Free MS-101 Exam Braindumps (page: 38)

Page 38 of 104

HOTSPOT (Drag and Drop is not supported).
You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table:



The tenant has a conditional access policy that has the following con gurations:
Name: Policy1
Assignments:
- Users and groups: Group1
- Cloud aps or actions: All cloud apps
Access controls:
Grant, require multi-factor authentication
Enable policy: Report-only
You set Enabled Security defaults to Yes for the tenant.
For each of the following settings select Yes, if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Report-only mode is a new Conditional Access policy state that allows administrators to evaluate the impact of Conditional Access policies before enabling them in their environment. With the release of report-only mode:
Conditional Access policies can be enabled in report-only mode.
During sign-in, policies in report-only mode are evaluated but not enforced. Results are logged in the Conditional Access and Report-only tabs of the Sign-in log details. Customers with an Azure Monitor subscription can monitor the impact of their Conditional Access policies using the Conditional Access insights workbook.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-report-only



Your network contains an on-premises Active Directory domain.
Your company has a security policy that prevents additional software from being installed on domain controllers. You need to monitor a domain controller by using Microsoft Defender for Identity. What should you do? More than one answer choice may achieve the goal. Choose the BEST answer.

  1. Deploy a Microsoft Defender for identity sensor, and then con gure port mirroring.
  2. Deploy a Microsoft Defender for identity sensor, and then con gure detections.
  3. Deploy a Microsoft Defender for Identity standalone sensor, and then con gure detections.
  4. Deploy a Microsoft Defender for Identity standalone sensor, and then con gure port mirroring.

Answer(s): D

Explanation:

We cannot install additional software on the domain controllers. Azure ATP Standalone Sensor is a full agent installed on a dedicated server that can monitor tra c from multiple domain controllers. This is an alternative to those that do not wish to install an agent directly on a domain controller.
Incorrect Answers:
A, B: Azure ATP Sensor is a lightweight agent installed directly on a domain controller to monitor and report tra c. However, we cannot install additional software on the domain controllers


Reference:

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5 https://docs.microsoft.com/en-us/defender-for- identity/con gure-port-mirroring https://blog.enablingtechcorp.com/secure-and-monitor-domain-controllers-with-azure-atp



Your company has digitally signed applications.
You need to ensure that Microsoft Defender for Endpoint considers the digitally signed applications safe and never analyzes them.
What should you create in the Microsoft Defender Security Center?

  1. a custom detection rule
  2. an allowed/blocked list rule
  3. an alert suppression rule
  4. an indicator

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/manage-indicators



DRAG DROP (Drag and Drop is not supported).
You create a Microsoft 365 subscription.
You need to create a deployment plan for Microsoft Defender for Identity.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/defender-for-identity/install-step1 https://docs.microsoft.com/en-us/defender-for-identity/install-step3 https://docs.microsoft.com/en-us/defender-for-identity/install-step4



Page 38 of 104



Post your Comments and Discuss Microsoft MS-101 exam with other Community members:

Phil commented on December 08, 2022
i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
GERMANY
upvote

Marco commented on June 12, 2023
I paid and downloaded my files. So far everything looks promising.
SPAIN
upvote

Fang commented on June 04, 2023
Same exam dumps as other sites. But the 50% off make is much cheaper. I bought 2 exams to get the 50% discount. I passed one exam now preparing for my second test.
SINGAPORE
upvote

Justina commented on May 30, 2023
If you are serious about acing your exams, I urge you to give these exam dumps a try. They surpassed all my expectations, providing me with everything I needed to prepare and pass my exam. And the 50% sale is a cool deal!
UNITED STATES
upvote

Phil commented on December 08, 2022
I have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. So I thought I would rather rely on these brain dumps rather failing the exam.
GERMANY
upvote