CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-100

Free MS-100 Exam Braindumps (page: 10)

Page 10 of 98
PDF with 464 Questions

You have a Microsoft 365 tenant.
You have a line-of-business application named App1 that users access by using the My Apps portal. After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control. You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.
What should you do?

  1. From Microsoft Cloud App Security, modify the impossible travel alert policy.
  2. From Microsoft Cloud App Security, create a Cloud Discovery anomaly detection policy.
  3. From the Azure Active Directory admin center, modify the conditional access policy.
  4. From Microsoft Cloud App Security, create an app discovery policy.

Answer(s): B

Explanation:

Impossible travel detection identi es two user activities (is a single or multiple sessions) originating from geographically distant locations within a time period shorter than the time it would have taken the user to travel from the rst location to the second.
We need to modify the policy so that it applies to App1 only.


Reference:

https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy



Your network contains an on-premises Active Directory domain.
Your company has a security policy that prevents additional software from being installed on domain controllers. You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP). What should you do? More than once choice may achieve the goal. Select the BEST answer.

  1. Deploy an Azure ATP standalone sensor, and then con gure port mirroring.
  2. Deploy an Azure ATP standalone sensor, and then con gure detections.
  3. Deploy an Azure ATP sensor, and then con gure detections.
  4. Deploy an Azure ATP sensor, and then con gure port mirroring.

Answer(s): A

Explanation:

If you're installing on a domain controller, you don't need a standalone ATP sensor. You need to con gure the detections to detect application installations. With an ATP sensor (non-standalone), you don't need to con gure port mirroring.


Reference:

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5 https://docs.microsoft.com/en-us/azure-advanced-threat- protection/atp-capacity-planning#choosing-the-right-sensor-type-for-your-deployment



Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices. You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you con gure Windows Defender ATP-related data to be stored in the United States. You plan to onboard all the devices to Windows Defender ATP data in Europe.
What should you do rst?

  1. Create a workspace
  2. Offboard the test devices
  3. Delete the workspace
  4. Onboard a new device

Answer(s): B

Explanation:

When onboarding Windows Defender ATP for the rst time, you can choose to store your data in Microsoft Azure datacenters in the European Union, the United
Kingdom, or the United States. Once con gured, you cannot change the location where your data is stored.
The only way to change the location is to offboard the test devices then onboard them again with the new location.


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy#do-i-have-the- exibility-to- select-where-to-store- my-data



You implement Microsoft Azure Advanced Threat Protection (Azure ATP).
You have an Azure ATP sensor con gured as shown in the following exhibit.

Updates



How long after the Azure ATP cloud service is updated will the sensor update?

  1. 1 hour
  2. 7 days
  3. 48 hours
  4. 12 hours
  5. 72 hours

Answer(s): E

Explanation:

The exhibit shows that the sensor is con gure for Delayed update.
Given the rapid speed of ongoing Azure ATP development and release updates, you may decide to de ne a subset group of your sensors as a delayed update ring, allowing for a gradual sensor update process. Azure ATP enables you to choose how your sensors are updated and set each sensor as a Delayed update candidate.
Sensors not selected for delayed update are updated automatically, each time the Azure ATP service is updated. Sensors set to Delayed update are updated on a delay of 72 hours, following the o cial release of each service update.


Reference:

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/sensor-update



Page 10 of 98



Post your Comments and Discuss Microsoft MS-100 exam with other Community members:

Elan commented on March 05, 2024
Nice to see this kind of websites. thanks
BAHRAIN
upvote

SYED NASEEMUDDIN commented on December 14, 2023
i need the 100 question and answer.
SAUDI ARABIA
upvote

Rotciv commented on June 13, 2023
MS-100 exam written and passed! I like the application as well
SOUTH AFRICA
upvote

Murchu commented on March 14, 2023
This dump was a lifesaver and gave me the confidence I needed to pass my exam.
UNITED STATES
upvote

George commented on March 02, 2022
My 4th purchase from this site and I have passed all my exams.
UNITED STATES
upvote

Rohit commented on February 28, 2021
The content of this study guide is very helpful. I really appreicate the free test engine. The Xengine App provided for free is a lifesaver.
INDIA
upvote

Hizkia commented on April 20, 2020
Very professional team. The support replied and answered my questions in less than 2 hours. Pretty impressed!
FRANCE
upvote