- (Exam Topic 4)
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
Yon receive more than 100 email alerts each day for tailed Azure Al) user sign-in attempts. You need to ensure that a new security administrator receives the alerts instead of you.
Solution: From Azure monitor, you create a data collection rule. Does this meet the goal?
Correct Answer:
B
- (Exam Topic 2)
You need to meet the technical requirements for license management by the helpdesk administrators.
What should you create first, and which tool should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Solution:
Text Description automatically generated
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have a Microsoft 365 tenant.
You need to Identity users who have leaked credentials. The solution must meet the following requirements:
• Identity sign-ms by users who are suspected of having leaked credentials.
• Flag the sign-ins as a high-risk event.
• Immediately enforce a control to mitigate the risk, while still allowing the user to access applications. What should you use? To answer, select the appropriate options m the answer area.
Solution:
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named User1.
User1 has the devices shown in the following table.
On November 5, 2020, you create and enforce terms of use in contoso.com that has the following settings: 
Name: Terms1
Display name: Contoso terms of use Require users to expand the terms of use: On 
Require users to consent on every device: On Expire consents: On Expire starting on: December 10, 2020 Frequency: Monthly
On November 15, 2020, User1 accepts Terms1 on Device3.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 4)
You have an Azure Active Directory (Azure AD) tenant named conto.so.com that has Azure AD Identity Protection enabled. You need to Implement a sign-in risk remediation policy without blocking access.
What should you do first?
Correct Answer:
C
MFA and SSPR are both required. However, MFA is required first. Reference:
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-remediate- https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment
