MS-101 Online Practice Questions and Answers

HOTSPOT

You have a Microsoft 365 tenant.

You need to retain Azure Active Directory (Azure AD) audit logs for two years.

Administrators must be able to query the audit log information by using the Azure Active Directory admin center.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 E5 tenant that contains two users named User1 and User2 and the groups shown in the following table.

You have a Microsoft Intune enrollment policy that has the following settings:

MDM user scope: Some

-Groups: Group1 MAM user scope: Some

-Groups: Group2

You purchase the devices shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 tenant that is signed up for Microsoft Store for Business and contains the users shown in the following table.

All users have Windows 10 Enterprise devices.

The Products and services settings in Microsoft Store for Business are shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

You have a Microsoft 365 E5 tenant that contains the users shown in the following table.

You perform the following actions:

1.

Provision the private store in Microsoft Store for Business.

2.

Add an app named App1 to the private store.

3.

Set Private store availability for App1 to Specific groups, and then select Group3.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

HOTSPOT

Your company has a Microsoft 365 tenant

You plan to allow users that are members of a group named Engineering to enroll their mobile device in mobile device management (MDM)

The device type restriction are configured as shown in the following table.

The device limit restriction are configured as shown in the following table.

Hot Area:

Your company has five security information and event management (SIEM) appliances. The traffic logs from each appliance are saved to a file share named Logs.

You need to analyze the traffic logs.

What should you do from Microsoft Cloud App Security?

A. Click Investigate, and then click Activity log.

B. Click Control, and then click Policies. Create a file policy.

C. Click Discover, and then click Create snapshot report.

D. Click Investigate, and then click Files.

Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains computers that run Windows 10 Enterprise and are managed by using Microsoft Intune. The computers are configured as shown in the following table.

You plan to implement Windows Defender Application Guard for contoso.com.

You need to identify on which two Windows 10 computers Windows Defender Application Guard can be installed.

Which two computers should you identify? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. Computer1

B. Computer3

C. Computer2

D. Computer4

Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.

A user named User1 is a member of a dynamic group named Group1.

User1 reports that he cannot access documents shared to Group1.

You discover that User1 is no longer a member of Group1.

You suspect that an administrator made a change that caused User1 to be removed from Group1.

You need to identify which administrator made the change.

Which audit log activity should you search in the Security and Compliance admin center?

A. Azure AD group administration activities – Removed member from group

B. User administration activities – Updated user

C. Azure AD group administration activities – Updated group

You have a Microsoft 365 subscription.

You discover that some external users accessed center for a Microsoft SharePoint site.

You modify the sharePoint sharing policy to prevent sharing, outside your organization.

You need to be notified if the SharePoint sharing policy is modified in the future.

Solution: From the Security $ Compliance admin center you create a threat management policy.

Does this meet the goal?

A. Yes

B. No

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD).

You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch).

You configure pilot co-management.

You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1.

You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.

Solution: You create a device configuration profile from the Device Management admin center.

Does this meet the goal?

A. Yes

B. No