Valid Microsoft 365 Certified MS-102 Dumps Ensure Your Passing
MS-102 Dumps Real Exam Questions Test Engine Dumps Training
NEW QUESTION # 298
Your network contains an on-premises Active Directory domain that is synced to Azure AD as shown in the following exhibit.
An on-premises Active Directory user account named Allan You is synchronized to Azure AD. You view Allan's account from Microsoft 365 and notice that his username is set to Allan @>ddatum.onmicrosoft.com.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 299
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.
You perform the following actions:
* Provision the private store in Microsoft Store for Business.
* Add an app named App1 to the private store.
* Set Private store availability for App1 to Specific groups, and then select Group3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-store/app-inventory-management-microsoft-store-for- business#private-store-availability
NEW QUESTION # 300
HOTSPOT
You have a Microsoft 365 E5 subscription.
All company-owned Windows 11 devices are onboarded to Microsoft Defender for Endpoint.
You need to configure Defender for Endpoint to meet the following requirements:
* Block a vulnerable app until the app is updated.
* Block an application executable based on a file hash.
The solution must minimize administrative effort.
What should you configure for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Box 1: A remediation request
Block a vulnerable app until the app is updated.
Block vulnerable applications
How to block vulnerable applications
* Go to Vulnerability management > Recommendations in the Microsoft 365 Defender portal.
* Select a security recommendation to see a flyout with more information.
* Select Request remediation.
* Select whether you want to apply the remediation and mitigation to all device groups or only a few.
* Select the remediation options on the Remediation request page. The remediation options are software update, software uninstall, and attention required.
* Pick a Remediation due date and select Next.
* Under Mitigation action, select Block or Warn. Once you submit a mitigation action, it is immediately applied.
* Review the selections you made and Submit request. On the final page you can choose to go directly to the remediation page to view the progress of remediation activities and see the list of blocked applications.
Box 2: A file indicator
Block an application executable based on a file hash.
While taking the remediation steps suggested by a security recommendation, security admins with the proper permissions can perform a mitigation action and block vulnerable versions of an application. File indicators of compromise (IOC)s are created for each of the executable files that belong to vulnerable versions of that application. Microsoft Defender Antivirus then enforces blocks on the devices that are in the specified scope.
The option to View details of blocked versions in the Indicator page brings you to the Settings > Endpoints > Indicators page where you can view the file hashes and response actions.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/tvm-block-vuln-ap
NEW QUESTION # 301
You have a Microsoft 365 subscription that contains a Microsoft SharePoint Online site named Site1. Site1 has he files in the following table.
The Site1 users are assigned the roles shown in the following table.
You create a data less prevention (DLP) policy names Policy1 as shown in the following exhibit.
How many files will be visible to user1 and User2 after Policy' is applied to answer, selected select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 302
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.
The domain syncs to an Azure AD tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)
User2 fails to authenticate to Azure AD when signing in as [email protected].
You need to ensure that User2 can access the resources in Azure AD.
Solution: From the Microsoft Entra admin center, you assign User2 the Security Reader role. You instruct User2 to sign in as [email protected].
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
This is not a permissions issue so you do not need to assign the Security Reader role.
The on-premises Active Directory domain is named contoso.com. User2 could sign on as [email protected] but you would first need to change the UPN of User2 to [email protected].
NEW QUESTION # 303
You have three devices enrolled in Microsoft Endpoint Manager as shown in the following table.
The device compliance policies in Endpoint Manager are configured as shown in the following table.
The device compliance policies have the assignments shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 304
You need to ensure that User2 can review the audit logs. The solutions must meet the technical requirements.
To which role group should you add User2, and what should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?
view=o365-worldwide
Topic 4, FabrikamOverview
Fabrikam, Inc. is an electronics company that produces consumer products. Fabrikam has 10,000 employees worldwide.
Fabrikam has a main office in London and branch offices in major cities in Europe, Asia, and the United States.
Existing Environment
Active Directory Environment
The network contains an Active Directory forest named fabrikam.com. The forest contains all the identities used for user and computer authentication. Each department is represented by a top-level organizational unit (OU) that contains several child OUs for user accounts and computer accounts.
All users authenticate to on-premises applications by signing in to their device by using a UPN format of [email protected].
Fabrikam does NOT plan to implement identity federation.
Network Infrastructure
Each office has a high-speed connection to the Internet.
Each office contains two domain controllers. All domain controllers are configured as DNS servers.
The public zone for fabrikam.com is managed by an external DNS server.
All users connect to an on-premises Microsoft Exchange Server 2016 organization. The users access their email by using Outlook Anywhere, Outlook on the web, or the Microsoft Outlook app for iOS. All the Exchange servers have the latest cumulative updates installed.
All shared company documents are stored on a Microsoft SharePoint Server farm.
Requirements
Planned Changes
Fabrikam plans to implement a Microsoft 365 Enterprise subscription and move all email and shared documents to the subscription.
Fabrikam plans to implement two pilot projects:
* Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
* Project2: After the successful completion of Project1, Microsoft Teams will be enabled in Microsoft
365 for the sales department users.
* Fabrikam plans to create a group named UserLicenses that will manage the allocation of all Microsoft
365 bulk licenses.
Technical Requirements
Fabrikam identifies the following technical requirements:
* All users must be able to exchange email messages successfully during Project1 by using their current email address.
* Users must be able to authenticate to cloud services if Active Directory becomes unavailable.
* A user named User1 must be able to view all DLP reports from the Microsoft Purview compliance portal.
* Microsoft 365 Apps for enterprise applications must be installed from a network share only.
* Disruptions to email access must be minimized.
Application Requirements
Fabrikam identifies the following application requirements:
* An on-premises web application named App1 must allow users to complete their expense reports online. App1 must be available to users from the My Apps portal.
* The installation of feature updates for Microsoft 365 Apps for enterprise must be minimized.
Security Requirements
Fabrikam identifies the following security requirements:
* After the planned migration to Microsoft 365, all users must continue to authenticate to their mailbox and to SharePoint sites by using their UPN.
* The membership of the UserLicenses group must be validated monthly. Unused user accounts must be removed from the group automatically.
* After the planned migration to Microsoft 365, all users must be signed in to on-premises and cloud- based applications automatically.
* The principle of least privilege must be used.
NEW QUESTION # 305
You have a Microsoft 365 subscription.
Your network uses an IP address space of 51.40.15.0/24.
An Exchange Online administrator recently created a role named Role1 from a computer on the network.
You need to identify the name of the administrator by using an audit log search.
For which activities should you search and by which field should you filter in the audit log search? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 306
You have a Microsoft 365 subscription that contains the domains shown in the following exhibit.
Which domain name suffixes can you use when you create users?
- A. onlycontoso.com and Sub2.contoso221018.onmicrosoft.com
- B. onlvcontoso221018.onmicrosoft.com, Sub.contoso221018.onmicrosoft.com, and Sub2.contoso221018.
onmicrosoft.com - C. only Sub1.contoso221018.onmicrosoft.com
- D. all the domains in the subscription
Answer: A
NEW QUESTION # 307
You have a Microsoft 365 E5 subscription and an Azure AD tenant named contoso.com.
All users have computers that run Windows 11, are joined to contoso.com, and are protected by using BitLocker Drive Encryption (BitLocker).
You plan to create a user named Admin1 that will perform following tasks:
* View BitLocker recovery keys.
* Configure the usage location for the users in contoso.com.
You need to assign roles to Admin1 to meet the requirements. The solution must use the principle of least privilege. Which two roles should you assign? To answer, select the appropriate roles in the answer area.
NOTE: Each correct selection is worth one point
Answer:
Explanation:
Explanation
NEW QUESTION # 308
You have a Microsoft 365 subscription that contains a user named User1.
You need to ensure that User1 can search the Microsoft 365 audit logs from the Security & Compliance admin center.
Which role should you assign to User1?
- A. Security reader in the Azure Active Directory admin center
- B. View-Only Audit Logs in the Security & Compliance admin center
- C. Security Reader in the Security & Compliance admin center
- D. View-Only Audit Logs in the Exchange admin center
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-worldwide
NEW QUESTION # 309
You have a Microsoft 365 subscription that contains the users shown in the following table.
You plan to use Exchange Online to manage email for a DNS domain.
An administrator adds the DNS domain to the subscription.
The DNS domain has a status of Incomplete setup.
You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.
Which user should you identify?
- A. User1
- B. User3
- C. User4
- D. User2
Answer: A
NEW QUESTION # 310
You have a Microsoft 365 subscription that contains the users in the following table.
In Microsoft Endpoint Manager, you create two device type restrictions that have the settings shown in the following table.
In Microsoft Endpoint Manager, you create three device limit restrictions that have the settings shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 311
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Office 365.
You need to automate Attack simulation training for users when a phishing campaign is detected in real-time.
Which type of automation should you use. and which condition should you configure for the Attack simulation training? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
NEW QUESTION # 312
You are reviewing alerts in the Microsoft 365 Defender portal.
How long are the alerts retained in the portal?
- A. 3 months
- B. 12 months
- C. 6 months
- D. 30 days
- E. 60 days
Answer: A
Explanation:
Data retention information for Microsoft Defender for Office 365
By default, data across different features is retained for a maximum of 30 days. However, for some of the features, you can specify the retention period based on policy. See the following table for the different retention periods for each feature.
Defender for Office 365 Plan 1
* Alert metadata details (Microsoft Defender for Office alerts)
90 days.
Note: By default, the alerts queue in the Microsoft 365 Defender portal displays the new and in progress alerts from the last 30 days. The most recent alert is at the top of the list so you can see it first.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/mdo-data-retention
NEW QUESTION # 313
You have a Microsoft 365 tenant.
You need to create a custom Compliance Manager assessment template.
Which application should you use to create the template, and in which file format should the template be saved? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-templates-create?view=o365-w
NEW QUESTION # 314
You have a Microsoft 365 E5 subscription that has auditing turned on. The subscription contains the users shown in the following table.
You plan to create a new user named User1.
How long will the user creation audit event be available if Admin1 or Admin2 creates User1? To answer, select the appropriate options in the answer area.
Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 315
You have a Microsoft 365 E5 tenant that connects to Microsoft Defender for Endpoint.
You have devices enrolled in Microsoft Intune as shown in the following table.
You plan to use risk levels in Microsoft Defender for Endpoint to identify whether a device is compliant. Noncompliant devices must be blocked from accessing corporate resources.
You need to identify which devices can be onboarded to Microsoft Defender for Endpoint, and which Endpoint security policies must be configured.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-machines-onboarding?view=o365-worldwide
NEW QUESTION # 316
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1.
You need to enable User1 to create Compliance Manager assessments.
Solution: From the Microsoft 365 compliance center, you add User1 to the Compliance Manager Assessors role group.
Does this meet the goal?
- A. No
- B. Yes
Answer: B
Explanation:
Reference:
https://github.com/MicrosoftDocs/microsoft-365-docs/blob/public/microsoft-365/security/office-365-security/pe
NEW QUESTION # 317
......
Microsoft MS-102: Selling Microsoft 365 Certified Products and Solutions: https://pass4sure.verifieddumps.com/MS-102-valid-exam-braindumps.html
