Question 101
Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.
After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.
You have a Microsoft 365 subscription that uses Microsoft Defender XDR. The subscription contains 500 devices that are enrolled in Microsoft Intune. The subscription contains 500 users that connect to external software as a service (SaaS) apps by using the devices.
You need to implement a solution that meets the following requirements:
* Allows user access to SaaS apps that Microsoft has identified as low risk.
* Blocks user access to Saas apps that Microsoft has identified as high risk.
Solution: You configure app protection policies in Intune, and you create a Conditional Access policy.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.
You have a Microsoft 365 subscription that uses Microsoft Defender XDR. The subscription contains 500 devices that are enrolled in Microsoft Intune. The subscription contains 500 users that connect to external software as a service (SaaS) apps by using the devices.
You need to implement a solution that meets the following requirements:
* Allows user access to SaaS apps that Microsoft has identified as low risk.
* Blocks user access to Saas apps that Microsoft has identified as high risk.
Solution: You configure app protection policies in Intune, and you create a Conditional Access policy.
Does this meet the goal?
Question 102
Your company has Microsoft 365 E5 licenses and Azure subscriptions.
The company plans to automatically label sensitive data stored in the following locations:
* Microsoft SharePoint Online
* Microsoft Exchange Online
* Microsoft Teams
You need to recommend a strategy to identify and protect sensitive data.
Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
The company plans to automatically label sensitive data stored in the following locations:
* Microsoft SharePoint Online
* Microsoft Exchange Online
* Microsoft Teams
You need to recommend a strategy to identify and protect sensitive data.
Which scope should you recommend for the sensitivity label policies? To answer, drag the appropriate scopes to the correct locations. Each scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Question 103
You need to recommend an identity security solution for the Azure AD tenant of Litware. The solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 104
Hotspot Question
You have on-premises servers and virtual machines that run Windows Server, Red Hat Enterprise Linux (RHEL) 7, or RHEL 8.
You have an Azure subscription. The subscription contains virtual machines that run Windows Server Datacenter: Azure Edition.
You need to recommend a solution to manage operating system updates for the on-premises servers and the virtual machines. The solution must meet the following requirements:
- Enable hotpatching for the Azure virtual machines.
- Enable the on-demand inventory and deployment of updates.
- Enable the deployment of Extended Security Update (ESU) patches to
the on-premises servers.
What should you include in the recommendation? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
You have on-premises servers and virtual machines that run Windows Server, Red Hat Enterprise Linux (RHEL) 7, or RHEL 8.
You have an Azure subscription. The subscription contains virtual machines that run Windows Server Datacenter: Azure Edition.
You need to recommend a solution to manage operating system updates for the on-premises servers and the virtual machines. The solution must meet the following requirements:
- Enable hotpatching for the Azure virtual machines.
- Enable the on-demand inventory and deployment of updates.
- Enable the deployment of Extended Security Update (ESU) patches to
the on-premises servers.
What should you include in the recommendation? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
Question 105
You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?