Pass Your Microsoft Exam with MS-102 Exam Dumps (Updated 527 Questions) [Q194-Q219]

Share

Pass Your Microsoft Exam with MS-102 Exam Dumps (Updated 527 Questions)

MS-102 Exam Dumps - Microsoft Practice Test Questions

NEW QUESTION # 194
You are evaluating the required processes for Project1.
You need to recommend which DNS record must be created while adding a domain name for the project.
Which DNS record should you recommend?

  • A. host information
  • B. text (TXT)
  • C. host (A)
  • D. alias (CNAME)

Answer: D

Explanation:
When you add a custom domain to Office 365, you need to verify that you own the domain. You can do this by adding either an MX record or a TXT record to the DNS for that domain.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
Text (TXT)
Mail exchanger (MX)
incorrect answer options you may see on the exam include the following:
alias (CNAME)
Host (A)
host (AAA)
Pointer (PTR)
Name Server (NS)
host information (HINFO)
pointer (PTR)
Reference:
https://docs.microsoft.com/en-us/office365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-


NEW QUESTION # 195
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You have labels in Microsoft 365 as shown in the following table.

The content in Microsoft 365 is assigned labels as shown in the following table.

You have labels In Microsoft 365 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Answer:

Explanation:

Explanation:


NEW QUESTION # 196
You have a Microsoft 365 E5 subscription.
You need to create a Conditional Access policy that will require the use of FID02 security keys only when users join their Windows devices to Microsoft Entra ID.
How should you configure the policy? To answer, select the appropriate options in the answer area.
NOTE Each correct selection is worth one point.

Answer:

Explanation:

Explanation:


NEW QUESTION # 197
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1. Site1 contains the files shown in the following table.

You create a sensitivity label named Sensitivity1 and an auto-label policy that has the following configurations:
* Name: AutoLabel1
* Label to auto-apply: Sensitivity1
* Rules for SharePoint Online sites: Rule1-SPO
* Choose locations where you want to apply the label: Site1
Rule1-SPO is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide


NEW QUESTION # 198
You have a Microsoft 365 subscription.
You need to meet the following requirements:
* Report a Microsoft 365 service issue.
* Request help on how to add a new user to an Azure AD tenant.
What should you use in the Microsoft 365 admin center? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:


NEW QUESTION # 199
You plan to implement the endpoint protection device configuration profiles to support the planned changes.
You need to identify which devices will be supported, and how many profiles you should implement.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:

Reference:
https://docs.microsoft.com/en-us/mem/intune/configuration/device-profile-create


NEW QUESTION # 200
You have a Microsoft 365 E5 tenant.
You have a sensitivity label configured as shown in the Sensitivity label exhibit. (Click the Sensitivity label tab.)

You have an auto-labeling policy as shown in the Auto-labeling policy exhibit. (Click the Auto-labeling policy tab.)

A user sends an email that contains the components shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo


NEW QUESTION # 201
HOTSPOT
You have a new Microsoft 365 E5 tenant.
Enable Security defaults is set to Yes.
A user signs in to the tenant for the first time.
Which multi-factor authentication (MFA) method can the user use, and how many days does the user have to register for MFA? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:

Box 1: Notification to Microsoft Authenticator app
Do users have 14 days to register for Azure AD Multi-Factor Authentication?
Users have 14 days to register for MFA with the Microsoft Authenticator app from their smart phones, which begins from the first time they sign in after security defaults has been enabled. After 14 days have passed, the user won't be able to sign in until MFA registration is completed.
Box 2: 14
Azure AD Identity Protection will prompt your users to register the next time they sign in interactively and they'll have 14 days to complete registration. During this 14-day period, they can bypass registration if MFA isn't required as a condition, but at the end of the period they'll be required to register before they can complete the sign-in process.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/solutions/empower-people-to-work-remotely-secure-sign-in
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-


NEW QUESTION # 202
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You configure the Microsoft Authenticator authentication method policy to enable passwordless authentication as shown in the following exhibit.

Both User1 and User2 report that they are NOT prompted for passwordless sign-in in the Microsoft Authenticator app.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Yes
User1 is member of Group1.
User1 has MFA registered method of Microsoft Authenticater app (push notification) The Microsoft Authenticator authentication method policy is configured for Group1, registration is optional, authentication method is any.
Note: Microsoft Authenticator can be used to sign in to any Azure AD account without using a password.
Microsoft Authenticator uses key-based authentication to enable a user credential that is tied to a device, where the device uses a PIN or biometric. Windows Hello for Business uses a similar technology.
This authentication technology can be used on any device platform, including mobile. This technology can also be used with any app or website that integrates with Microsoft Authentication Libraries.
Box 2: No
User2 is member of Group2.
The Microsoft Authenticator authentication method policy is configured for Group1, not for Group2.
Box 3: No
User3 is member of Group1.
User3 has no MFA method registered.
User3 must choose an authentication method.
Note: Enable passwordless phone sign-in authentication methods
Azure AD lets you choose which authentication methods can be used during the sign-in process. Users then register for the methods they'd like to use.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-phone


NEW QUESTION # 203
You have a Microsoft 365 E5 subscription that contains a user named User1. You create an anti-phishing policy named Policy! that has the following settings:
* Include these users, groups and domains: User1
* Phishing email threshold: 3 - More Aggressive
User1 receives the email messages shown in the following table.

Which messages are phishing email?

  • A. Mail1, Mail2, Mail3, and Mail4
  • B. Mail4 only
  • C. Mail3 and Mail4 only
  • D. Mail2, Mail3, and Mail4 only

Answer: C


NEW QUESTION # 204
You have a Microsoft 365 E5 tenant that contains the devices shown in the following table.

You plan to implement attack surface reduction (ASR) rules. Which devices will support the ASR rules?

  • A. Device2 and Device3 only
  • B. Device3 only
  • C. Device1, Device2, Devices and Device4
  • D. Device 1, Device2, and Device3 only

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view


NEW QUESTION # 205
On which server should you install the Azure ATP sensor?

  • A. Server 2
  • B. Server 4
  • C. Server 5
  • D. Server 1
  • E. Server 3

Answer: D

Explanation:
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-capacity-planning However, if the case study had required that the DCs can't have any s/w installed, then the answer would have been a standalone sensor on Server2. In this scenario, the given answer is correct. BTW, ATP now known as Defender for Identity.


NEW QUESTION # 206
You use Microsoft Defender for Endpoint.
You have the Microsoft Defender for Endpoint device groups shown in the following table

You plan to onboard computers to Microsoft Defender for Endpoint as shown in the following table.

Answer:

Explanation:

Explanation:


NEW QUESTION # 207
HOTSPOT
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint Online site named Site1 and the users shown in the following table.

The devices are configured as shown in the following table.

You have a Conditional Access policy named CAPolicy1 that has the following settings:
1.Assignments
Users or workload identities: Group1
Cloud apps or actions: Office 365 SharePoint Online
Conditions
- Filter for devices: Exclude filtered devices from the policy
- Rule syntax: device.displayName -startsWith "Device"
2.Access controls
Grant
- Grant: Block access
Session: 0 controls selected
3.Enable policy: On
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: No
User1 is member of Group1 and has Device1.
Device1 is not Azure AD joined.
Note: Requiring a hybrid Azure AD joined device is dependent on your devices already being hybrid Azure AD joined.
Box 2: Yes
User2 is member of Group1 and has devices Device2 and Device3.
Device2 is Azure AD joined.
Device2 is excluded from CAPolicy1 (which would block access to Site1).
Box 3: Yes
User2 is member of Group1 and has devices Device2 and Device3.
Device3 is Android and is Azure AD registered.
Device3 is excluded from CAPolicy1 (which would block access to Site1).
Note: On Windows 7, iOS, Android, macOS, and some third-party web browsers, Azure AD identifies the device using a client certificate that is provisioned when the device is registered with Azure AD. When a user first signs in through the browser the user is prompted to select the certificate. The end user must select this certificate before they can continue to use the browser.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-com


NEW QUESTION # 208
You have a Microsoft 365 is subscription that includes Microsoft Intune.
You manage all iOS devices by using Intune.
You plan to protect corporate-owned iOS devices by using Microsoft Defender for Endpoint. You configure a connection between Intune and Defender for Endpoint.
You need to onboard the devices to Defender for Endpoint.
What should you do?

  • A. Enable Microsoft Defender for Cloud.
  • B. Add an app to Intune.
  • C. Create an app protection policy.
  • D. Download an onboarding package.

Answer: C


NEW QUESTION # 209
Your company uses Microsoft Defender for Endpoint.
The devices onboarded to Microsoft Defender for Endpoint are shown in the following table.

The alerts visible in the Microsoft Defender for Endpoint alerts queue are shown in the following table.

You create a suppression rule that has the following settings:
* Triggering IOC: Any IOC
* Action: Hide alert
* Suppression scope: Alerts on ATP1 device group
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

Answer:

Explanation:

Explanation:


NEW QUESTION # 210
You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table:

The tenant has a conditional access policy that has the following configurations:
Name: Policy1
Assignments:
- Users and groups: Group1
- Cloud aps or actions: All cloud apps
Access controls:
Grant, require multi-factor authentication
Enable policy: Report-only
You set Enabled Security defaults to Yes for the tenant.
For each of the following settings select Yes, if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-report-only


NEW QUESTION # 211
You have a Microsoft 365 subscription that contains three groups named All users, Sales team, and Office users, and two users shown in the following table.

In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the following exhibit.

The policies use the settings shown in the following table.

What is the default share folder location for User1 and the default Office theme for User2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Table Description automatically generated

Reference:
https://docs.microsoft.com/en-us/deployoffice/overview-office-cloud-policy-service


NEW QUESTION # 212
You have a Microsoft 365 tenant that is signed up for Microsoft Store for Business and contains the users shown in the following table.

All users have Windows 10 Enterprise devices.
The Products & services settings in Microsoft Store for Business are shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Text Description automatically generated

Reference:
https://docs.microsoft.com/en-us/microsoft-store/roles-and-permissions-microsoft-store-for-business


NEW QUESTION # 213
You have a Microsoft 365 E5 subscription that contains two security groups named Group1 and Group2.
You need to enable multi-factor authentication (MFA) for the members of Group1 and Group2. The solution must meet the following requirements:
* The Group1 members must be prompted for MFA only when authenticating to Microsoft Entra ID from Android devices.
* The Group2 members must be prompted for MFA only when accessing Microsoft Exchange Online from outside the corporate network.
* Administrative effort must be minimized.
What should you configure for each group? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:


NEW QUESTION # 214
You have a Microsoft 365 E5 subscription.
You need to be alerted when Microsoft 365 Defender detects high-severity incidents.
What should you use?

  • A. an alert policy
  • B. a notification rule
  • C. a threat policy
  • D. a custom detection rule

Answer: D


NEW QUESTION # 215
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

In Microsoft Endpoint Manager, you have the Policies for Office apps settings shown in the following table.

The policies use the settings shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

Reference:
https://docs.microsoft.com/en-us/deployoffice/overview-office-cloud-policy-service


NEW QUESTION # 216
You have a Microsoft 365 E5 tenant that contains a Microsoft SharePoint Online site named Site1. Site1 contains the files shown in the following table.

You create a sensitivity label named Sensitivity1 and an auto-label policy that has the following configurations:
Name: AutoLabel1
Label to auto-apply: Sensitivity1
Rules for SharePoint Online sites: Rule1-SPO
Choose locations where you want to apply the label: Site1
Rule1-SPO is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-wo
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide


NEW QUESTION # 217
You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com.
You create a Microsoft Defender for identity instance Contoso.
The tenant contains the users shown in the following table.

You need to modify the configuration of the Defender for identify sensors.
Solutions: You instruct User1 to modify the Defender for identity sensor configuration.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: B


NEW QUESTION # 218
You have a Microsoft 365 E5 subscription.
You configure a new alert policy as shown in the following exhibit.

You need to identify the following:
How many days it will take to establish a baseline for unusual activity.
Whether alerts will be triggered during the establishment of the baseline.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:

ence:
https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwide


NEW QUESTION # 219
......


Microsoft MS-102 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Manage security and threats by using Microsoft Defender XDR: This topic discusses how to use Microsoft Defender portal to manage security reports and alerts. It also focuses on usage of Microsoft Defender for Office 365 to implement and manage email and collaboration protection. Lastly, it discusses the usage of Microsoft Defender for Endpoint for the implementation and management of endpoint protection.
Topic 2
  • Deploy and manage a Microsoft 365 tenant: Management of roles in Microsoft 365 and management of users and groups are discussion points of this topic. It also focuses on implementing and managing a Microsoft 365 tenant.
Topic 3
  • Manage compliance by using Microsoft Purview: Implementation of Microsoft Purview information protection and data lifecycle management is discussed in this topic. Moreover, questions about implementing Microsoft Purview data loss prevention (DLP) also appear.
Topic 4
  • Implement and manage Microsoft Entra identity and access: In this topic, questions about Microsoft Entra tenant appear. Moreover, it delves into implementation and management of authentication and secure access.

 

New Real MS-102 Exam Dumps Questions: https://drive.google.com/open?id=1KHCr01pHUiINZjTwbrLyBQNSzCwhFciN

Pass Your MS-102 Exam Easily with Accurate PDF Questions: https://www.actual4cert.com/MS-102-real-questions.html