DRAG DROP
You have a Microsoft 365 E5 subscription.
All computers run Windows 10 and are onboarded to Windows Defender Advanced Threat Protection (Windows Defender ATP).
You create a Windows Defender machine group named MachineGroup1.
You need to enable delegation for the security settings of the computers in MachineGroup1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
You assign an enterprise application named App1 to Group1 and User2.
You configure an Azure AD access review of App1. The review has the following settings:
Review name: Review1 Start date: 01–15–2020 Frequency: One time End date: 02–14–2020 Users to review: Assigned to an application Scope: Everyone Applications: App1 Reviewers: Members (self) Auto apply results to resource: Enable Should reviewer not respond: Take recommendations
On February 15, 2020, you review the access review report and see the entries shown in the following table:
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:
HOTSPOT
You have a Microsoft 365 E5 subscription that contains two users named Adminl and User1. a Microsoft SharePoint Online site named Site1, and a retention label named Retention1. The role assignments for Site1 are shown in the following table.
Site1 includes a file named File1. Rentention1 has the following settings:
1.
Retain items for a specific period: Retention period: 7 years
2.
During the retention period: Mark Items as a record
3.
At the end of the retention period: Delete items automatically
Rententon1 is published to Site1.
User1 applies Retention1 to File1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
HOTSPOT
You create device groups in Microsoft Defender for Endpoint as shown in the following table.
You onboard three devices to Microsoft Defender for Endpoint as shown in the following table.
After the devices are onboarded, you perform the following actions:
1.
Add a tag named Tag1 to Device1.
2.
Rename Computer3 as Device3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Hot Area:
HOTSPOT
You have a Microsoft 365 E5 subscription that contains three users named Use1, User2, and User3.
You have Azure Active Directory (Azure AD) roles that have the role activation settings shown in the following table.
You have Azure AD roles that have the role assignment settings shown in the following table.
The Azure AD roles have eligible users assigned as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
SIMULATION
You need to configure your organization to automatically quarantine all phishing email messages. To complete this task, sign in to the Microsoft 365 portal.
You have a Microsoft 365 subscription that includes a user named Admin1.
You need to ensure that Admin1 can preserve all the mailbox content of users, including their deleted items.
The solution must use the principle of least privilege.
What should you do?
A. From the Microsoft 365 admin center, assign the Exchange administrator role to Admin1.
B. From the Exchange admin center, assign the Discovery Management admin role to Admin1.
C. From the Azure Active Directory admin center, assign the Service administrator role to Admin1.
D. From the Exchange admin center, assign the Recipient Management admin role to Admin1.
Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled. The security logs of the servers are collected by using a third-party SIEM solution.
You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors. You need to ensure that you can detect when sensitive groups are modified and when malicious services
are created.
What should you do?
A. Configure Azure ATP notifications
B. Configure Event Forwarding on the domain controllers
C. Configure auditing in the Office 365 Security and Compliance center
D. Modify the Domain synchronizer candidate settings on the Azure ATP sensors
Your company has a Microsoft 365 E5 subscription that uses Microsoft Defender for identity.
You plan to create a detection exclusion in Microsoft Defender for Identity.
What should you use to create the detection exclusion?
A. Microsoft Defender for Identity portal
B. Microsoft 365 Compliance center
C. Microsoft Defender for Cloud Apps portal
D. Microsoft 365 Defender portal
You have a Microsoft 365 E5 subscription.
A customer requests access to all his personal data.
You need to manage the customer's request.
What should you do first?
A. Create a content search.
B. Enable sharing with external users.
C. Set Require approval for all data access requests to On for Customer Lockbox.
D. Create a Data Subject Request (DSR) case.
