01. An O365 user in your organization has made a terrible mistake in their OneDrive for Business and they need to restore the entirety of their OneDrive to an earlier point in time. How can you help them do this?
a) You can't-they'll have to restore whatever they can from the recycle bin and previous versions
b) Use PowerShell to restore each item in their OneDrive programmatically to earlier versions
c) Use a third-party backup product
d) Use Files Restore from the settings (gear) icon in their OneDrive
02. Emails with #secure in the subject line need to be encrypted. What should you do?
a) Create a message trace in the O365 Security & Compliance Center
b) Modify the default AIP policy
c) Create a message trace in the Exchange admin center
d) Create a mail flow rule in the Exchange admin center
03. The users at your company use Dropbox to store documents. The users access Dropbox by using the MyApps portal. You need to ensure that user access to Dropbox is authenticated by using a Microsoft 365 identify.
The documents must be protected if the data is downloaded to an untrusted device. What should you do?
a) From the Intune admin center, configure the Conditional access settings.
b) From the Azure Active Directory admin center, configure the Organizational relationships settings
c) From the Azure Active Directory admin center, configure the Application proxy settings.
d) From the Azure Active Directory admin center, configure the Devices settings.
04. Your company has a Microsoft 365 E3 subscription. You run the following PowerShell cmdlet: Enable-OrganizationCustomization You need to enable searching the Microsoft 365 unified audit log. Which cmdlet should you run?
a) Search-UnifiedAuditLog
b) Write-AdminAuditLog
c) Set-AdminAuditLogConfig
d) Set-AuditConfig
05. Your network is configured as a Windows Active Directory (AD) forest with multiple domains in different locations around the world. Each geographic location synchronizes with a different Azure Active Directory (Azure AD) tenant. All domain member computers are hybrid-joined to Azure AD.
You create an Azure Advanced Threat Protection (ATP) instance that collects data from all of your domains. The instance is configured to use a datacenter in Europe. You install Azure sensor on all domain controllers.
You need to move data storage to the United States. What should you do first?
a) Delete your current Azure ATP instance.
b) Create a new Azure ATP instance.
c) Delete your Azure sensors.
d) Install one or more Azure standalone sensors.
06. A member of your organization's compliance team needs to be able to place a hold on mailbox content. Which role should they be assigned?
a) Compliance data administrator from Azure AD
b) Exchange admin from the Microsoft 365 admin center
c) eDiscovery Manager from the Security & Compliance Center
d) Compliance management in the Exchange admin center
07. Before your organization can begin using Windows Autopilot to deploy Windows to new devices, what must you configure?
a) A device profile in Intune
b) A deployment profile in Intune
c) An Apple push certificate in Intune
d) Conditional access policies in Intune
08. One of your organization's security administrators is reviewing a report from Azure AD that shows recent sign-ins and their locations. The report will be used to determine proper configuration for blocking access from untrusted networks and requiring MFA for high-risk sign-ins.
What should you recommend as part of the solution?
a) Azure AD Identity Protection Sign-in risk policy
b) Azure AD Identity Protection User risk policy
c) Azure AD Identity Protection weekly digest email
d) Azure AD | Monitoring | Audit logs
09. To integrate Azure Information Protection (AIP) with Cloud App Security (CAS), what must you do first to allow monitoring of O365 activity and files from within CAS?
a) Configure CAS policies
b) Set up CAS alerts
c) Add O365 as a connected app in CAS.
d) Upload CAS traffic logs
10. Your company has an Active Directory Domain Services (AD DS) domain with multiple geographic locations. Your company's main office is in Seattle and includes all human resource functions. Your company purchases a Microsoft 365 subscription and migrates all user files and mailboxes to Microsoft 365.
All company email uses Exchange Online. You must ensure that email messages containing sensitive United States personally identifiable information (PII) can be sent between users in the Seattle office only. Administrators should be able to review reports of sent and received messages containing PII.
You need to implement a policy to accomplish this. What should you create?
a) A mail flow rule in Exchange online
b) A security and compliance alert policy with an action
c) A security and compliance alert policy with user override
d) A security and compliance retention policy