CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-100

Free MS-100 Exam Braindumps (page: 25)

Page 25 of 98
PDF with 464 Questions

HOTSPOT (Drag and Drop is not supported)
You have a Microsoft 365 subscription.
You are con guring permissions for Security & Compliance.
You need to ensure that the users can perform the tasks shown in the following table.



The solution must use the principle of least privilege.
To which role should you assign each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Security Reader: Members can manage security alerts (view only), and also view reports and settings of security features. Security Administrator, Compliance Administrator and Organization Management can manage alerts. However, Security Administrator has the least privilege.


Reference:

https://docs.microsoft.com/en-us/o ce365/securitycompliance/permissions-in-the-security-and-compliance-center#mapping-of-role-groups- to-assigned-roles



Your company has a Microsoft 365 E5 subscription.
Users in the research department work with sensitive data.
You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.
What should you do from the Security & Compliance admin center?

  1. Create a data loss prevention (DLP) policy that has a Content contains condition.
  2. Create a data loss prevention (DLP) policy that has a Content is shared condition.
  3. Modify the default safe links policy.
  4. Create a new safe links policy.

Answer(s): D

Explanation:

ATP Safe Links, a feature of O ce 365 Advanced Threat Protection (ATP), can help protect your organization from malicious links used in phishing and other attacks. If you have the necessary permissions for the O ce 365 Security & Compliance Center, you can set up ATP Safe Links policies to help ensure that when people click web addresses (URLs), your organization is protected. Your ATP Safe Links policies can be con gured to scan URLs in email and URLs in O ce documents.


Reference:

https://docs.microsoft.com/en-us/o ce365/securitycompliance/set-up-atp-safe-links-policies#policies-that-apply-to-speci c-email-recipients



HOTSPOT (Drag and Drop is not supported)
You have a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.



Your company uses Windows Defender Advanced Threat Protection (ATP). Windows Defender ATP contains the roles shown in the following table.



Windows Defender ATP contains the device groups shown in the following table.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1:
Yes. User1 is in Group1 which is assigned to Role1. Device1 is in the device group named ATP1 which Group1 has access to. Role1 gives Group1 (and User1)
View Data Permission. This is enough to view Device1 in Windows Security Center.
Box 2:
Yes. User2 is in Group2 which is assigned to Role2. Role2 gives Group2 (and User2) View Data Permission. This is enough to sign in to Windows Security
Center.
Box 3:
Yes. User3 is in Group3 which is assigned the Windows ATP Administrator role. Someone with a Microsoft Defender ATP Global administrator role has unrestricted access to all machines, regardless of their machine group association and the Azure AD user groups assignments.


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/user-roles https://docs.microsoft.com/en- us/windows/security/threat-protection/microsoft-defender-atp/rbac



A user receives the following message when attempting to sign in to https://myapps.microsoft.com:
"Your sign-in was blocked. We've detected something unusual about this sign-in. For example, you might be signing in from a new location, device, or app. Before you can continue, we need to verify your identity. Please contact your admin." Which con guration prevents the users from signing in?

  1. Security & Compliance supervision policies
  2. Security & Compliance data loss prevention (DLP) policies
  3. Microsoft Azure Active Directory (Azure AD) conditional access policies
  4. Microsoft Azure Active Directory (Azure AD) Identity Protection policies

Answer(s): C

Explanation:

The user is being blocked due to a 'risky sign-in'. This can be caused by the user logging in from a device that hasn't been used to sign in before or from an unknown location.
Integration with Azure AD Identity Protection allows Conditional Access policies to identify risky sign-in behavior. Policies can then force users to perform password changes or multi-factor authentication to reduce their risk level or be blocked from access until an administrator takes manual action.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview



Page 25 of 98



Post your Comments and Discuss Microsoft MS-100 exam with other Community members:

Elan commented on March 05, 2024
Nice to see this kind of websites. thanks
BAHRAIN
upvote

SYED NASEEMUDDIN commented on December 14, 2023
i need the 100 question and answer.
SAUDI ARABIA
upvote

Rotciv commented on June 13, 2023
MS-100 exam written and passed! I like the application as well
SOUTH AFRICA
upvote

Murchu commented on March 14, 2023
This dump was a lifesaver and gave me the confidence I needed to pass my exam.
UNITED STATES
upvote

George commented on March 02, 2022
My 4th purchase from this site and I have passed all my exams.
UNITED STATES
upvote

Rohit commented on February 28, 2021
The content of this study guide is very helpful. I really appreicate the free test engine. The Xengine App provided for free is a lifesaver.
INDIA
upvote

Hizkia commented on April 20, 2020
Very professional team. The support replied and answered my questions in less than 2 hours. Pretty impressed!
FRANCE
upvote