- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription that contains a user named User1. You need to enable User1 to create Compliance Manager assessments.
Solution: From the Microsoft 365 admin center, you assign User1 the Compliance data admin role. Does this meet the goal?
Correct Answer:
B
Reference:
https://github.com/MicrosoftDocs/microsoft-365-docs/blob/public/microsoft-365/security/office-365-security/pe
- (Exam Topic 4)
Your company is based in the United Kingdom (UK).
Users frequently handle data that contains Personally Identifiable Information (PII).
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Solution:
Allowed
blocked, but the user can override the policy 1. If a user attempts to upload a document to a Microsoft SharePoint site, and the document contains one UK passport number, the document will be: allowed explanation
When setting the policy tips and notifications, the document won't be blocked, it just shows a policy tip, if you set up this policy yourself, you will see there are no (block) actions configured for this rule.
* 2. If a user attempts to email 100 UK passport numbers to a user in the same company, the email message will be: blocked, but the user can override the policy
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have a Microsoft 365 E5 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.
You need to ensure that users can enroll devices in Microsoft Endpoint Manager without manually entering the address of Microsoft Endpoint Manager.
Which two DNS records should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Correct Answer:
BF
- (Exam Topic 4)
From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.)
You need to reduce the likelihood that the sign-ins are identified at risky. What should you do?
Correct Answer:
D
References:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are deploying Microsoft Intune.
You successfully enroll Windows 10 devices in Intune.
When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You create an Apple Configurator enrollment profile. Does this meet the goal?
Correct Answer:
B
