Microsoft MS-102 Online Practice Questions and Exam Preparation

Microsoft MS-102 Online Questions & Answers

• Question 241:

  Your network contains an on-premises Active Directory domain. The domain contains domain controllers that run Windows Server 2019. The functional level of the forest and the domain is Windows Server 2012 R2.

  The domain contains 100 computers that run Windows 10 and a member server named Server1 that runs Windows Server 2012 R2.

  You plan to use Server1 to manage the domain and to configure Windows 10 Group Policy settings.

  You install the Group Policy Management Console (GPMC) on Server1.

  You need to configure the Windows Update for Business Group Policy settings on Server1.

  Solution: You raise the forest functional level to Windows Server 2016. You copy the Group Policy Administrative Templates from a Windows 10 computer to the Netlogon share on all the domain controllers.

  Does this meet the goal?

  A. Yes
  B. No
  B. No

• Question 242:

  HOTSPOT

  You have a Microsoft 365 subscription that uses a domain name of adatum.com.

  In Azure AD, you set Guest invite restrictions to Only users assigned to specific admin roles can invite guest users.

  A user named [email protected] reports that they can no longer invite external users from a domain named contoso.com to collaborate in Microsoft Teams.

  You need to modify the Azure AD configuration to meet the following requirements:

  1. Ensure that User1 can invite the contoso.com users to Teams.
  2. Ensure that only the contoso.com users can be invited as guests to the Azure AD tenant.
  3. Follow the principle of least privilege.

  What should you do for each requirement? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  
  

• Question 243:

  You have a Microsoft 365 E5 subscription that contains a user named User1

  You create a retention label named Retention1 that is published to all locations.

  You need to ensure that User1 can label email messages by using Retention1 as soon as possible.

  Which cmdlet should you run in Microsoft Exchange Online PowerShell?

  A. Start-MpScan
  B. Start-Process
  C. Start-ManagedFolderAsslstant
  D. Start-AppBackgroundTask
  C. Start-ManagedFolderAsslstant

• Question 244:

  HOTSPOT

  Your network contains an on-premises Active Directory domain named contoso.com.

  Your company purchases Microsoft 365 subscription and establishes a hybrid deployment of Azure AD by using password hash synchronization. Password writeback is disabled in Azure AD Connect.

  You create a new user named User10 on-premises and a new user named User20 in Azure AD.

  You need to identify where an administrator can reset the password of each new user.

  What should you identify? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 245:

  You have a Microsoft 365 subscription.

  You have an Azure AD tenant that contains the users shown in the following table.

  

  You configure Tenant properties as shown in the following exhibit.

  

  Which users will be contacted by Microsoft if the tenant experiences a data breach?

  A. Used only
  B. User2 only
  C. User3 only
  D. Used and User2 only
  E. User2 and User3 only
  B. User2 only

  ---

  Explanation

  Microsoft 365 is committed to notifying customers within 72 hours of breach declaration. The customer's tenant administrator will be notified.

  https://learn.microsoft.com/en-us/compliance/regulatory/gdpr-breach-office365

• Question 246:

  You have a Microsoft 365 E5 subscription that contains a user named User1.

  You have a Conditional Access policy applied to a cloud-based app named App1. App1 has Conditional Access App Control deployed.

  You need to create a Microsoft Defender for Cloud Apps policy to block User1 from printing from App1.

  Which type of policy should you create?

  A. Cloud Discovery anomaly detection policy
  B. Session policy
  C. Activity policy
  D. OAuth app policy
  B. Session policy

  ---

  
  

• Question 247:

  HOTSPOT

  You have a Microsoft 365 E5 subscription.

  You are investigating a suspicious email message that generated alerts in the Microsoft Defender portal.

  You need to examine the email message header and submit the message to Microsoft for review.

  Which two settings should you use? To answer, select the appropriate settings in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 248:

  You have a Microsoft 365 E5 subscription.

  From the Microsoft Purview compliance portal, you create a new data loss prevention (DLP) policy named DLP1 that protects financial data from being shared by using Microsoft Teams messages. You apply DLP1 to the users in the finance department.

  An incident is raised when a finance department user named User1 shares financial data in a Teams channel that includes external members.

  When User1 uses Teams to send the same message in a 1:1 chat or a private channel, the message is blocked as expected.

  You need to ensure that User1 is prevented from sharing financial data in Teams channels that include external members.

  What should you do?

  A. Edit the settings of the team that contains the channel.
  B. Edit the Locations settings of DLP1.
  C. Modify the licenses assigned to User1.
  D. Edit the policy rules of DLP1.
  B. Edit the Locations settings of DLP1.

• Question 249:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint site named Site1 and a data loss prevention (DLP) policy named DLP1. DLP1 contains the rules shown in the following table.

  

  Site1 contains the files shown in the following table.

  

  Which policy tips are shown for each file? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  File1.docx:rule2 only. And File2.docx:rule4 only.

  When content is evaluated against rules, the rules are processed in priority order. If content matches multiple rules, the first rule evaluated that has the most restrictive action is enforced. For example, if content matches all of the following rules, Rule 3 is enforced because it's the highest priority, most restrictive rule:

  https://learn.microsoft.com/en-us/purview/dlp-policy-reference

• Question 250:

  You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps.

  You plan to perform a security audit of all the apps detected by Cloud Discovery.

  You need to track which apps were audited. The solution must ensure that the list of audited apps can be displayed in the cloud app catalog.

  What should you do?

  A. Apply a custom app tag to each app.
  B. Generate a Cloud Discovery snapshot report.
  C. Deploy Conditional Access App Control.
  D. Define each app as a critical asset.
  E. Enable app governance.
  A. Apply a custom app tag to each app.