$0.00
Microsoft MS-102 Dumps

Microsoft MS-102 Exam Dumps

Microsoft 365 Administrator Exam

Total Questions : 585
Update Date : July 16, 2026
PDF + Test Engine
$65 $95
Test Engine
$55 $85
PDF Only
$45 $75



Last Week MS-102 Exam Results

218

Customers Passed Microsoft MS-102 Exam

93%

Average Score In Real MS-102 Exam

97%

Questions came from our MS-102 dumps.



MS-102 Dumps – Pass Your Microsoft MS-102 Certification Exam with Confidence

At Certs4Future, we provide you with the highest-quality MS-102 dumps to ensure you are fully prepared for the certification exam. Here’s why our exam materials stand out:

Authentic Exam Dumps: Our MS-102 exam dumps contain real, exam-specific questions and answers that you are likely to face on your exam.

Guaranteed Success: We are so confident in the quality of our materials that we offer a 100% pass guarantee. If you don’t pass the MS-102 exam, we’ll provide a refund or free updated dumps.

Up-to-Date Content: Our MS-102 dumps are continuously updated to reflect the latest exam changes and trends.

Detailed Explanations: Every question comes with an explanation to help you understand the reasoning behind the correct answers.

How to Use Our MS-102 Dumps

Download the Dumps: After purchasing, you will receive instant access to download the MS-102 exam dumps. You can study from any device, anywhere, anytime.

Start Practicing: Go through the practice questions and simulate the real exam environment. Track your progress and focus on areas that need improvement.

Take the Exam: After thorough preparation, take your MS-102 exam with confidence, knowing that you’ve used the best possible resources.

Pass and Succeed: With our authentic MS-102 dumps, you are guaranteed to pass the exam and earn your certification. If not, take advantage of our refund or free updated dumps.

Start Your MS-102 Exam Preparation Today!

Don’t leave your certification success to chance! Get the authentic MS-102 exam dumps from Certs4Future and start preparing today. With our expert-curated resources and pass guarantee, you'll be ready for the Microsoft MS-102 exam in no time.


Related Exams


Microsoft MS-102 Sample Question Answers

Question # 1

You have a Microsoft 365 E5 subscription that uses Microsoft intune.in the Microsoft Endpoint Manager admin center, you discover many stale and inactivedevices,You enable device clean-up rulesWhat can you configure as the minimum number of days before a device a removedautomatically?

A. 10  
B. 30  
C. 45  
D. 90  



Question # 2

You have a Microsoft 365 subscription. You need to identify which administrative users performed eDiscovery searches during the past week. What should you do from the Security & Compliance admin center?

A. Perform a content search  
B. Create a supervision policy  
C. Create an eDiscovery case  
D. Perform an audit log search  



Question # 3

You have a Microsoft 365 subscription.You configure a new Azure AD enterprise application named App1. App1 requires that auser be assigned the Reports Reader role.Which type of group should you use to assign the Reports Reader role and to accessApp1?

A. a Microsoft 365 group that has assigned membership  
B. a Microsoft 365 group that has dynamic user membership  
C. a security group that has assigned membership  
D. a security group that has dynamic user membership  



Question # 4

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the ExchangeAdministrator role.Does this meet the goal?

A. Yes  
B. No  



Question # 5

Your network contains an on-premises Active Directory domain named contoso.local. Thedomain contains five domain controllers.Your company purchases Microsoft 365 and creates an Azure AD tenant namedcontoso.onmicrosoft.com.You plan to install Azure AD Connect on a member server and implement pass-throughauthentication.You need to prepare the environment for the planned implementation of pass-throughauthentication.Which three actions should you perform? Each correct answer presents part of thesolution.NOTE: Each correct selection is worth one point.

A. From a domain controller install an Authentication Agent  
B. From the Microsoft Entra admin center, confiqure an authentication method.  
C. From Active Director,' Domains and Trusts add a UPN suffix  
D. Modify the email address attribute for each user account.  
E. From the Microsoft Entra admin center, add a custom domain name.  
F. Modify the User logon name for each user account.  



Question # 6

You have a Microsoft 365 subscription that uses Security & Compliance retention policies.You implement a preservation lock on a retention policy that is assigned to all executiveusers.Which two actions can you perform on the retention policy? Each correct answer presentsa complete solution.NOTE: Each correct selection is worth one point?

A. Add locations to the policy  
B. Reduce the duration of policy  
C. Remove locations from the policy  
D. Extend the duration of the policy  
E. Disable the policy  



Question # 7

You have a Microsoft 365 E5 subscription. From the Microsoft 365 Defender portal, you plan to export a detailed report ofcompromised users.What is the longest time range that can be included in the report? 

A. 1 day  
B. 7 days  
C. 30 days  
D. 90 days  
Answer: C 



Question # 8

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 subscription.From the Microsoft 365 Defender, you create a role group named US eDiscoveryManagers by copying the eDiscovery Manager role group.You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States. Solution: From the Microsoft 365 Defender, you modify the roles of the US eDiscovery Managers role group. Does this meet the goal?

A. Yes  
B. No  



Question # 9

You have a Microsoft 365 tenant that contains 1,000 Windows 10 devices. The devices areenrolled in Microsoft Intune.Company policy requires that the devices have the following configurations:Require complex passwords.Require the encryption of removable data storage devices.Have Microsoft Defender Antivirus real-time protection enabled.You need to configure the devices to meet the requirements.What should you use?

A. an app configuration policy  
B. a compliance policy  
C a security baseline profile  
D a conditional access policy  



Question # 10

You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpointintegrated with Microsoft Endpoint Manager.Devices are onboarded by using Microsoft Defender for Endpoint.You plan to block devices based on the results of the machine risk score calculated byMicrosoft Defender for Endpoint.What should you create first?

A. a device configuration policy  
B. a device compliance policy  
C. a conditional access policy  
D. an endpoint detection and response policy  



Question # 11

You have a Microsoft 365 E5 subscription. Users access Microsoft 365 from both their laptop and a corporate Virtual DesktopInfrastructure (VDI) solution.From Azure AD Identity Protection, you enable a sign-in risk policy.Users report that when they use the VDI solution, they are regularly blocked when theyattempt to access Microsoft 365.What should you configure?

A. the Tenant restrictions settings in Azure AD  
B. a trusted location  
C. a Conditional Access policy exclusion  
D. the Microsoft 365 network connectivity settings  



Question # 12

You have a Microsoft 365 E5 tenant.You need to be notified when emails with attachments that contain sensitive personal dataare sent to external recipients.Which two policies can you use? Each correct answer presents a complete solution.NOTE: Each correct selection is worth one point.

A. a data loss prevention (DLP) policy  
B. a sensitivity label policy  
C. a Microsoft Cloud App Security file policy  
D. a communication compliance policy  
E. a retention label policy  



Question # 13

You have a Microsoft 365 E5 tenant that uses Microsoft Intune. You need to ensure that users can select a department when they enroll their device in Intune. What should you create?

A. scope tags  
B. device configuration profiles  
C. device categories  
D. device compliance policies  



Question # 14

You purchase a new computer that has Windows 10, version 21H1 preinstalled. You need to ensure that the computer is up-to-date. The solution must minimize the number of updates installed. What should you do on the computer? 

A. Install all the feature updates released since version 21H1 and the latest quality update only. 
B. Install the latest feature update and all the quality updates released since version 21H1.  
C. Install the latest feature update and the latest quality update only.  
D. Install all the feature updates released since version 21H1 and all the quality updates released since version 21H1 only. 



Question # 15

You have a Microsoft 365 subscription. You plan to implement Microsoft Purview Privileged Access Management. Which Microsoft Office 365 workloads support privileged access?

A. Microsoft Exchange Online only  
B. Microsoft Teams only  
C. Microsoft Exchanqe Online and SharePoint Online only  
D. Microsoft Teams and SharePoint Online only  
E. Microsoft Teams, Exchanqe Online, and SharePoint Online  



Question # 16

: 250You have Windows 10 devices that are managed by using Microsoft Endpoint Manager.You need to configure the security settings in Microsoft Edge.What should you create in Microsoft Endpoint Manager?

A. an app configuration policy  
B. an app  
C. a device configuration profile  
D. a device compliance policy  



Question # 17

You have a Microsoft 365 E5 tenant.industry regulations require that the tenant comply with the ISO 27001 standard. You need to evaluate the tenant based on the standard 

A. From Policy in the Azure portal, select Compliance, and then assign a pokey  
B. From Compliance Manager, create an assessment  
C. From the Microsoft J6i compliance center, create an audit retention policy.  
D. From the Microsoft 365 admin center enable the Productivity Score.  



Question # 18

: 227You have a Microsoft 365 F5 subscription.You plan to deploy 100 new Windows 10 devices.You need to order the appropriate version of Windows 10 for the new devices. The versionmustMeet the following requirements.Be serviced for a minimum of 24 moths.Support Microsoft Application Virtualization (App-V)Which version should you identify?

A. Window 10 Pro, version 1909  
B. Window 10 Pro, version 2004  
C. Window 10 Pro, version 1909  
D. Window 10 Enterprise, version 2004  



Question # 19

You have a Microsoft 365 E5 tenant that contains 100 Windows 10 devices. You plan to deploy a Windows 10 Security Baseline profile that will protect secrets stored in memory. What should you configure in the profile?

A. Microsoft Defender Credential Guard  
B. BitLocker Drive Encryption (BitLocker)  
C. Microsoft Defender  
D. Microsoft Defender Exploit Guard  



Question # 20

You have a Microsoft 365 tenant that contains two groups named Group1 and Group2.You need to prevent the members or Group1 from communicating with the members ofGroup2 by using Microsoft Teams. The solution must comply with regulatory requirementsand must not affect other user in the tenant.What should you use?

A. information barriers  
B. communication compliance policies  
C. moderated distribution groups  
D. administrator units in Azure Active Directory (Azure AD)  



Question # 21

You have a Microsoft 365 subscription.You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.Solution: From the Endpoint Management admin center, you create a device configuration profile.Does this meet the goal?

A. Yes
B. No 



Question # 22

You purchase a new computer that has Windows 10, version 2004 preinstalled.You need to ensure that the computer is up-to-date. The solution must minimize the number of updates installed.What should you do on the computer?

A. Install all the feature updates released since version 2004 and all the quality updates released since version 2004 only.
B. install the West feature update and the latest quality update only.
C. install all the feature updates released since version 2004 and the latest quality update only.
D. install the latest feature update and all the quality updates released since version 2004. 



Question # 23

Your network contains three Active Directory forests. There are forests trust relationships between the forests.You create an Azure AD tenant.You plan to sync the on-premises Active Directory to Azure AD.You need to recommend a synchronization solution. The solution must ensure that the synchronization can complete successfully and as quickly as possible if a single server fails.What should you include in the recommendation?

A. one Azure AD Connect sync server and one Azure AD Connect sync server in staging mode
B. three Azure AD Connect sync servers and one Azure AD Connect sync server in staging mode
C. six Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode
D. three Azure AD Connect sync servers and three Azure AD Connect sync servers in staging mode 



Question # 24

You have a Microsoft 365 tenant.You plan to implement device configuration profiles in Microsoft Intune.Which platform can you manage by using the profiles?

A. Ubuntu Linux
B. macOS
C. Android Enterprise
D. Windows 8.1 



Question # 25

You have a Microsoft 365 subscription. You need to create a data loss prevention (DLP) policy that is configured to use the Set headers action. To which location can the policy be applied?

A. OneDrive accounts
B. Exchange email
C. Teams chat and channel messages
D. SharePoint sites



Question # 26

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an Active Directory domain.You deploy an Azure AD tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized toAzure AD. All the other user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user accountsynchronizations completed successfully. You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: From Azure AD Connect, you modify the Azure AD credentials.Does this meet the goal?

A. Yes
B. No



Question # 27

You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a MicrosoftEndpoint Manager device compliance policy.You need to ensure that only devices marked as compliant can access Microsoft Office 365apps.Which policy type should you configure?

A. conditional access
B. account protection
C. attack surface reduction (ASR)
D. Endpoint detection and response



Question # 28

You have a Microsoft 365 subscription. All users have their email stored in Microsoft Exchange Online. In the mailbox of a user named User1. you need to preserve a copy of all the emailmessages that contain the word ProjectX.What should you do first?

A. From the Exchange admin center create a mail flow rule.
B. From Microsoft 365 Defender, start a message trace.
C. From Microsoft Defender for Cloud Apps, create an activity policy.
D. From the Microsoft Purview compliance portal, create a label and a label policy.



Question # 29

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1.You need to enable User1 to create Compliance Manager assessments.Solution: From the Microsoft 365 admin center, you assign User1 the Compliance adminrole.Does this meet the goal?

A. Yes
B. No



Question # 30

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection(ATP) settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the SharePointadmin role.Does this meet the goal?

A. Yes
B. No



Question # 31

You have a Microsoft 365 E5 subscription.You plan to create a data loss prevention (DLP) policy that will be applied to all availablelocations.Which conditions can you use in the DLP rules of the policy?

A. sensitive info types
B. content search queries
C. keywords
D. sensitivity labels



Question # 32

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1. You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint, and OneDrive.Solution: From the Microsoft 365 admin center, you assign SecAdmin1 the Exchangeadmin role.Does this meet the goal?

A. Yes
B. No



Question # 33

You have a Microsoft 365 E5 subscription.You need to compare the current Safe Links configuration to the Microsoft recommendedconfigurations.What should you use?

A. Microsoft Purview
B. Azure AD Identity Protection
C. Microsoft Secure Score
D. the configuration analyzer



Question # 34

You have an Azure AD tenant.You have 1,000 computers that run Windows 10 Pro and are joined to Azure AD.You purchase a Microsoft 365 E3 subscription.You need to deploy Windows 10 Enterprise to the computers. The solution must minimizeadministrative effort.What should you do?

A. From the Microsoft Endpoinf Manager admin center, create a Windows Autopilotdeployment profile. Assign the profile to all the computers. Instruct users to restart theircomputer and perform a network restart.
B. Enroll the computers in Microsoft Intune. Create a configuration profile by using theEdition upgrade and mode switch template. From the Microsoft Endpoint Manager admincenter, assign the profile to all the computers and instruct users to restart their computer.
C. From Windows Configuration Designer, create a provisioning package that has anEditionUpgrade configuration and upload the package to a Microsoft SharePoint Onlinesite. Instruct users to run the provisioning package from SharePoint Online.
D. From the Azure Active Directory admin center, create a security group that has dynamicdevice membership. Assign licenses to the group and instruct users to sign in to theircomputer.



Question # 35

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: At a command prompt, you run the winver.exe command.Does this meet the goal?

A. Yes
B. No



Question # 36

You have a Microsoft 365 E5 tenant.Users store data in the following locations:Microsoft TeamsMicrosoft OneDriveMicrosoft Exchange OnlineMicrosoft SharePoint OnlineYou need to retain Microsoft 365 data for two years.What is the minimum number of retention policies that you should create?

A. 1
B. 2
C. 3
D. 4



Question # 37

You have a new Microsoft 365 E5 tenant.You need to enable an alert policy that will be triggered when an elevation of MicrosoftExchange Online administrative privileges is detected.What should you do first?

A. Enable auditing.
B. Enable Microsoft 365 usage analytics.
C. Create an Insider risk management policy.
D. Create a communication compliance policy.



Question # 38

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1.Solution: You copy the Group Policy Administrative Templates from a Windows 10computer to Server1.Does this meet the goal?

A. yes
B. No



Question # 39

Your company has multiple offices.You have a Microsoft 365 E5 tenant that uses Microsoft Intune for device management.Each office has a local administrator.You need to ensure that the local administrators can manage only the devices in theirrespective office.What should you use?

A. scope tags
B. configuration profiles
C. device categories
D. conditional access policies



Question # 40

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1. Solution: You raise the forest functional level to Windows Server 2016. You copy the GroupPolicy Administrative Templates from a Windows 10 computer to the Netlogon share on allthe domain controllers.Does this meet the goal?

A. yes
B. No



Question # 41

You have a Microsoft 365 tenant that is signed up for Microsoft Store for Business andcontains a user named User1. You need to ensure that User1 can perform the followingtasks in Microsoft Store for Business:• Assign licenses to users.• Procure apps from Microsoft Store.• Manage private store availability for all items.The solution must use the principle of least privilege. Which Microsoft Store for Business role should you assign to User1?

A. Basic Purchaser
B. Device Guard signer
C. Admin
D. Purchaser



Question # 42

You have a Microsoft 365 tenant that contains 1,000 iOS devices enrolled in MicrosoftIntune. You plan to purchase volume-purchased apps and deploy the apps to the devices.You need to track used licenses and manage the apps by using Intune. What should youuse to purchase the apps?

A. Microsoft Store for Business
B. Apple Business Manager
C. Apple iTunes Store
D. Apple Configurator



Question # 43

You have a Microsoft E5 subscription.You need to ensure that administrators who need to manage Microsoft Exchange Onlineare assigned the Exchange Administrator role for five hours at a time.What should you implement?

A. Azure AD Privileged Identity Management (PIM)
B. a conditional access policy
C. a communication compliance policy)
D. Azure AD Identity Protection
E. groups that have dynamic membership



Question # 44

You have a Microsoft 365 subscription.You register two applications named App1 and App2 to Azure AD.You need to ensure that users who connect to App1 require multi-factor authentication(MFA). MFA is required only for App1. What should you do?

A. From the Microsoft Entra admin center, create a conditional access policy
B. From the Microsoft 365 admin center, configure the Modem authentication settings.
C. From the Enterprise applications blade of the Microsoft Entra admin center, configurethe Users settings.
D. From Multi-Factor Authentication, configure the service settings.



Question # 45

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: From the Settings app, you select System, and then you select About to viewinformation about the system.Does this meet the goal?

A. Yes
B. No



Question # 46

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription that contains a user named User1.You need to enable User1 to create Compliance Manager assessments.Solution: From the Microsoft 365 admin center, you assign User1 the Compliance dataadmin role.Does this meet the goal?

A. Yes
B. No



Question # 47

You have a Microsoft 365 E5 subscription.All users have Mac computers. All the computers are enrolled in Microsoft EndpointManager and onboarded to Microsoft Defender Advanced Threat Protection (MicrosoftDefender ATP).You need to configure Microsoft Defender ATP on the computers.What should you create from the Endpoint Management admin center?

A. a device configuration profile
B. an update policy for iOS
C. a Microsoft Defender ATP baseline profile
D. a mobile device management (MDM) security baseline profile



Question # 48

You have a Microsoft 365 subscription. You need to identify which administrative users performed eDiscovery searches during the past week. What should you do from the Security & Compliance admin center?

A. Perform a content search
B. Create a supervision policy
C. Create an eDiscovery case
D. Perform an audit log search



Question # 49

You have an Azure Active Directory (Azure AD) tenant that contains a user named User1.Your company purchases a Microsoft 365 subscription.You need to ensure that User1 is assigned the required role to create file policies andmanage alerts in the Cloud App Security admin center.Solution: From the Azure Active Directory admin center, you assign the Complianceadministrator role to User1.Does this meet the goal?

A. Yes
B. No



Question # 50

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an on-premises Active Directory domain. The domain containsdomain controllers that run Windows Server 2019. The functional level of the forest and thedomain is Windows Server 2012 R2.The domain contains 100 computers that run Windows 10 and a member server namedServer1 that runs Windows Server 2012 R2.You plan to use Server1 to manage the domain and to configure Windows 10 Group Policysettings.You install the Group Policy Management Console (GPMC) on Server1.You need to configure the Windows Update for Business Group Policy settings on Server1. Solution: You upgrade Server1 to Windows Server 2019.Does this meet the goal?

A. yes
B. No



Question # 51

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.You have a computer that runs Windows 10.You need to verify which version of Windows 10 is installed.Solution: From Device Manager, you view the computer properties.Does this meet the goal?

A. Yes
B. No



Question # 52

Note: This question is part of a series of questions that present the same scenario.Each question in the series contains a unique solution that might meet the statedgoals. Some question sets might have more than one correct solution, while othersmight not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As aresult, these questions will not appear in the review screen.Your network contains an Active Directory domain.You deploy an Azure AD tenant.Another administrator configures the domain to synchronize to Azure AD.You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized toAzure AD. All the other user accounts synchronized successfully.You review Azure AD Connect Health and discover that all the user accountsynchronizations completed successfully.You need to ensure that the 10 user accounts are synchronized to Azure AD.Solution: From the Synchronization Rules Editor, you create a new outboundsynchronization rule.Does this meet the goal?

A. Yes
B. No



Question # 53

You have a Microsoft 365 tenant that contains a Windows 10 device. The device isonboarded to Microsoft Defender for Endpoint.From Microsoft Defender Security Center, you perform a security investigation.You need to run a PowerShell script on the device to collect forensic information.Which action should you select on the device page?

A. Initiate Live Response Session
B. Initiate Automated Investigation
C. Collect investigation package
D. Go hunt



Question # 54

Note: This question is part of a series of questions that present the same scenario. Eachquestion in the series contains a unique solution that might meet the stated goals. Somequestion sets might have more than one correct solution, while others might not have acorrect solution.After you answer a question in this section, you will NOT be able to return to it. As a result,these questions will not appear in the review screen.You have a Microsoft 365 E5 subscription.You create an account for a new security administrator named SecAdmin1.You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365settings and policies for Microsoft Teams, SharePoint, and OneDrive. Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the SecurityAdministrator role.Does this meet the goal?

A. Yes
B. No



Question # 55

You have a Microsoft 365 E5 tenant.You plan to deploy a monitoring solution that meets the following requirements:Captures Microsoft Teams channel messages that contain threatening or violentlanguage.Alerts a reviewer when a threatening or violent message is identified.What should you include in the solution?

A. Data Subject Requests (DSRs)
B. Insider risk management policies
C. Communication compliance policies
D. Audit log retention policies



Question # 56

Your network contains an on-premises Active Directory domain named contoso.com.For all user accounts, the Logon Hours settings are configured to prevent sign-ins outsideof business hours.You plan to sync contoso.com to an Azure AD tenant.You need to recommend a solution to ensure that the logon hour restrictions apply whensynced users sign in to Azure AD.What should you include in the recommendation?

A. pass-through authentication
B. conditional access policies
C. password synchronization
D. Azure AD Identity Protection policies



Question # 57

You have a Microsoft 365 tenant.You plan to manage incidents in the tenant by using the Microsoft 365 security center.Which Microsoft service source will appear on the Incidents page of the Microsoft 365security center?

A. Microsoft Cloud App Security
B. Azure Sentinel
C. Azure Web Application Firewall
D. Azure Defender



Question # 58

You have a Microsoft 365 tenant.You plan to enable BitLocker Disk Encryption (BitLocker) automatically for all Windows 10devices that enroll in Microsoft Intune.What should you use?

A. an attack surface reduction (ASR) policy
B. an app configuration policy
C. a device compliance policy
D. a device configuration profile



Question # 59

You have a Microsoft 365 E5 tenant.You create an auto-labeling policy to encrypt emails that contain a sensitive info type. Youspecify the locations where the policy will be applied.You need to deploy the policy.What should you do first?

A. Review the sensitive information in Activity explorer
B. Turn on the policy
C. Run the policy in simulation mode
D. Configure Azure Information Protection analytics