Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. MS-102

Free Microsoft MS-102 Exam Questions (page: 7)

Page 7 of 85
PDF with 428 Questions
View Related Case Study

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the Security Administrator role. Does this meet the goal?

  1. Yes
  2. No

Answer(s): A

Explanation:

You need to assign the Security Administrator role.
Note: Role groups in Microsoft Defender for Office 365 and Microsoft Purview compliance
The table in this section lists the default role groups that are available in the Microsoft Defender portal and the Microsoft Purview compliance portal, and the roles that are assigned to the role groups by default.
* Security Administrator
Members have access to many security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and the Defender and compliance portals.
By default, this role group may not appear to have any members. However, the Security Administrator role from Microsoft Entra ID is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Administrator role from Microsoft Entra ID.
Also:
Security Administrator
This is a privileged role. Users with this role have permissions to manage security-related features in the Microsoft Defender portal, Microsoft Entra ID Protection, Microsoft Entra Authentication, Azure Information Protection, and Microsoft Purview compliance portal.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator



View Related Case Study

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchange Administrator role. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

You need to assign the Security Administrator role.
Note: Role groups in Microsoft Defender for Office 365 and Microsoft Purview compliance
The table in this section lists the default role groups that are available in the Microsoft Defender portal and the Microsoft Purview compliance portal, and the roles that are assigned to the role groups by default.
* Security Administrator
Members have access to many security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and the Defender and compliance portals.
By default, this role group may not appear to have any members. However, the Security Administrator role from Microsoft Entra ID is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Administrator role from Microsoft Entra ID.
Also:
Security Administrator
This is a privileged role. Users with this role have permissions to manage security-related features in the Microsoft Defender portal, Microsoft Entra ID Protection, Microsoft Entra Authentication, Azure Information Protection, and Microsoft Purview compliance portal.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator



View Related Case Study

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Teams Administrator role. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

You need to assign the Security Administrator role.
Note: Role groups in Microsoft Defender for Office 365 and Microsoft Purview compliance
The table in this section lists the default role groups that are available in the Microsoft Defender portal and the Microsoft Purview compliance portal, and the roles that are assigned to the role groups by default.
* Security Administrator
Members have access to many security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and the Defender and compliance portals.
By default, this role group may not appear to have any members. However, the Security Administrator role from Microsoft Entra ID is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Administrator role from Microsoft Entra ID.
Also:
Security Administrator
This is a privileged role. Users with this role have permissions to manage security-related features in the Microsoft Defender portal, Microsoft Entra ID Protection, Microsoft Entra Authentication, Azure Information Protection, and Microsoft Purview compliance portal.


Reference:

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/scc-permissions https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator



View Related Case Study

HOTSPOT (Drag and Drop is not supported)
Your network contains an on-premises Active Directory domain named contoso.com.
Your company purchases Microsoft 365 subscription and establishes a Microsoft Entra hybrid deployment by using password hash synchronization. Password writeback is disabled in Microsoft Entra Connect.
You create a new user named User10 on-premises and a new user named User20 in Microsoft Entra ID. You need to identify where an administrator can reset the password of each new user.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: On-premises Active Directory only
If a user account is created in the on-premise Active Directory and synchronized to Microsoft Entra ID, you can reset the password of the user account in the on-premise Active Directory only.
Box 2: Microsoft Entra ID only
If a user account is created in Microsoft Entra ID, you can reset the password of the user account in the Microsoft Entra ID only.



View Related Case Study

HOTSPOT (Drag and Drop is not supported)
You have a Microsoft Entra tenant that contains the groups shown in the following exhibit.


Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:




Box 1: Group1 and Group3 only.
Not Group2 as it is not security enabled. Not Group4 as it is dynamic.
Not Group5 as it is a Windows server AD group.
Box 2: Group3 only
Not Group1 as it is a Windows 365 group.
Note:
Group types:
Security. Used to manage member and computer access to shared resources for a group of users. For example, you can create a security group for a specific security policy. By doing it this way, you can give a set of permissions to all the members at once, instead of having to add permissions to each member individually. A security group can have users, devices, groups and service principals as its members and users and service principals as its owners.
Microsoft 365. Provides collaboration opportunities by giving members access to a shared mailbox, calendar, files, SharePoint site, and more. This option also lets you give people outside of your organization access to the group. A Microsoft 365 group can have only users as its members.
Membership types:
Assigned. Let’s you add specific users to be members of this group and to have unique permissions. Dynamic user. Let’s you use dynamic membership rules to automatically add and remove members. If a member's attributes change, the system looks at your directory's dynamic group rules to see if the member meets the rule requirements (is added) or no longer meets the rules requirements (is removed).
Security: Security groups define who can access resources, and are recommended for your groups in Intune.


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups- create-azure-portal



Viewing page 7 of 85



Post your Comments and Discuss Microsoft MS-102 exam prep with other Community members:

MS-102 Exam Discussions & Posts