Released Microsoft MS-101 Updated Questions PDF [Q120-Q134]

Rate this post

Released Microsoft MS-101 Updated Questions PDF

MS-101 Dumps and Practice Test (372 Exam Questions)

Microsoft MS-101: Exam Details

The Microsoft MS-101: Microsoft 365 Mobility & Security exam is available in two languages: English and Japanese. The test evaluates the expertise of the individuals in implementing contemporary device services, managing Microsoft 365 compliance and governance, as well as implementing Microsoft 365 threat management and security. The candidates must pay the fee of $165 to register for this certification exam. Microsoft does not provide any information about the details of its tests. However, the question formats that are common in the delivery of its exams, including Microsoft MS-101, are multiple choice, build list, active screen, short answer, best answer, and case studies, among others. The number of questions that may be included in the test is between 40 and 60. The allocated time is 2 hours.

How to Register For Exam MS-101: Microsoft 365 Mobility and Security?

Exam Register Link: https://examregistration.microsoft.com/?locale=en-us&examcode=MS-101&examname=Exam%20MS-101:%20Microsoft%20365%20Mobility%20and%20Security&returnToLearningUrl=https%3A%2F%2Fdocs.microsoft.com%2Flearn%2Fcertifications%2Fexams%2Fms-101

Since the test is part of the expert-level certification path, it comes with a certain set of pre-requisites. The vendor suggests that the aspiring candidate should have any of the below-mentioned certifications before going for MS-101 exam:

Microsoft 365 Certified: Security Administrator Associate
Microsoft 365 Certified: Teams Administrator Associate
MCSE: Productivity Solutions Expert
Microsoft 365 Certified: Modern Desktop Administrator Associate
Microsoft 365 Certified: Messaging Administrator Associate

NO.120 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network.
Solution: From the Device Management admin center, you create a trusted location and a compliance policy.
Does this meet the goal?

Yes

Explanation
Conditional Access in SharePoint Online can be configured to use an IP Address white list to allow access.
References:
https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Conditional-Access-in-SharePoint-Onlinean

NO.121 You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com.
You have three applications named App1, App2, and App3 that have the same file format.
Your company uses Windows Information Protection (WIP). WIP has the following configurations:
* Windows Information Protection mode: Silent
* Protected apps: App1
* Exempt apps: App2
From App1, you create a file named File1.
What is the effect of the configurations? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Explanation

NO.122 You configure a data loss prevention (DLP) policy named DLP1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Explanation

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide

NO.123 Which report should the New York office auditors view?

DLP policy matches

DLP false positives and overrides

DLP incidents

Top Senders and Recipients

Explanation
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies This report also shows policy matches over time, like the policy matches report. However, the policy matches report shows matches at a rule level; for example, if an email matched three different rules, the policy matches report shows three different line items. By contrast, the incidents report shows matches at an item level; for example, if an email matched three different rules, the incidents report shows a single line item for that piece of content. Because the report counts are aggregated differently, the policy matches report is better for identifying matches with specific rules and fine tuning DLP policies. The incidents report is better for identifying specific pieces of content that are problematic for your DLP policies.

NO.124 You need to meet the technical requirements and planned changes for Intune.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Reference:
https://docs.microsoft.com/en-us/intune/windows-enroll

NO.125 Your network contains an Active Directory domain named contoso.com that uses Microsoft System Center Configuration Manager (Current Branch).
You have Windows 10 and Windows 8.1 devices.
You need to ensure that you can analyze the upgrade readiness of all the Windows 8.1 devices and analyze the update compliance of all the Windows 10 devices.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Explanation

References:
https://docs.microsoft.com/en-us/windows/deployment/upgrade/upgrade-readiness-get-started
https://docs.microsoft.com/en-us/windows/deployment/update/update-compliance-get-started

NO.126 Your company uses Windows Defender Advanced Threat Protection (ATP). Windows Defender ATP contains the device groups shown in the following table.

You onboard computers to Windows Defender ATP as shown in the following table.

Of which groups are Computer1 and Computer2 members? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Explanation

NO.127 Your company is based in the United Kingdom (UK).
Users frequently handle data that contains Personally Identifiable Information (PII).
You create a data loss prevention (DLP) policy that applies to users inside and outside the company. The policy is configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Explanation:
References:
https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies

NO.128 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You have a Microsoft 365 subscription.
From the Security & Compliance admin center, you create a role group named US eDiscovery Managers by copying the eDiscovery Manager role group.
You need to ensure that the users in the new role group can only perform content searches of mailbox content for users in the United States.
Solution: From the Security & Compliance admin center, you modify the roles of the US eDiscovery Managers role group.
Does this meet the goal?

Yes

NO.129 Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain. The domain contains 2,000 computers that run Windows 8.1 and have applications installed as shown in the following table.

You enroll all the computers in Upgrade Readiness.
You need to ensure that App1 and App2 have an UpgradeDecision status of Ready to upgrade.
Solution: You set the ReadyForWindows status of App2 to Highly adopted.
Does this meet the goal?

Yes

App1 has a “low install count” (2% or less) so will be Ready to upgrade. We just need to change the setting for App2.
References:
https://docs.microsoft.com/en-us/windows/deployment/upgrade/upgrade-readiness-identify-apps

NO.130 You configure a conditional access policy. The locations settings are configured as shown in the Locations exhibit. (Click the Locations tab.)

The users and groups settings are configured as shown in the Users and Groups exhibit. (Click Users and Groups tab.)

Members of the Security reader group report that they cannot sign in to Microsoft Active Directory (Azure AD) on their device while they are in the office.
You need to ensure that the members of the Security reader group can sign in in to Azure AD on their device while they are in the office. The solution must use the principle of least privilege.
What should you do?

From the conditional access policy, configure the device state.

From the Azure Active Directory admin center, create a custom control.

From the Intune admin center, create a device compliance policy.

From the Azure Active Directory admin center, create a named location.

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

NO.131 You have a Microsoft 365 subscription.
You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled in mobile device management (MDM).
What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Explanation:
https://docs.microsoft.com/en-us/intune/advanced-threat-protection

NO.132 You need to meet the technical requirement for the SharePoint administrator. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Explanation

References:
https://docs.microsoft.com/en-us/office365/securitycompliance/search-the-audit-log-in-security-and-compliance#

NO.133 Your company has a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com.
The company purchases a cloud app named App1 that supports Microsoft Cloud App Security monitoring.
You configure App1 to be available from the My Apps portal.
You need to ensure that you can monitor App1 from Cloud App Security.
What should you do?

From the Azure Active Directory admin center, create a conditional access policy.

From the Azure Active Directory admin center, create an app registration.

From the Endpoint Management admin center, create an app protection policy.

From the Endpoint Management admin center, create an app configuration policy.

Section: [none]

NO.134 A user named User1 has files in Microsoft OneDrive as shown in the following table.

On February 1, 2019, you apply a retention policy named Policy1 as shown in the following exhibit.

On February 5, 2019, User1 edits File2.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.