Microsoft MS-102 Online Practice Questions and Exam Preparation

Microsoft MS-102 Online Questions & Answers

• Question 401:

  You have a Microsoft 365 E5 subscription.

  You are implementing Microsoft Defender for Cloud Apps.

  You need to ensure that you can create OAuth app policies.

  Solution: You add an API token to Defender for Cloud Apps.

  Does this meet the goal?

  A. Yes
  B. No
  B. No

• Question 402:

  DRAG DROP

  You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps.

  You need to configure Cloud Discovery to generate a report that identifies top potential risks and provides a workflow to mitigate and manage the risks.

  Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

  Select and Place:

  

  

• Question 403:

  You have a Microsoft 365 subscription that uses a third-party multifactor authentication (MFA) product.

  While reviewing Microsoft Secure Score, you discover that there are no points listed for the Ensure multifactor authentication is enabled for all users recommendation.

  You need to ensure that you receive all the points for the recommendation. The solution must minimize administrative effort.

  What should you do?

  A. Configure a data connector.
  B. Modify the recommendation tags.
  C. Deploy a Microsoft Defender for Identity sensor.
  D. Modify the status of the recommendation.
  D. Modify the status of the recommendation.

• Question 404:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that contains the groups shown in the following table.

  

  Which groups can be members of Group1 and Group4? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 405:

  Your network contains an Active Directory forest named contoso.local.

  You purchase a Microsoft 365 subscription.

  You plan to move to Microsoft 365 and to implement a hybrid deployment solution for the next 12 months.

  You need to prepare for the planned move to Microsoft 365.

  What is the best action to perform before you implement directory synchronization? More than one answer choice may achieve the goal. Select the BEST answer.

  A. Purchase a third-party X.509 certificate.
  B. Create an external forest trust.
  C. Rename the Active Directory forest.
  D. Purchase a custom domain name.
  D. Purchase a custom domain name.

  ---

  Explanation

  The first thing you need to do before you implement directory synchronization is to purchase a custom domain name. This could be the domain name that you use in your on- premise Active Directory if it's a routable domain name, for example, contoso.com. If you use a non-routable domain name in your Active Directory, for example contoso.local, you'll need to add the routable domain name as a UPN suffix in Active Directory.

  Incorrect:

  Not C: No need to rename the Active Directory forest. As we use a non-routable domain name contoso.local, we just need to add the routable domain name as a UPN suffix in Active Directory.

  https://docs.microsoft.com/en-us/office365/enterprise/set-up-directory-synchronization

• Question 406:

  You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint and Microsoft Intune.

  All devices run Windows 11 and are Microsoft Entra joined.

  You are alerted to a zero-day attack.

  You need to identify which devices were affected by the attack and send a request to Intune administrators to update the affected devices.

  Which two actions should you perform? Each correct answer presents part of the solution.

  NOTE: Each correct selection is worth one point.

  A. From Incidents & alerts, select the latest incident.
  B. From Vulnerability management, open the security recommendation.
  C. Select the affected devices and request remediation.
  D. From Threat analytics, view the list of vulnerable devices.
  C. Select the affected devices and request remediation.
  D. From Threat analytics, view the list of vulnerable devices.

• Question 407:

  HOTSPOT

  You have a Microsoft 365 E5 subscription that.

  You need to identify whenever a sensitivity label is applied, changed, or removed within the subscription.

  Which feature should you use, and how many days will the data be retained? To answer, select the appropriate options in the answer area.

  NOTE Each correct selection is worth one point.

  

  

• Question 408:

  You have a Microsoft 365 subscription that contains the users shown in the following table.

  

  You plan to use Exchange Online to manage email for a DNS domain.

  An administrator adds the DNS domain to the subscription.

  The DNS domain has a status of Incomplete setup.

  You need to identify which user can complete the setup of the DNS domain. The solution must use the principle of least privilege.

  Which user should you identify?

  A. User1
  B. User2
  C. User3
  D. User4
  A. User1

• Question 409:

  HOTSPOT

  You have a Microsoft 365 E5 tenant

  You create a data toss prevention (DLP) policy to prevent users from using Microsoft Teams to share internal documents with external users.

  To which two locations should you apply the policy? To answer, select the appropriate locations in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 410:

  Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result these questions will not appear in the review screen.

  Your network contains an Active Directory forest.

  You deploy Microsoft 365.

  You plan to implement directory synchronization.

  You need to recommend a security solution for the synchronized identities.

  The solution must meet the following requirements:

  1. Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
  2. User passwords must be 10 characters or more.

  Solution: implement password hash synchronization and modify the password settings from the Default Domain Policy in Active Directory.

  Does this meet the goal?

  A. Yes
  B. No
  A. Yes

  ---