DRAG DROP -
You need to meet the requirement for the legal department.
Which three actions should you perform in sequence from the Security & Compliance admin center? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
 

You need to protect the U.S. PII data to meet the technical requirements.
What should you create?

A. a data loss prevention (DLP) policy that contains a domain exception

B. a Security & Compliance retention policy that detects content containing sensitive data

C. a Security & Compliance alert policy that contains an activity

D. a data loss prevention (DLP) policy that contains a user override

You need to meet the technical requirement for the EU PII data.
What should you create?

A. a data loss prevention (DLP) policy from the Microsoft 365 compliance center

B. a data loss prevention (DLP) policy from the Exchange admin center

C. a retention policy from the Exchange admin center

D. a retention policy from the Microsoft 365 compliance center

Which report should the New York office auditors view?

A. DLP incidents

B. Top Senders and Recipients

C. DLP false positives and overrides

D. DLP policy matches

HOTSPOT -
You need to configure the Information governance settings to meet the technical requirements.
Which type of policy should you configure, and how many policies should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You need to configure the compliance settings to meet the technical requirements.
What should you do in the Microsoft Endpoint Manager admin center?

A. From Compliance policies, modify the Notifications settings.

B. From Locations, create a new location for noncompliant devices.

C. From Retire Noncompliant Devices, select Clear All Devices Retire State.

D. Modify the Compliance policy settings.

You create the planned DLP policies.
You need to configure notifications to meet the technical requirements.
What should you do?

A. From the Microsoft 365 Defender, configure an alert policy.

B. From the Microsoft Endpoint Manager admin center, configure a custom notification.

C. From the Microsoft 365 admin center, configure a Briefing email.

D. From the Microsoft 365 compliance center, configure the Endpoint DLP settings.

You need to configure Office on the web to meet the technical requirements.
What should you do?

A. Assign the Global reader role to User1.

B. Enable sensitivity labels for Office files in SharePoint Online and OneDrive.

C. Configure an auto-labeling policy to apply the sensitivity labels.

D. Assign the Office apps admin role to User1.

HOTSPOT -
You need to ensure that User2 can review the audit logs. The solution must meet the technical requirements.
To which role group should you add User2, and what should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You need to meet the technical requirements and planned changes for Intune.
What should you do? To answer, select the appropriate options is the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You need to meet the technical requirement for log analysis.
What is the minimum number of data sources and log collectors you should create from Microsoft Defender for Cloud Apps? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You need to ensure that User1 can enroll the devices to meet the technical requirements.
What should you do?

A. From the Azure Active Directory admin center, assign User1 the Cloud device administrator role.

B. From the Azure Active Directory admin center, configure the Maximum number of devices per user setting.

C. From the Endpoint Manager admin center, add User1 as a device enrollment manager.

D. From the Endpoint Manager admin center, configure the Enrollment restrictions.

HOTSPOT -
As of March, how long will the computers in each office remain supported by Microsoft? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You need to configure a conditional access policy to meet the compliance requirements.
You add Exchange Online as a cloud app.
Which two additional settings should you configure in Policy1? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You need to meet the Intune requirements for the Windows 10 devices.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You need to create the Microsoft Store for Business.
Which user can create the store?

A. User2

B. User3

C. User4

D. User5

You need to ensure that the support technicians can meet the technical requirement for the Montreal office mobile devices.
What is the minimum of dedicated support technicians required?

A. 1

B. 4

C. 7

D. 31

You need to recommend a solution for the security administrator. The solution must meet the technical requirements.
What should you include in the recommendation?

A. Microsoft Azure Active Directory (Azure AD) Privileged Identity Management

B. Microsoft Azure Active Directory (Azure AD) Identity Protection

C. Microsoft Azure Active Directory (Azure AD) conditional access policies

D. Microsoft Azure Active Directory (Azure AD) authentication methods

HOTSPOT -
You need to configure automatic enrollment in Intune. The solution must meet the technical requirements.
What should you configure, and to which group should you assign the configurations? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

On which server should you install the Defender for Identity sensor?

A. Server1

B. Server2

C. Server3

D. Server4

E. Server5

You need to meet the technical requirement for large-volume document retrieval.
What should you create?

A. an activity policy from Microsoft Defender for Cloud Apps

B. a data loss prevention (DLP) policy from the Microsoft 365 compliance center

C. a file policy from Microsoft Defender for Cloud Apps

D. an alert policy from the Microsoft 365 compliance center

You need to create the DLP policy to meet the technical requirements.
What should you configure first?

A. sensitive info types

B. the Insider risk management settings

C. the event types

D. the sensitivity labels

HOTSPOT -
You plan to implement the endpoint protection device configuration profiles to support the planned changes.
You need to identify which devices will be supported, and how many profiles you should implement.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a new Microsoft 365 subscription.
You need to prevent users from sending email messages that contain Personally Identifiable Information (PII).
Solution: From the Microsoft 365 compliance center, you create a data loss prevention (DLP) policy.
Does this meet the goal?

A. Yes

B. No

You need to create the Safe Attachments policy to meet the technical requirements.
Which option should you select?

A. Replace

B. Enable redirect

C. Block

D. Dynamic Delivery

You have a Microsoft 365 tenant.
You discover that administrative tasks are unavailable in the Microsoft 365 audit logs of the tenant.
You run the Get-AdminAuditLogConfig cmdlet and receive the following output:
 
You need to ensure that administrative tasks are logged in the Microsoft 365 audit logs.
Which attribute should you modify?

A. TestCmdletLoggingEnabled

B. UnifiedAuditLogIngestionEnabled

C. AdminAuditLogEnabled

You need to meet the compliance requirements for the Windows 10 devices.
What should you create from the Endpoint Management admin center?

A. a device compliance policy

B. a device configuration profile

C. an app protection policy

D. an app configuration policy

You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.
What should you do?

A. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.

B. From the Security & Compliance admin center, create a label and a label policy.

C. From the Security & Compliance admin center, start a message trace.

D. From Microsoft Defender for Cloud Apps, create an activity policy.

HOTSPOT -
You need to meet the technical requirement for the SharePoint administrator.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You have retention policies in Microsoft 365 as shown in the following table.
 
Policy1 is configured as shown in the Policy1 exhibit. (Click the Policy1 tab.)
 
Policy2 is configured as shown in the Policy2 exhibit. (Click the Policy2 tab.)
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You have a Microsoft 365 subscription that contains all the user data.
You plan to create the retention policy shown in the Choose Locations exhibit. (Click the Choose Locations tab.)
 
You configure the Advanced retention settings as shown in the Retention exhibit. (Click the Retention tab.)
 
The locations specified in the policy include the groups shown in the following table.
 
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
Your company is based in the United Kingdom (UK).
Users frequently handle data that contains Personally Identifiable Information (PII).
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a Microsoft 365 subscription.
All users are assigned a Microsoft 365 E3 license.
You enable auditing for your organization.
What is the maximum amount of time data will be retained in the Microsoft 365 audit log?

A. 2 years

B. 1 year

C. 30 days

D. 90 days

You have a Microsoft 365 subscription. You have a user named User1.
You need to ensure that User1 can place a hold on all mailbox content.
What permission should you assign to User1?

A. the eDiscovery Manager role from the Microsoft 365 compliance center

B. the Compliance Management role from the Exchange admin center

C. the User management administrator role from Microsoft 365 admin center

D. the Information Protection administrator role from the Azure Active Directory admin center

Your company has a Microsoft 365 subscription.
You need to identify which users performed the following privileged administration tasks:
✑ Deleted a folder from the second-stage Recycle Bin of Microsoft SharePoint
✑ Opened a mailbox of which the user was not the owner
✑ Reset a user password
What should you use?

A. Microsoft Azure Active Directory (Azure AD) audit logs

B. Microsoft 365 compliance content search

C. Microsoft Azure Active Directory (Azure AD) sign-ins

D. Microsoft 365 compliance audit log search

You have a Microsoft 365 subscription.
You plan to enable Microsoft Azure Information Protection.
You need to ensure that only the members of a group named PilotUsers can protect content.
What should you do?

A. Run the Set-AadrmOnboardingControlPolicy cmdlet.

B. Run the Add-AadrmRoleBasedAdministrator cmdlet.

C. Create an Azure Information Protection policy.

D. Configure the protection activation status for Azure Information Protection.

HOTSPOT -
You have a Microsoft 365 subscription.
All users are assigned Microsoft Azure Active Directory Premium licenses.
From the Device Management admin center, you set Microsoft Intune as the MDM authority.
You need to ensure that when the members of a group named Marketing join a device to Azure Active Directory (Azure AD), the device is enrolled automatically in
Intune. The Marketing group members must be limited to five devices enrolled in Intune.
Which two options should you use to perform the configurations? To answer, select the appropriate blades in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You have a Microsoft Azure Active Directory (Azure AD) tenant.
Your company implements Windows Information Protection (WIP).
You need to modify which users and applications are affected by WIP.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

Your company uses on-premises Windows Server File Classification Infrastructure (FCI). Some documents on the on-premises file servers are classified as
Confidential.
You migrate the files from the on-premises file servers to Microsoft SharePoint Online.
You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded files based on the Confidential classification.
What should you do first?

A. From the SharePoint admin center, configure hybrid search.

B. From the SharePoint admin center, create a managed property.

C. From the Security & Compliance Center PowerShell, run the New-DataClassification cmdlet.

D. From the Security & Compliance Center PowerShell, run the New-DlpComplianceRule cmdlet.

HOTSPOT -
You have a Microsoft 365 subscription.
You are configuring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.
 
The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant that contains two users named User1 and User2.
On September 5, 2019, you create and enforce a terms of use (ToU) in the tenant. The ToU has the following settings:
✑ Name: Terms1
✑ Display name: Terms1 name
✑ Require users to expand the terms of use: Off
✑ Require users to consent on every device: Off
✑ Expire consents: On
✑ Expire starting on: October 10, 2019
✑ Frequency: Monthly
User1 accepts Terms1 on September 5, 2019. User2 accepts Terms1 on October 5, 2019.
When will Terms1 expire for the first time for each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department's Microsoft
SharePoint Online site.
What should you do?

A. From the Security & Compliance admin center, create an alert policy.

B. From the SharePoint Online site, create an alert.

C. From the SharePoint Online admin center, modify the sharing settings.

D. From the Security & Compliance admin center, create a data loss prevention (DLP) policy.

HOTSPOT -
Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.
 
You create a retention label named Label1 that has the following configurations:
✑ Retains content for five years
✑ Automatically deletes all content that is older than five years
You turn on Auto labeling for Label1 by using a policy named Policy1. Policy1 has the following configurations:
✑ Applies to content that contains the word Merger
✑ Specifies the OneDrive accounts and SharePoint sites locations
You run the following command.
Set-RetentionCompliancePolicy Policy1 `"RestrictiveRetention $true
-Force
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

HOTSPOT -
You configure an anti-phishing policy as shown in the following exhibit.
 
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a Microsoft 365 subscription.
You plan to connect to Microsoft Exchange Online PowerShell and run the following cmdlets:
✑ Search-MailboxAuditLog
✑ Test-ClientAccessRule
✑ Set-GroupMailbox
Get-Mailbox -
 
Which cmdlet will generate an entry in the Microsoft Office 365 audit log?

A. Search-MailboxAuditLog

B. Test-ClientAccessRule

C. Set-GroupMailbox

D. Get-Mailbox

Your company has a Microsoft 365 tenant.
The company sells products online and processes credit card information.
You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents.
What should you use?

A. a Microsoft 365 compliance center data loss prevention (DLP) policy

B. a Microsoft Defender for Cloud Apps access policy

C. a Microsoft 365 compliance center retention policy

D. a Microsoft Defender for Cloud Apps file policy

You have a Microsoft 365 E5 subscription.
You run an eDiscovery search that returns the following Azure Rights Management (Azure RMS) `" encrypted content:
✑ Microsoft Exchange emails
✑ Microsoft OneDrive documents
✑ Microsoft SharePoint documents
Which content can be decrypted when you export the eDiscovery search results?

A. Exchange emails only

B. SharePoint documents, OneDrive documents, and Exchange emails

C. OneDrive documents only

D. SharePoint documents and OneDrive documents only

E. SharePoint documents only

You have a Microsoft 365 subscription.
All users have their email stored in Microsoft Exchange Online.
In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.
What should you do?

A. From the Security & Compliance admin center, create an eDiscovery case.

B. From the Exchange admin center, create a mail flow rule.

C. From the Security & Compliance admin center, start a message trace.

D. From Microsoft Defender for Cloud Apps, create an access policy.

You have a Microsoft 365 subscription.
You configure a data loss prevention (DLP) policy.
You discover that users are incorrectly marking content as false positive and bypassing the DLP policy.
You need to prevent the users from bypassing the DLP policy.
What should you configure?

A. incident reports

B. actions

C. exceptions

D. user overrides

You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.
 
You create and assign a data loss prevention (DLP) policy named Policy1. Policy1 is configured to prevent documents that contain Personally Identifiable
Information (PII) from being emailed to users outside your organization.
To which users can User1 send documents that contain PII?

A. User2 only

B. User2 and User3 only

C. User2, User3, and User4 only

D. User2, User3, User4, and User5