Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Microsoft > Microsoft Certifications > MS-101 > MS-101 Online Practice Questions and Answers

MS-101 Online Practice Questions and Answers

Questions 4

HOTSPOT

You have several devices enrolled in Microsoft Intune.

You have a Microsoft Azure Active Directory (Azure AD) tenant that includes the users shown in the following table.

The device type restrictions in Intune are configured as shown in the following table.

You add User3 as a device enrollment manager in Intune.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Box 1:

No. User1 is in Group1. The two device type policies that apply to Group1 are Policy3 and the Default (All Users) policy. However, Policy3 has a higher priority than the default policy so Policy3 is the only effective policy. Policy3 allows the

enrolment of Android and iOS devices only, not Windows.

Box 2:

No. User2 is in Group1 and Group2. The device type policies that apply to Group1 and Group2 are Policy2, Policy3 and the Default (All Users) policy. However, Policy2 has a higher priority than Policy 3 and the default policy so Policy2 is the

only effective policy. Policy2 allows the enrolment of Windows devices only, not Android.

Box 3:

Yes. User3 is a device enrollment manager. Device restrictions to not apply to a device enrollment manager.

Reference:

https://docs.microsoft.com/en-us/intune/enrollment/enrollment-restrictions-set

Questions 5

HOTSPOT

You have a Microsoft 365 E5 tenant that contains the users shown in the following table.

You purchase the devices shown in the following table.

In Microsoft Endpoint Manager, you create an enrollment status page profile that has the following settings:

1.

Show app and profile configuration progress: Yes

2.

Allow users to collect logs about installation errors: Yes

3.

Only show page to devices provisioned by out-of-box experience (OOBE): No

4.

Assignments: Group2

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

Buy Now

Correct Answer:

Reference: https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-status

Questions 6

Your company has a Microsoft 365 E5 subscription.

Users in the research department work with sensitive data.

You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.

What should you do from the Security and Compliance admin center?

A. Create a data loss prevention (DLP) policy that has a Content is shared condition.

B. Modify the default safe links policy.

C. Create a data loss prevention (DLP) policy that has a Content contains condition.

D. Create a new safe links policy.

Buy Now

Correct Answer: D

References: https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-atp-safe-links-policies#policies-that-apply-to-specific-email-recipients

Questions 7

You have a Microsoft 365 subscription.

All users have their email stored in Microsoft Exchange Online.

In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.

What should you do?

A. From the Security and Compliance admin center, create a data loss prevention (DLP) policy.

B. From the Security and Compliance admin center, create a label and label policy.

C. From the Security and Compliance admin center, create, create a label and a label policy.

D. From the Security and Compliance admin center, start a message trace.

E. From the Exchange admin center, start a mail flow message trace

Buy Now

Correct Answer: A

A DLP policy contains a few basic things:

Where to protect the content: locations such as Exchange Online, SharePoint Online, and OneDrive for Business sites, as well as Microsoft Teams chat and channel messages.

When and how to protect the content by enforcing rules comprised of:

Conditions the content must match before the rule is enforced. For example, a rule might be configured to look only for content containing Social Security numbers that's been shared with people outside your organization.

Actions that you want the rule to take automatically when content matching the conditions is found. For example, a rule might be configured to block access to a document and send both the user and compliance officer an email notification.

References:

https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies

Questions 8

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

From the Security and Compliance admin center, you create a role group named US eDiscovery Managers by copying the eDiscovery Manager role group.

You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States.

Solution: From Windows PowerShell, you run the New-ComplianceSecurityFilter cmdlet with the appropriate parameters.

Does this meet the goal?

A. Yes

B. No

Buy Now

Correct Answer: A

References: https://docs.microsoft.com/en-us/office365/securitycompliance/permissions-filtering-for-content-search https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-content-search/new-compliancesecurityfilter?view=exchange-ps

Questions 9

You have a Microsoft 365 E5 tenant that contains four devices enrolled in Microsoft Intune as shown in the following table.

You plan to deploy Microsoft 365 Apps for enterprise by using Microsoft Endpoint Manager. To which devices can you deploy Microsoft 365 Apps for enterprise?

A. Device1 only

B. Device1 and Device3 only

C. Device2 and Device4 only

D. Device1, Device2, and Device3 only

E. Device1, Device2, Device3, and Device4

Buy Now

Correct Answer: B

Reference: https://docs.microsoft.com/en-us/mem/intune/apps/apps-add

Questions 10

You have a Microsoft 365 E5 tenant.

You need to be notified when emails with attachments that contain sensitive personal data are sent to external recipients.

Which two policies can you use? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A. a data loss prevention (DLP) policy

B. a sensitivity label policy

C. a Microsoft Cloud App Security file policy

D. a communication compliance policy

E. a retention label policy

Buy Now

Correct Answer: AD

Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance?view=o365-worldwide

Questions 11

You purchase a new computer that has Windows 10, version 2004 preinstalled.

You need to ensure that the computer is up-to-date. The solution must minimize the number of updates installed.

What should you do on the computer?

A. Install all the feature updates released since version 2004 and all the quality updates released since version 2004 only.

B. install the West feature update and the latest quality update only.

C. install all the feature updates released since version 2004 and the latest quality update only.

D. install the latest feature update and all the quality updates released since version 2004.

Buy Now

Correct Answer: B

Questions 12

You have a Microsoft 365 E5 tenant.

You need to create a policy that will trigger an alert when unusual Microsoft Office 365 usage patterns are detected.

What should you use to create the policy?

A. the Microsoft 365 admin center

B. the Microsoft 365 compliance center

C. the Microsoft Defender for Cloud Apps portal

D. the Microsoft Apps admin center

Buy Now

Correct Answer: B

Explanation:

Real-Time Alerting with Microsoft 365 Alert Policies

Microsoft 365 suite comes with a large set of apps and services, with most of them having a user-friendly interface. However, Microsoft 365 suite is very vast and includes an extensive list of audit logs of all actions performed in an

organization. Thus, it has become difficult and time-consuming for the administrators to monitor the suspicious activities and unauthorized actions that are taking place. This is where Microsoft 365 Alert Policies come in.

Using the Alert Policies feature available in the Compliance Center and Microsoft 365 Defender/Security admin center, you can combat this problem. With the help of alert policies, you can monitor user activities and security incidents, such as

phishing, unusual external user activities, suspicious massive file or folder deletions, and more.

Reference: https://o365reports.com/2022/03/10/real-time-alerting-with-microsoft-365-alert-policies/

Questions 13

You have a Microsoft 365 E5 subscription.

You need to be alerted when Microsoft 365 Defender detects high-severity incidents.

What should you use?

A. a threat policy

B. a custom detection rule

C. an alert policy

D. a notification rule

Buy Now

Correct Answer: C

Explanation:

Alert policy settings

An alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert, a list of users who trigger the alert if they perform the activity, and a threshold that defines how many times the activity has to

occur before an alert is triggered. You also categorize the policy and assign it a severity level.

Note:

You can also define user tags as a condition of an alert policy. This results in the alerts triggered by the policy to include the context of the impacted user. You can use system user tags or custom user tags.

*

When the alert is triggered.

*

Alert category.

*

Alert severity. Similar to the alert category, you assign a severity attribute (Low, Medium, High, or Informational) to alert policies.

Reference: https://learn.microsoft.com/en-us/microsoft-365/compliance/alert-policies

Exam Code: MS-101
Exam Name: Microsoft 365 Mobility and Security
Last Update: Jun 09, 2025
Questions: 525

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.