Topic 1 - Design and implement Microsoft 365 services Flashcards
Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use the View service requests option in the Microsoft 365 admin center. Does this meet the goal?
A. Yes
B. No
B. No
Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use Dashboard in Security & Compliance. Does this meet the goal?
A. Yes
B. No
B. No
Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You use Message center in the Microsoft 365 admin center. Does this meet the goal?
A. Yes
B. No
A. Yes
Your company has a Microsoft Office 365 tenant. You suspect that several Office 365 features were recently updated. You need to view a list of the features that were recently updated in the tenant. Solution: You review the Security & Compliance report in the Microsoft 365 admin center. Does this meet the goal?
A. Yes
B. No
B. No
You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase.
You want the members of two groups named IT and Managers to be able to use the features shown in the following table.
The IT group contains 50 users. The Managers group contains 200 users.
You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs.
Which licenses should you recommend?
A. 250 Microsoft 365 E3 only
B. 50 Microsoft 365 E3 and 200 Microsoft 365 E5
C. 250 Microsoft 365 E5 only
D. 200 Microsoft 365 E3 and 50 Microsoft 365 E5
D. 200 Microsoft 365 E3 and 50 Microsoft 365 E5
You have a Microsoft 365 tenant that contains Microsoft Exchange Online.
You plan to enable calendar sharing with a partner organization named adatum.com. The partner organization also has a Microsoft 365 tenant.
You need to ensure that the calendar of every user is available to the users in adatum.com immediately.
What should you do?
A. From the Exchange admin center, create a sharing policy.
B. From the Exchange admin center, create a new organization relationship.
C. From the Microsoft 365 admin center, modify the Organization profile settings.
D. From the Microsoft 365 admin center, configure external site sharing.
B. From the Exchange admin center, create a new organization relationship.
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You purchase a domain named contoso.com from a registrar and add all the required DNS records.
You create a user account named User1. User1 is configured to sign in as user1@contoso.onmicrosoft.com.
You need to configure User1 to sign in as user1@contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Your company has an on-premises Microsoft Exchange Server 2016 organization and a Microsoft 365 Enterprise subscription.
You plan to migrate mailboxes and groups to Exchange Online.
You start a new migration batch.
Users report slow performance when they use the on-premises Exchange Server organization.
You discover that the migration is causing the slow performance.
You need to reduce the impact of the mailbox migration on the end-users.
What should you do?
A. Create a mailbox rule.
B. Configure back pressure.
C. Modify the migration endpoint settings.
D. Create a throttling policy.
C. Modify the migration endpoint settings.
You can reduce the maximum number of concurrent mailbox migrations.
You have a Microsoft 365 subscription.
You need to prevent phishing email messages from being delivered to your organization.
What should you do?
A. From the Exchange admin center, create an anti-malware policy.
B. From Security & Compliance, create a DLP policy.
C. From Security & Compliance, create a new threat management policy.
D. From the Exchange admin center, create a spam filter policy.
C. From Security & Compliance, create a new threat management policy.
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/set-up-anti-phishing-policies
Your company has a Microsoft 365 subscription. All identities are managed in the cloud.
The company purchases a new domain name.
You need to ensure that all new mailboxes use the new domain as their primary email address.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. From Microsoft Exchange Online PowerShell, run the command. Update-EmailAddressPolicy policy
B. From the Exchange admin center, click mail flow, and then configure the email address policies.
C. From the Microsoft 365 admin center, click Setup, and then configure the domains.
D. From Microsoft Exchange Online PowerShell, run the command. Set-EmailAddressPolicy policy
E. From the Azure Active Directory admin center, configure the custom domain names.
B. From the Exchange admin center, click mail flow, and then configure the email address policies.
D. From Microsoft Exchange Online PowerShell, run the command. Set-EmailAddressPolicy policy
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes the users shown in the following table.
Group2 is a member of Group1.
You assign a Microsoft Office 365 Enterprise E3 license to Group1.
You need to identity how many Office 365 E3 licenses are assigned.
What should you identify?
A. 1
B. 2
C. 3
D. 4
C. 3
You have a Microsoft 365 subscription.
A new corporate security policy states that you must automatically send DLP incident reports to the users in the legal department.
You need to schedule the email delivery of the reports. The solution must ensure that the reports are sent as frequently as possible.
How frequently can you share the reports?
A. hourly
B. monthly
C. weekly
D. daily
Reveal Solution
C. weekly
Your company has a Microsoft 365 subscription.
You need to identify all the users in the subscription who are licensed for Microsoft Office 365 through a group membership. The solution must include the name of the group used to assign the license.
What should you use?
A. the Licenses blade in the Azure portal
B. Reports in the Microsoft 365 admin center
C. Active users in the Microsoft 365 admin center
D. Report in Security & Compliance
A. the Licenses blade in the Azure portal
Your company has a Microsoft 365 subscription.
You upload several archive PST files to Microsoft 365 by using the Security & Compliance admin center.
A month later, you attempt to run an import job for the PST files.
You discover that the PST files were deleted from Microsoft 365.
What is the most likely cause of the files being deleted? More than one answer choice may achieve the goal. Select the BEST answer.
A. The PST files were corrupted and deleted by Microsoft 365 security features.
B. PST files are deleted automatically from Microsoft 365 after 30 days.
C. The size of the PST files exceeded a storage quota and caused the files to be deleted.
D. Another administrator deleted the PST files.
B. PST files are deleted automatically from Microsoft 365 after 30 days.
Your company has a main office and 20 branch offices in North America and Europe. Each branch office connects to the main office by using a WAN link. All the offices connect to the Internet and resolve external host names by using the main office connections.
You plan to deploy Microsoft 365 and to implement a direct Internet connection in each office.
You need to recommend a change to the infrastructure to provide the quickest possible access to Microsoft 365 services.
What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. For all the client computers in the branch offices, modify the MTU setting by using a Group Policy object (GPO).
B. In each branch office, deploy a proxy server that has user authentication enabled.
C. In each branch office, deploy a firewall that has packet inspection enabled.
D. In each branch office, configure name resolution so that all external hosts are redirected to public DNS servers directly.
D. In each branch office, configure name resolution so that all external hosts are redirected to public DNS servers directly.
Your network contains an Active Directory forest named adatum.local. The forest contains 500 users and uses adatum.com as a UPN suffix.
You deploy a Microsoft 365 tenant.
You implement directory synchronization and sync only 50 support users.
You discover that five of the synchronized users have usernames that use a UPN suffix of onmicrosoft.com.
You need to ensure that all synchronized identities retain the UPN set in their on-premises user account.
What should you do?
A. From the Microsoft 365 admin center, add adatum.com as a custom domain name.
B. From Windows PowerShell, run the Set-ADDomain —AllowedDNSSuffixes adatum.com command.
C. From Active Directory Users and Computers, modify the UPN suffix of the five user accounts.
D. From the Microsoft 365 admin center, add adatum.local as a custom domain name.
C. From Active Directory Users and Computers, modify the UPN suffix of the five user accounts.
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.
You have the licenses shown in the following table.
Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
YES YES YES
Your company has on-premises servers and a Microsoft Azure Active Directory (Azure AD) tenant.
Several months ago, the Azure AD Connect Health agent was installed on all the servers.
You review the health status of all the servers regularly.
Recently, you attempted to view the health status of a server named Server1 and discovered that the server is NOT listed on the Azure Active Directory Connect
Servers list.
You suspect that another administrator removed Server1 from the list.
You need to ensure that you can view the health status of Server1.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. From Windows PowerShell, run the cmdlet. Register-AzureADConnectHealthSyncAgent
B. From Azure Cloud shell, run the Connect-AzureAD cmdlet.
C. From Server1, change the Azure AD Connect Health services Startup type to Automatic (Delayed Start).
D. From Server1, change the Azure AD Connect Health services Startup type to Automatic.
E. From Server1, reinstall the Azure AD Connect Health agent.
A. From Windows PowerShell, run the cmdlet. Register-AzureADConnectHealthSyncAgent
E. From Server1, reinstall the Azure AD Connect Health agent.
You have a Microsoft 365 subscription.
You suspect that several Microsoft Office 365 applications or services were recently updated.
You need to identify which applications or services were recently updated.
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. From the Microsoft 365 admin center, review the Message center blade.
B. From the Office 365 Admin mobile app, review the messages.
C. From the Microsoft 365 admin center, review the Products blade.
D. From the Microsoft 365 admin center, review the Service health blade.
A. From the Microsoft 365 admin center, review the Message center blade.
B. From the Office 365 Admin mobile app, review the messages.
Your network contains an on-premises Active Directory domain named contoso.com that is synced to a Microsoft Azure Active Directory (Azure AD) tenant. The on-premises domain contains a server named Server1 that runs Windows Server 2016 and 200 client computers that run Windows 10.
Your company purchases a Microsoft 365 subscription.
On Server1, you create a file share named Share1. You extract the Microsoft Office Deployment Tool (ODT) to Share1.
You need to deploy Office 365 ProPlus, and the French language pack from Share1 to the Windows 10 computers.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
In Microsoft 365, you configure a data loss prevention (DLP) policy named Policy1. Policy1 detects the sharing of United States (US) bank account numbers in email messages and attachments.
Policy1 is configured as shown in the exhibit. (Click the Exhibit tab.)
You need to ensure that internal users can email documents that contain US bank account numbers to external users who have an email suffix of contoso.com.
What should you configure?
A. an action
B. a group
C. a condition
D. an exception
A. an action
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You have three applications App1, App2, App3. The Apps use files that have the same file extensions.
Your company uses Windows Information Protection (WIP). WIP has the following configurations:
✑ Windows Information Protection mode: Silent
✑ Protected apps: App1
✑ Exempt apps: App2
From App1, you create a file named File1.
What is the effect of the configurations? To answer, select the appropriate options in the answer area.
Hot Area:
From the Microsoft Azure Active Directory (Azure AD) Identity Protection dashboard, you view the risk events shown in the exhibit. (Click the Exhibit tab.)
You need to reduce the likelihood that the sign-ins are identified as risky.
What should you do?
A. From the Security & Compliance admin center, add the users to the Security Readers role group.
B. From the Conditional access blade in the Azure Active Directory admin center, create named locations.
C. From the Azure Active Directory admin center, configure the trusted IPs for multi-factor authentication.
D. From the Security & Compliance admin center, create a classification label.
B. From the Conditional access blade in the Azure Active Directory admin center, create named locations.
You have a Microsoft 365 subscription.
You have the devices shown in the following table.
You need to onboard the devices to Windows Defender Advanced Threat Protection (ATP). The solution must avoid installing software on the devices whenever possible.
Which onboarding method should you use for each operating system? To answer, drag the appropriate methods to the correct operating systems. Each method may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
You have a Microsoft 365 subscription.
You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled devices enrolled on mobile device management (MDM).
What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
You implement Microsoft Azure Advanced Threat Protection (Azure ATP).
You have an Azure ATP sensor configured as shown in the following exhibit.
Updates -
How long after the Azure ATP cloud service is updated will the sensor update?
A. 1 hour
B. 7 days
C. 48 hours
D. 12 hours
E. 24 hours
E. 24 hours
15 / Android
