- (Exam Topic 5)
DRAG DROP
You have a Microsoft 365 E5 tenant.
You need to implement compliance solutions that meet the following requirements:
• Use a file plan to manage retention labels.
• Identify, monitor, and automatically protect sensitive information.
• Capture employee communications for examination by designated reviewers.
Which solution should you use for each requirement? To answer, drag the appropriate solutions to the correct requirements. Each solution may be used once, more than once, or not at all. You may need to drag the split bat between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Solution:
Graphical user interface, text, application Description automatically generated
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
HOTSPOT
You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table:
The tenant has a conditional access policy that has the following configurations: Name: Policy1
Assignments:
- Users and groups: Group1
- Cloud aps or actions: All cloud apps 
Access controls: Grant, require multi-factor authentication Enable policy: Report-only
You set Enabled Security defaults to Yes for the tenant.
For each of the following settings select Yes, if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Solution:
Report-only mode is a new Conditional Access policy state that allows administrators to evaluate the impact of Conditional Access policies before enabling them in their environment. With the release of report-only mode: Conditional Access policies can be enabled in report-only mode. During sign-in, policies in report-only mode are evaluated but not enforced. Results are logged in the Conditional Access and Report-only tabs of the Sign-in log details. Customers with an Azure Monitor subscription can monitor the impact of their Conditional Access policies using the Conditional Access insights workbook.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-report-on
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain. You deploy an Azure AD tenant.
Another administrator configures the domain to synchronize to Azure AD.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All the other user accounts synchronized successfully.
You review Azure AD Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Azure AD. Solution: From Azure AD Connect, you modify the Azure AD credentials. Does this meet the goal?
Correct Answer:
B
The question states that “all the user account synchronizations completed successfully”. Therefore, the Azure AD credentials are configured correctly in Azure AD Connect. It is likely that the 10 user accounts are being excluded from the synchronization cycle by a filtering rule.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering
- (Exam Topic 5)
You have a Microsoft 365 E5 tenant that contains the users shown in the following table.
You perform the following actions:
Provision the private store in Microsoft Store for Business. 
Add an app named App1 to the private store. Set Private store availability for App1 to Specific groups, and then select Group3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Solution:
Text Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-store/app-inventory-management-microsoft-store-for-business#priva
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have a Microsoft 365 E5 subscription.
All users have Mac computers. All the computers are enrolled in Microsoft Endpoint Manager and onboarded
to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You need to configure Microsoft Defender ATP on the computers.
What should you create from the Endpoint Management admin center?
Correct Answer:
A
Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
