- (Exam Topic 3)
Which role should you assign to User1?
Correct Answer:
D
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-give-acces
- (Exam Topic 4)
You have a Microsoft 365 subscription that contains 1,000 user mailboxes.
An administrator named Admin1 must be able to search for the name of a competing company in the mailbox of a user named User5.
You need to ensure that Admin1 can search the mailbox of User5 successfully. The solution must prevent Admin1 from sending User5.
Solution: You assign the eDiscovery Manager role to Admin1, and then create an eDiscovery case. Does this meet the goal?
Correct Answer:
A
References:
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/ediscovery/ediscovery?view=exchserver-201
- (Exam Topic 4)
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn’t matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below. Microsoft 365 Username:
admin@LODSe244001@onmicrosoft.com Microsoft 365 Password: &=Q8v@2qGzYz
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only: Lab instance: 11032396
You need to ensure that a user named Alex Wilber can register for multifactor authentication (MFA). To complete this task, sign in to the Microsoft Office 365 admin center.
Solution:
Enable Modern authentication for your organization
* 1. To enable modern authentication, from the admin center, select Settings > Settings and then in the Services tab, choose Modern authentication from the list.
* 2. Check the Enable modern authentication box in the Modern authentication panel.
Enable multi-factor authentication for your organization
* 1. In the admin center, select Users and Active Users.
* 2. In the Active Users section, Click on multi-factor authentication.
* 3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.
* 4. Click on Enable under Quick Steps.
* 5. In the Pop-up window, Click on Enable Multi-Factor Authentication.
After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authenticati
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have a Microsoft 365 E5 subscription that uses Microsoft Endpoint Manager. The Compliance policy settings are configured as shown in the following exhibit.
On February 25, 2020, you create the device compliance policies shown in the following table.
On March 1. 2020, users enroll Windows 10 devices in Microsoft Endpoint Manager as shown in the following table
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
Box 1: Yes
Device2 is in Group2 so Policy2 applies.
Device2 is not compliant with Policy2. However, the device won’t be marked as non-compliant until 10 days after the device was enrolled.
Box 2: Yes
Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply.
Device1 is compliant with Policy1 but non-compliant with Policy2. However, the device won’t be marked as non-compliant until 10 days after the device was enrolled.
Box 3: No
Device1 is in Group1 and Group2 so both Policy1 and Policy2 apply. Device1 is compliant with Policy1 but non-compliant with Policy2.
March 12th is more than 10 days after the device was enrolled so it will now be marked as non-compliant by Policy2.
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and a Microsoft Office 365 connector.
You need to assign built-in role-based access control (RBAC) roles to achieve the following tasks: Create and run playbooks.
Manage incidents.
The solution must use the principle of least privilege.
Which two roles should you assign? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Correct Answer:
DE
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/roles