Question 186
You have a Microsoft 365 subscription that contains the users shown in the following table.
You implement Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
From PIM, you review the Application Administrator role and discover the users shown in the following table.
The Application Administrator role is configured to use the following settings in PIM:
* Maximum activation duration: 1 hour
* Notifications: Disable
* Incident/Request ticket: Disable
* Multi-Factor Authentication: Disable
* Require approval: Enable
* Selected approver: No results
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You implement Azure Active Directory (Azure AD) Privileged Identity Management (PIM).
From PIM, you review the Application Administrator role and discover the users shown in the following table.
The Application Administrator role is configured to use the following settings in PIM:
* Maximum activation duration: 1 hour
* Notifications: Disable
* Incident/Request ticket: Disable
* Multi-Factor Authentication: Disable
* Require approval: Enable
* Selected approver: No results
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 187
You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. OneDrive stores files that are shared with external users. The files are configured as shown in the following table.
You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:
* Rulel:
* Conditions: Label 1, Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 0
* Rule2:
* Conditions: Label 1 or Label2
* Actions: Restrict access to the content
* Priority: 1
* Rule3:
* Conditions: Label2, Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You create a data loss prevention (DLP) policy that applies to the content stored in OneDrive accounts. The policy contains the following three rules:
* Rulel:
* Conditions: Label 1, Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 0
* Rule2:
* Conditions: Label 1 or Label2
* Actions: Restrict access to the content
* Priority: 1
* Rule3:
* Conditions: Label2, Detect content that's shared with people outside my organization
* Actions: Restrict access to the content for external users
* User notifications: Notify the user who last modified the content
* User overrides: On
* Priority: 2
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Question 188
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.
You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Reader role is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance Manager reports.
Solution: You recommend removing User1 from the Compliance Manager Contributor role.
Does that meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription that contains the users shown in the following table.
You discover that all the users in the subscription can access Compliance Manager reports.
The Compliance Manager Reader role is not assigned to any users.
You need to recommend a solution to prevent a user named User5 from accessing the Compliance Manager reports.
Solution: You recommend removing User1 from the Compliance Manager Contributor role.
Does that meet the goal?
Question 189
You have a Microsoft 365 E5 subscription that uses Microsoft Endpoint Manager.
The Compliance policy settings are configured as shown in the following exhibit.
On February 25, 2020, you create the device compliance policies shown in the following table.
On March 1. 2020, users enroll Windows 10 devices in Microsoft Endpoint Manager as shown in the following table
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The Compliance policy settings are configured as shown in the following exhibit.
On February 25, 2020, you create the device compliance policies shown in the following table.
On March 1. 2020, users enroll Windows 10 devices in Microsoft Endpoint Manager as shown in the following table
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 190
You have a Microsoft 365 subscription.
You identify the following data loss prevention (DLP) requirements:
* Send notifications to users if they attempt to send attachments that contain EU social security numbers
* Prevent any email messages that contain credit card numbers from being sent outside your organization
* Block the external sharing of Microsoft OneDrive content that contains EU passport numbers
* Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You identify the following data loss prevention (DLP) requirements:
* Send notifications to users if they attempt to send attachments that contain EU social security numbers
* Prevent any email messages that contain credit card numbers from being sent outside your organization
* Block the external sharing of Microsoft OneDrive content that contains EU passport numbers
* Send administrators email alerts if any rule matches occur.
What is the minimum number of DLP policies and rules you must create to meet the requirements? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
