MS-101: Microsoft 365 Mobility And Security

129 Questions | Total Attempts: 17

SettingsSettingsSettings
Please wait...
MS-101: Microsoft 365 Mobility And Security

The actual exam questions based on the excellent "Examtopics" website: https://www. Examtopics. Com/exams/microsoft/ms-101/view/1/


Questions and Answers
  • 1. 
    Of which groups are Computer1 and Computer2 members? To answer, select the appropriate options in the answer area.
  • 2. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future.  Solution: From the SharePoint admin center, you modify the sharing settings. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 3. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You have a Microsoft 365 subscription.  You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future.  Solution: From the Security & Compliance admin center, you create a threat management policy. Does this meet the goal? 
    • A. 

      Yes

    • B. 

      No

  • 4. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future.  Solution: From the SharePoint site, you create an alert. Does this meet the goal? 
    • A. 

      Yes

    • B. 

      No

  • 5. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You add your user account as a device enrollment manager. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 6. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You configure the Apple MDM Push certificate. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 7. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You create an Apple Configurator enrollment profile. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 8. 
    Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You create a device configuration profile from the Intune admin center. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 9. 
    Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You unjoin Device1 from the Active Directory domain.. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 10. 
    Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to an Active Directory group. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 11. 
    You have three devices enrolled in Microsoft Intune as shown in the following table. The device compliance policies in Intune are configured as shown in the following table. The device compliance policies have the assignments shown in the following table. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
    • A. 

      Policy 1 applies to Device 3.

    • B. 

      Policy 2 applies to Device 2

    • C. 

      Policy 2 doesn't apply to Device 2.

    • D. 

      Policy 1 applies to Device 1

  • 12. 
    You have Windows 10 Pro devices that are joined to an Active Directory domain.You plan to create a Microsoft 365 tenant and to upgrade the devices to Windows 10 Enterprise. You are evaluating whether to deploy Windows Hello for Business for SSO to Microsoft 365 services. What are two prerequisites of the deployment? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
    • A. 

      A: Computers that have biometric hardware features

    • B. 

      B. Microsoft Intune enrollment

    • C. 

      C. Microsoft Azure Active Directory (Azure AD)

    • D. 

      D. Smartcards

    • E. 

      E. TPM-enabled device

  • 13. 
    You have a Microsoft 365 tenant. All users are assigned the Enterprise Mobility + Security license. You need to ensure that when users join their device to Microsoft Azure Active Directory (Azure AD), the device is enrolled in Microsoft Intune automatically. What should you configure?
    • A. 

      A. Enrollment restrictions from the Intune admin center

    • B. 

      B. Device enrollment managers from the Intune admin center

    • C. 

      C. MAM User scope from the Azure Active Directory admin center

    • D. 

      D. MDM User scope from the Azure Active Directory admin center

  • 14. 
    Your network contains an Active Directory domain named contoso.com. All client devices run Windows 10 and are joined to the domain. You update the Windows 10 devices by using Windows Update for Business. What is the maximum amount of time you can defer Windows 10 updates? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
    • A. 

      Quality Updates: 14 days

    • B. 

      Quality Updates: 30 days

    • C. 

      Quality Updates: 60 days

    • D. 

      Quality Updates: 120 days

    • E. 

       Feature Updates: 60 days

    • F. 

      Feature Updates: 180 days

    • G. 

      Feature Updates: 365 days

    • H. 

      Feature Updates: 540 days

  • 15. 
    Your company uses Microsoft System Center Configuration Manager (Current Branch) and Microsoft Intune to co-manage devices. Which two actions can be performed only from Intune? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
    • A. 

      A. Deploy applications to Windows 10 devices.

    • B. 

      B. Deploy VPN profiles to iOS devices.

    • C. 

      C. Deploy VPN profiles to Windows 10 devices.

    • D. 

      D. Publish applications to Android devices.

  • 16. 
    Your network contains an Active Directory domain named contoso.com that uses Microsoft System Center Configuration Manager (Current Branch). You have Windows 10 and Windows 8.1 devices. You need to ensure that you can analyze the upgrade readiness of all the Windows 8.1 devices and analyze the update compliance of all the Windows 10 devices. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
    • A. 

      Create a Microsoft Azure Log Analytics workspace

    • B. 

      Configure all the devices to have a commercial ID

  • 17. 
    You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You have a Microsoft 365 subscription. You need to ensure that users can manage the configuration settings for all the Windows 10 devices in your organization. What should you configure?
    • A. 

      A. the Enrollment restrictions

    • B. 

      B. the mobile device management (MDM) authority

    • C. 

      C. the Exchange on-premises access settings

    • D. 

      D. the Windows enrollment settings

  • 18. 
    You configure a conditional access policy. The locations settings are configured as shown in the Locations exhibit. (Click the Locations tab.) The users and groups settings are configured as shown in the Users and Groups exhibit. (Click Users and Groups tab.) Members of the Security reader group report that they cannot sign in to Microsoft Active Directory (Azure AD) on their device while they are in the office. You need to ensure that the members of the Security reader group can sign in in to Azure AD on their device while they are in the office. The solution must use the principle of least privilege. What should you do?
    • A. 

      A. From the conditional access policy, configure the device state.

    • B. 

      B. From the Azure Active Directory admin center, create a custom control.

    • C. 

      C. From the Intune admin center, create a device compliance policy.

    • D. 

      D. From the Azure Active Directory admin center, create a named location.

  • 19. 
    You have computers that run Windows 10 Enterprise and are joined to the domain.You plan to delay the installation of new Windows builds so that the IT department can test application compatibility. You need to prevent Windows from being updated for the next 30 days. Which two Group Policy settings should you configure? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
    • A. 

      A. Select when Quality Updates are received

    • B. 

      B. Select when Preview Builds and Feature Updates are received

    • C. 

      C. Turn off auto-restart for updates during active hours

    • D. 

      D. Manage preview builds

    • E. 

      E. Automatic updates detection frequency

  • 20. 
    You have three devices enrolled in Microsoft Intune as shown in the following table. The device compliance policies in Intune are configured as shown in the following table. The device compliance policies have the assignments shown in the following table. For each of the following statements, check the box if the statement is true. Otherwise, leave deselected. NOTE: Each correct selection is worth one point.
    • A. 

      Device1 is marked as noncompliant after 10 days

    • B. 

      Device2 is marked as noncompliant after 10 days

    • C. 

      Device3 is marked as noncompliant after 10 days

  • 21. 
    You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You need to provide a user with the ability to sign up for Microsoft Store for Business for contoso.com. The solution must use the principle of least privilege. Which role should you assign to the user?
    • A. 

      A. Cloud application administrator

    • B. 

      B. Application administrator

    • C. 

      C. Global administrator

    • D. 

      D. Service administrator

  • 22. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You create the Mobility (MDM and MAM) settings. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 23. 
    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to a Configuration Manager device collection. Does this meet the goal?
    • A. 

      Yes

    • B. 

      No

  • 24. 
    From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.) You need to reduce the likelihood that the sign-ins are identified at risky. What should you do?
    • A. 

      A. From the Security & Compliance admin center, create a classification label.

    • B. 

      B. From the Security & Compliance admin center, add the users to the Security Readers role group.

    • C. 

      C. From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.

    • D. 

      D. From the Conditional access blade in the Azure Active Directory admin center, create named locations.

  • 25. 
    Your company has a Microsoft 365 E5 subscription. Users in the research department work with sensitive data. You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted. What should you do from the Security & Compliance admin center?
    • A. 

      A. Create a data loss prevention (DLP) policy that has a Content is shared condition.

    • B. 

      B. Modify the default safe links policy.

    • C. 

      C. Create a data loss prevention (DLP) policy that has a Content contains condition.

    • D. 

      D. Create a new safe links policy.

Back to Top Back to top