Question 26
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.
You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
Assignments: Include Group1, Exclude Group2
Conditions: Sign in risk of Low and above
Access: Allow access, Require password multi-factor authentication
You need to identify how the policy affects User1 and User2.
What occurs when each user signs in from an anonymous IP address? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings:
Assignments: Include Group1, Exclude Group2
Conditions: Sign in risk of Low and above
Access: Allow access, Require password multi-factor authentication
You need to identify how the policy affects User1 and User2.
What occurs when each user signs in from an anonymous IP address? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 27
You have a Microsoft 365 subscription linked to an Azure Active Directory (Azure AD) tenant that contains a user named User1.
You have a Data Subject Request (DSR) case named Case1.
You need to allow User1 to export the results of Case1. The solution must use the principle of least privilege.
Which role should you assign to User1 for Case1?
You have a Data Subject Request (DSR) case named Case1.
You need to allow User1 to export the results of Case1. The solution must use the principle of least privilege.
Which role should you assign to User1 for Case1?
Question 28
You have a Microsoft 365 subscription that contains a user named User.
You enroll devices in Microsoft Intune as shown in the following table.
Each device has two line of business apps named App1 and App2 installed.
You create application control policies targeted to all the app types in Microsoft Endpoint Manager as shown in the following table.
For each of the following statements, Select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You enroll devices in Microsoft Intune as shown in the following table.
Each device has two line of business apps named App1 and App2 installed.
You create application control policies targeted to all the app types in Microsoft Endpoint Manager as shown in the following table.
For each of the following statements, Select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Question 29
You have a Microsoft 365 Tenant.
A conditional access policy is configured for the tenant as shown in the Policy exhibit. (Click the Policy tab.)
The User Administrator role a configured as shown in the Hole setting exhibit (Click the Role setting tab.)
The User Administrator role has the assignments shown in the Assignments exhibit (Click the Assignments tab.)
For each of the following statements, select yes If the statement is true. Otherwise select No.
NOTE Each correct selection is worth one point.
A conditional access policy is configured for the tenant as shown in the Policy exhibit. (Click the Policy tab.)
The User Administrator role a configured as shown in the Hole setting exhibit (Click the Role setting tab.)
The User Administrator role has the assignments shown in the Assignments exhibit (Click the Assignments tab.)
For each of the following statements, select yes If the statement is true. Otherwise select No.
NOTE Each correct selection is worth one point.
Question 30
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that all links to malware.contoso.com within documents stored in Microsoft Office 365 are blocked when the documents are accessed from Office 365 ProPlus applications.
To complete this task, sign in to the Microsoft 365 admin center.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Username and password
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@[email protected]
Microsoft 365 Password: #HSP.ug?$p6un
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support only:
Lab instance: 11122308
You need to ensure that all links to malware.contoso.com within documents stored in Microsoft Office 365 are blocked when the documents are accessed from Office 365 ProPlus applications.
To complete this task, sign in to the Microsoft 365 admin center.
