For each of the following statements, select Yes if the statement is true. Otherwise, select No. - With Advanced Audit in Microsoft 365, you can identify when email items were accessed - Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing - Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data

- With Advanced Audit in Microsoft 365, you can identify when email items were accessed → Yes - Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing → No - Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - You can use Advanced Audit in Microsoft 365 to view billing details - You can use Advanced Audit in Microsoft 365 to view the contents of an email message - You can use Advanced Audit in Microsoft 365 to identify when a user uses the search bar in Outlook on the web to search for items in a mailbox

- You can use Advanced Audit in Microsoft 365 to view billing details → No - You can use Advanced Audit in Microsoft 365 to view the contents of an email message → No - You can use Advanced Audit in Microsoft 365 to identify when a user uses the search bar in Outlook on the web to search for items in a mailbox → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - You can add a resource lock to an Azure subscription - You can add only one resource lock to an Azure resource - You can delete a resource group containing resources that have resource locks

- You can add a resource lock to an Azure subscription → Yes - You can add only one resource lock to an Azure resource → No - You can delete a resource group containing resources that have resource locks → No

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Users can apply sensitivity labels manually - Multiple sensitivity labels can be applied to the same file - A sensitivity label can apply a watermark to a Microsoft Word document

- Users can apply sensitivity labels manually → Yes - Multiple sensitivity labels can be applied to the same file → No - A sensitivity label can apply a watermark to a Microsoft Word document → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Sensitivity labels can be used to encrypt documents - Sensitivity labels can add headers and footers to documents - Sensitivity labels can apply watermarks to emails

- Sensitivity labels can be used to encrypt documents → Yes - Sensitivity labels can add headers and footers to documents → Yes - Sensitivity labels can apply watermarks to emails → No

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Compliance Manager tracks only customer-managed controls - Compliance Manager provides predefined templates for creating assessments - Compliance Manager can help you assess whether data adheres to specific data protection standards

- Compliance Manager tracks only customer-managed controls → No - Compliance Manager provides predefined templates for creating assessments → Yes - Compliance Manager can help you assess whether data adheres to specific data protection standards → Yes

Topic 3 Flashcards by Mauro Di Grazia

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

With Advanced Audit in Microsoft 365, you can identify when email items were accessed
Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing
Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data

With Advanced Audit in Microsoft 365, you can identify when email items were accessed → Yes
Advanced Audit in Microsoft 365 supports the same retention period of audit logs as core auditing → No
Advanced Audit in Microsoft 365 allocates customer-dedicated bandwidth for accessing audit data → Yes

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Azure Active Directory (Azure AD) Identity Protection can add users to groups based on the users’ risk level
Azure Active Directory (Azure AD) Identity Protection can detect whether user credentials were leaked to the public
Azure Active Directory (Azure AD) Identity Protection can be used to invoke Multi-Factor Authentication based on a user’s risk level

Azure Active Directory (Azure AD) Identity Protection can add users to groups based on the users’ risk level → No
Azure Active Directory (Azure AD) Identity Protection can detect whether user credentials were leaked to the public → Yes
Azure Active Directory (Azure AD) Identity Protection can be used to invoke Multi-Factor Authentication based on a user’s risk level → Yes

How well did you know this?

Not at all

Perfectly

Which Microsoft 365 compliance center feature can you use to identify all the documents on a Microsoft SharePoint Online site that contain a specific key word?

A. Audit
B. Compliance Manager
C. Content Search
D. Alerts

C. Content Search

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Azure Defender
Microsoft Purview Compliance Portal
The Microsoft Defender portal
Microsoft Endpoint Manager
↘
provides a central location for managing information protection, information governance, and data loss prevention (DLP) policies.

Microsoft Purview Compliance Portal

How well did you know this?

Not at all

Perfectly

Which Microsoft 365 feature can you use to restrict users from sending email messages that contain lists of customers and their associated credit card numbers?

A. retention policies
B. data loss prevention (DLP) policies
C. conditional access policies
D. information barriers

B. data loss prevention (DLP) policies

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Customer Lockbox
Information barriers
Privileged Access Management (PAM)
Sensitivity labels
↘
can be used to provide Microsoft Support Engineers with access to an organization’s data stored in Microsoft Exchange Online, SharePoint Online, and OneDrive for Business.

Customer Lockbox

How well did you know this?

Not at all

Perfectly

In a Core eDiscovery workflow, what should you do before you can search for content?

A. Create an eDiscovery hold.
B. Run Express Analysis.
C. Configure attorney-client privilege detection.
D. Export and download results.

A. Create an eDiscovery hold.

How well did you know this?

Not at all

Perfectly

Which Microsoft portal provides information about how Microsoft manages privacy, compliance, and security?

A. Microsoft Service Trust Portal
B. Compliance Manager
C. Microsoft 365 compliance center
D. Microsoft Support

A. Microsoft Service Trust Portal

How well did you know this?

Not at all

Perfectly

What can you protect by using the information protection solution in the Microsoft 365 compliance center?

A. computers from zero-day exploits
B. users from phishing attempts
C. files from malware and viruses
D. sensitive data from being exposed to unauthorized users

D. sensitive data from being exposed to unauthorized users

How well did you know this?

Not at all

Perfectly

What can you specify in Microsoft 365 sensitivity labels?

A. how long files must be preserved
B. when to archive an email message
C. which watermark to add to files
D. where to store files

C. which watermark to add to files

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You can use Advanced Audit in Microsoft 365 to view billing details
You can use Advanced Audit in Microsoft 365 to view the contents of an email message
You can use Advanced Audit in Microsoft 365 to identify when a user uses the search bar in Outlook on the web to search for items in a mailbox

You can use Advanced Audit in Microsoft 365 to view billing details → No
You can use Advanced Audit in Microsoft 365 to view the contents of an email message → No
You can use Advanced Audit in Microsoft 365 to identify when a user uses the search bar in Outlook on the web to search for items in a mailbox → Yes

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You can add a resource lock to an Azure subscription
You can add only one resource lock to an Azure resource
You can delete a resource group containing resources that have resource locks

You can add a resource lock to an Azure subscription → Yes
You can add only one resource lock to an Azure resource → No
You can delete a resource group containing resources that have resource locks → No

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Users can apply sensitivity labels manually
Multiple sensitivity labels can be applied to the same file
A sensitivity label can apply a watermark to a Microsoft Word document

Users can apply sensitivity labels manually → Yes
Multiple sensitivity labels can be applied to the same file → No
A sensitivity label can apply a watermark to a Microsoft Word document → Yes

How well did you know this?

Not at all

Perfectly

Which two tasks can you implement by using data loss prevention (DLP) policies in Microsoft 365?

A. Display policy tips to users who are about to violate your organization’s policies.
B. Enable disk encryption on endpoints.
C. Protect documents in Microsoft OneDrive that contain sensitive information.
D. Apply security baselines to devices.

A. Display policy tips to users who are about to violate your organization’s policies.
C. Protect documents in Microsoft OneDrive that contain sensitive information.

How well did you know this?

Not at all

Perfectly

Select the answer that correctly completes the sentence.

Compliance Manager assesses compliance data _______ for an organization.
↘
- continually
- monthly
- on-demand
- quarterly

continually

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Sensitivity labels can be used to encrypt documents
Sensitivity labels can add headers and footers to documents
Sensitivity labels can apply watermarks to emails

Sensitivity labels can be used to encrypt documents → Yes
Sensitivity labels can add headers and footers to documents → Yes
Sensitivity labels can apply watermarks to emails → No

How well did you know this?

Not at all

Perfectly

Which Microsoft 365 compliance feature can you use to encrypt content automatically based on specific conditions?

A. Content Search
B. sensitivity labels
C. retention policies
D. eDiscovery

B. sensitivity labels

How well did you know this?

Not at all

Perfectly

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Compliance Manager tracks only customer-managed controls
Compliance Manager provides predefined templates for creating assessments
Compliance Manager can help you assess whether data adheres to specific data protection standards

Compliance Manager tracks only customer-managed controls → No
Compliance Manager provides predefined templates for creating assessments → Yes
Compliance Manager can help you assess whether data adheres to specific data protection standards → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

You can use the insider risk management solution to detect phishing scams
You can access the insider risk management solution from the Microsoft 365 compliance center
You can use the insider risk management solution to detect data leaks by unhappy employees

You can use the insider risk management solution to detect phishing scams → No
You can access the insider risk management solution from the Microsoft 365 compliance center → Yes
You can use the insider risk management solution to detect data leaks by unhappy employees → Yes

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Azure Policy supports automatic remediation
Azure Policy can be used to ensure that new resources adhere to corporate standards
Compliance evaluation in Azure Policy occurs only when a target resource is created or modified

Azure Policy supports automatic remediation → Yes
Azure Policy can be used to ensure that new resources adhere to corporate standards → Yes
Compliance evaluation in Azure Policy occurs only when a target resource is created or modified → No

Same as question 155-
Match the Microsoft 365 insider risk management workflow step to the appropriate task.

Steps
- Action
- Investigate
- Triage

Answer Area
- Review and filter alerts
- Create cases in the Case dashboard
- Send a reminder of corporate policies to users

Action → Send a reminder of corporate policies to users
Investigate → Create cases in the Case dashboard
Triage → Review and filter alerts

Which two cards are available in the Microsoft 365 Defender portal?

A. Devices at risk
B. Compliance Score
C. Service Health
D. User Management
E. Users at risk

A. Devices at risk
E. Users at risk

What should you use to ensure that the members of an Azure Active Directory group use multi-factor authentication (MFA) when they sign in?

A. Azure role-based access control (Azure RBAC)
B. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
C. Azure Active Directory (Azure AD) Identity Protection
D. a conditional access policy

D. a conditional access policy

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Azure Active Directory (Azure AD) Identity Protection generates risk detections once a user is authenticated
Azure Active Directory (Azure AD) Identity Protection assigns a risk level of Low, Medium, or High to each risk event
A user risk in Azure Active Directory (Azure AD) Identity Protection represents the probability that a given identity or account is compromised

Azure Active Directory (Azure AD) Identity Protection generates risk detections once a user is authenticated → Yes
Azure Active Directory (Azure AD) Identity Protection assigns a risk level of Low, Medium, or High to each risk event → Yes
A user risk in Azure Active Directory (Azure AD) Identity Protection represents the probability that a given identity or account is compromised → Yes

You need to keep a copy of all files in a Microsoft SharePoint site for one year, even if users delete the files from the site. What should you apply to the site? A. a retention policy B. an insider risk policy C. a data loss prevention (DLP) policy D. a sensitivity label policy

A. a retention policy

You need to create a data loss prevention (DLP) policy. What should you use? A. the Microsoft Purview Compliance Portal B. the Microsoft Endpoint Manager admin center C. the Microsoft 365 admin center D. the Microsoft 365 Defender portal

A. the Microsoft Purview Compliance Portal

What is an assessment in Compliance Manager? A. A policy initiative that includes multiple policies. B. A dictionary of words that are not allowed in company documents. C. A grouping of controls from a specific regulation, standard or policy. D. Recommended guidance to help organizations align with their corporate standards.

C. A grouping of controls from a specific regulation, standard or policy.

What can you use to view the Microsoft Secure Score for Devices? A. Microsoft Defender for Cloud Apps B. Microsoft Defender for Endpoint C. Microsoft Defender for Identity D. Microsoft Defender for Office 365

B. Microsoft Defender for Endpoint

Match the Microsoft Defender for Office 365 feature to the correct description. -Features- - Threat Explorer - Threat Trackers - Anti-phishing protection -Answer Area- - Provides intelligence on prevailing cybersecurity issues - Provides real-time reports to identify and analyze recent threats - Detect impersonation attempts

Threat Explorer → Provides real-time reports to identify and analyze recent threats Threat Trackers → Provides intelligence on prevailing cybersecurity issues Anti-phishing protection → Detect impersonation attempts Keywords: Real-time = Explorer Prevailing = Trackers Impersonation = Anti-phishing

For each of the following statements, select Yes if the statement is true. Otherwise, select No. - Each network security group (NSG) rule must have a unique name - Network security group (NSG) default rules can be deleted - Network security group (NSG) rules can be configured to check TCP, UDP, or ICMP network protocol types

- Each network security group (NSG) rule must have a unique name → Yes - Network security group (NSG) default rules can be deleted → No - Network security group (NSG) rules can be configured to check TCP, UDP, or ICMP network protocol types → Yes

Select the answer that correctly completes the sentence. When users attempt to access an application or a service, _________ controls their level of access. ↘ - administration - auditing - authentication - authorization

authorization you can simply memorize: authENTication = ENTER = can i go in? authoRIzation = RIGHTS = where i can then go?

What are customers responsible for when evaluating security in a software as a service (SaaS) cloud services model? A. operating systems B. network controls C. applications D. accounts and identities

D. accounts and identities

Select the answer that correctly completes the sentence. - A domain controller - Active Directory Domain Services (AD DS) - Azure Active Directory (Azure AD) Privilege Identity Management (PIM) - Federation ↘ provides single sign-on (SSO) capabilities across multiple identity providers.

Federation

Select the answer that correctly completes the sentence. In an environment that has on-premises resources and cloud resources, _______ should be the primary security perimeter. ↘ - the cloud - a firewall - identity - Microsoft Defender for Cloud

identity

What does Conditional Access evaluate by using Azure Active Directory (Azure AD) Identity Protection? A. user actions B. group membership C. device compliance D. user risk

user risk

Which statement represents a Microsoft privacy principle? A. Microsoft manages privacy settings for its customers. B. Microsoft respects the local privacy laws that are applicable to its customers. C. Microsoft uses hosted customer email and chat data for targeted advertising. D. Microsoft does not collect any customer data.

B. Microsoft respects the local privacy laws that are applicable to its customers.

Select the answer that correctly completes the sentence. - A security information and event management (SIEM) - A security orchestration automated response (SOAR) - A Trusted Automated eXchange of Indicator Information (TAXII) - An attack surface reduction (ASR) ↘ system is a tool that collects data from multiple systems, identifies correlations or anomalies, and generates alerts and incidents.

- A security information and event management (SIEM)

Select the answer that correctly completes the sentence. Microsoft Sentinel _______ use Azure Logic Apps to automate and orchestrate responses to alerts. ↘ - analytic rules - hunting queries - playbooks - workbooks

playbooks

Which compliance feature should you use to identify documents that are employee resumes? A. pre-trained classifiers B. Activity explorer C. eDiscovery D. Content explorer

A. pre-trained classifiers

Match the pillars of Zero Trust to the appropriate requirements. -Pillars- - Data - Identities - Networks -Answer Area- - Must be segmented - Must be verified by using strong authentication - Must be classified, labeled, and encrypted based on its attributes

Data → Must be classified, labeled, and encrypted based on its attributes. Identities → Must be verified by using strong authentication. Networks → Must be segmented.

Match the types of compliance score actions to the appropriate tasks. -Compliance score action- - Corrective - Detective - Preventative -Answer Area- - Use encryption to protect data at rest - Actively monitor systems to identify irregularities that might represent risks

Detective → Actively monitor systems to identify irregularities that might represent risks. Preventative → Use encryption to protect data at rest Protect = prevent Monitor = detect Corrective → Actively monitor systems to identify irregularities that might represent risks.

Which pillar of identity relates to tracking the resources accessed by a user? A. authorization B. auditing C. administration D. authentication

B. auditing

What can be created in Active Directory Domain Services (AD DS)? A. line-of-business (LOB) applications that require modern authentication B. computer accounts C. software as a service (SaaS) applications that require modern authentication D. mobile devices

B. computer accounts

Select the answer that correctly completes the sentence. When users sign in, ________ verifies their credentials to prove their identity. ↘ - administration - auditing - authentication - authorization

authentication