microsoft ms-102 practice test

Question 1

HOTSPOT

You have an Azure AD tenant that contains the users shown in the following table.



You enable self-service password reset for all users. You set Number of methods required to reset to 1, and you set Methods available to users to Security questions only.

What information must be configured for each user before the user can perform a self-service password reset? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 2

You have a Microsoft 365 E5 subscription that contains a user named User1.

You create a retention label named Retention1 that is published to all locations.

You need to ensure that User1 can label email messages by using Retention1 as soon as possible.

Which cmdlet should you run in Microsoft Exchange Online PowerShell?

• A. Start-ManagedFolderAssistant
• B. Start-MpScan
• C. Start-AppBackgroundTask
• D. Start-Process

Question 3

HOTSPOT You have a new Microsoft 365 E5 tenant.
Enable Security defaults is set to Yes.
A user signs in to the tenant for the first time.
Which multi-factor authentication (MFA) method can the user use, and how many days does the user have to register for MFA? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question 4

HOTSPOT You have a Microsoft 365 E5 subscription.
You need to implement identity protection. The solution must meet the following requirements:
Identify when a user's credentials are compromised and shared on the dark web.
Provide users that have compromised credentials with the ability to self-remediate.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Question 5

DRAG DROP

Your company has an Azure AD tenant named contoso.onmicrosoft.com.

You purchase a domain named contoso.com from a registrar and add all the required DNS records.

You create a user account named User1. User1 is configured to sign in as [email protected].

You need to configure User1 to sign in as [email protected].

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question 6

Your network contains an on-premises Active Directory domain named contoso.com.
For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.
You plan to sync contoso.com to an Azure AD tenant
You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.
What should you include in the recommendation?

• A. pass-through authentication
• B. conditional access policies
• C. password synchronization
• D. Azure AD Identity Protection policies

Question 7

You have a new Microsoft 365 E5 tenant.
You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected.
What should you do first?

• A. Enable auditing.
• B. Enable Microsoft 365 usage analytics.
• C. Create an Insider risk management policy.
• D. Create a communication compliance policy.

Question 8

You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365 and contains a mailbox named Mailbox1.

You plan to use Mailbox1 to collect and analyze unfiltered email messages.

You need to ensure that Defender for Office 365 takes no action on any inbound emails delivered to Mailbox1.

What should you do?

• A. Configure a retention policy for Mailbox1.
• B. Create a mail flow rule.
• C. Configure Mailbox1 as a SecOps mailbox.
• D. Place a litigation hold on Mailbox1.

Question 9

Your company has a Microsoft 365 E5 subscription.
Users in the research department work with sensitive data.
You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.
What should you do?

• A. Create a data loss prevention (DLP) policy that has a Content is shared condition.
• B. Modify the safe links policy Global settings.
• C. Create a data loss prevention (DLP) policy that has a Content contains condition.
• D. Create a new safe links policy.

Question 10

HOTSPOT You configure a data loss prevention (DLP) policy named DLP1 with a rule configured as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.