain Pll?  User2only  User2and User3only  User2, User3, and User4 only  User2, User3, User4, and User5 NO.220 You have a Microsoft 365 subscription.You add a domain named contoso.com.When you attempt to verify the domain, you are prompted to send a verification email to admin@contoso.com.You need to change the email address used to verify the domain.What should you do?  From the Microsoft 365 admin center, change the global administrator of the Microsoft 365 subscription.  Add a TXT record to the DNS zone of the domain.  From the domain registrar, modify the contact information of the domain.  Modify the NS records for the domain. NO.221 Which report should the New York office auditors view?  DLP policy matches  DLP false positives and overrides  DLP incidents  Top Senders and Recipients ExplanationReferences:https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies This report also shows policy matches over time, like the policy matches report. However, the policy matches report shows matches at a rule level; for example, if an email matched three different rules, the policy matches report shows three different line items. By contrast, the incidents report shows matches at an item level; for example, if an email matched three different rules, the incidents report shows a single line item for that piece of content. Because the report counts are aggregated differently, the policy matches report is better for identifying matches with specific rules and fine tuning DLP policies. The incidents report is better for identifying specific pieces of content that are problematic for your DLP policies.NO.222 HOTSPOTYou have a Microsoft 365 E5 subscription that contains the users shown in the following table.You configure the Microsoft Authenticator authentication method policy to enable passwordless authentication as shown in the following exhibit.Both User1 and User2 report that they are NOT prompted for passwordless sign-in in the Microsoft Authenticator app.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationBox 1: YesUser1 is member of Group1.User1 has MFA registered method of Microsoft Authenticater app (push notification) The Microsoft Authenticator authentication method policy is configured for Group1, registration is optional, authentication method is any.Note: Microsoft Authenticator can be used to sign in to any Azure AD account without using a password.Microsoft Authenticator uses key-based authentication to enable a user credential that is tied to a device, where the device uses a PIN or biometric. Windows Hello for Business uses a similar technology.This authentication technology can be used on any device platform, including mobile. This technology can also be used with any app or website that integrates with Microsoft Authentication Libraries.Box 2: NoUser2 is member of Group2.The Microsoft Authenticator authentication method policy is configured for Group1, not for Group2.Box 3: NoUser3 is member of Group1.User3 has no MFA method registered.User3 must choose an authentication method.Note: Enable passwordless phone sign-in authentication methodsAzure AD lets you choose which authentication methods can be used during the sign-in process. Users then register for the methods they’d like to use.Reference:https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-phoneNO.223 You work at a company named Contoso, Ltd.Contoso has a Microsoft 365 subscription that is configured to use the DNS domains shown in the following table.Contoso purchases a company named Fabrikam, Inc.Contoso plans to add the following domains to the Microsoft 365 subscription:* fabrikam.com* east.fabrikam.com* west.contoso.comYou need to ensure that the devices in the new domains can register by using Autodiscover.How many domains should you verify, and what is the minimum number of enterprise registration DNS records you should add? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:NO.224 You have three devices enrolled in Microsoft Endpoint Manager as shown in the following table.The device compliance policies in Endpoint Manager are configured as shown in the following table.The device compliance policies have the assignments shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. ExplanationNO.225 You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com.You create a Microsoft Defender for identity instance Contoso.The tenant contains the users shown in the following table.You need to modify the configuration of the Defender for identify sensors.Solutions: You instruct User1 to modify the Defender for identity sensor configuration.Does this meet the goal?  Yes  No NO.226 HOTSPOTYou have a Microsoft 365 E5 subscription that contains the groups shown in the following table.All the groups are deleted.Which groups can be restored, and what is the retention period? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Box 1: Group3 onlyBox 2: 30 daysIf you’ve deleted a group, it will be retained for 30 days by default. This 30-day period is considered a“soft-delete” because you can still restore the group. After 30 days, the group and its associated contents are permanently deleted and cannot be restored.Reference:https://learn.microsoft.com/en-us/microsoft-365/admin/create-groups/restore-deleted-groupNO.227 You have a Microsoft 365 E5 subscription that contains the resources shown in the following table.You create a sensitivity label named Label1.To which resource can you apply Label1?  Group1 only  Group2 only  Sitel only  Groupl and Group2 only  Group1, Group2, and Sitel ExplanationAssign sensitivity labels to Microsoft 365 groups in Azure Active Directory Azure Active Directory (Azure AD), part of Microsoft Entra, supports applying sensitivity labels published by the Microsoft Purview compliance portal to Microsoft 365 groups.In addition to using sensitivity labels to protect documents and emails, you can also use sensitivity labels to protect content in the following containers: Microsoft Teams sites, Microsoft 365 groups (formerly Office 365 groups), and SharePoint sites.When you configure a label policy, you can:Choose which users and groups see the labels. Labels can be published to any specific user or email-enabled security group, distribution group, or Microsoft 365 group (which can have dynamic membership) in Azure AD.Reference:https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-siteshttps://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwideNO.228 As of March, how long will the computers in each office remain supported by Microsoft? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:https://support.microsoft.com/en-gb/help/13853/windows-lifecycle-fact-sheet March Feature Updates:Serviced for 18 months from release date September Feature Updates: Serviced for 30 months from release date References:https://www.windowscentral.com/whats-difference-between-quality-updates-and-feature-updates-windows-10NO.229 You have a Microsoft 365 subscription.You need to configure a compliance solution that meets the following requirements:Defines sensitive data based on existing data samplesAutomatically prevents data that matches the samples from being shared externally in Microsoft SharePoint or email messages Which two components should you configure? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.  a trainable classifier  a sensitive info type  an insider risk policy  an adaptive policy scope  a data loss prevention (DLP) policy ExplanationA: ClassifiersThis categorization method is well suited to content that isn’t easily identified by either the manual or automated pattern-matching methods. This method of categorization is more about using a classifier to identify an item based on what the item is, not by elements that are in the item (pattern matching). A classifier learns how to identify a type of content by looking at hundreds of examples of the content you’re interested in identifying.Where you can use classifiersClassifiers are available to use as a condition for:Office auto-labeling with sensitivity labelsAuto-apply retention label policy based on a conditionCommunication complianceSensitivity labels can use classifiers as conditions, see Apply a sensitivity label to content automatically.Data loss preventionE: Organizations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect this sensitive data and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn’t have it. This practice is called data loss prevention (DLP).Reference:https://learn.microsoft.com/en-us/microsoft-365/compliance/classifier-learn-abouthttps://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlpNO.230 You have a Microsoft 365 E5 subscription that contains two users named Admin1 and Admin2.All users are assigned a Microsoft 365 Enterprise E5 license and auditing is turned on.You create the audit retention policy shown in the exhibit. (Click the Exhibit tab.)After Policy1 is created, the following actions are performed:How long will the audit events for the creation of User1 and User2 be retained? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.  Admin1 creates a user named User1.  Admin2 creates a user named User2. ExplanationReference:https://docs.microsoft.com/en-us/microsoft-365/compliance/audit-log-retention-policies?view=o365-worldwide Loading … MS-102 Dumps are Available for Instant Access: https://www.actualtests4sure.com/MS-102-test-questions.html --------------------------------------------------- Images: https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-11-20 11:44:50 Post date GMT: 2024-11-20 11:44:50 Post modified date: 2024-11-20 11:44:50 Post modified date GMT: 2024-11-20 11:44:50