SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
You need to prevent email messages that contain attachments that have the .js file extension from being delivered to any
recipients in your organization.
To complete this task, sign in to the Microsoft 365 admin center.
See explanation below.
Explanation:
1. Go to Mail flow > Rules.
2. Create the rule by using one of the following options:
- To create a rule from a template, click Add and select a template.
- To copy a rule, select the rule, and then select Copy .
- To create a new rule from scratch, Add and then select Create a new rule.
3. In the New rule dialog box, name the rule, and then select the conditions and actions for this rule:
- In Apply this rule if..., select the condition you want from the list of available conditions:
Some conditions require you to specify values. For example, if you select The sender is... condition, you must specify a
sender address. If you're adding a word or phrase, note that trailing spaces are not allowed.
If the condition you want isn't listed, or if you need to add exceptions, select More options. Additional conditions and
exceptions will be listed.
If you don't want to specify a condition, and want this rule to apply to every message in your organization, select [Apply to
all messages] condition.
- In Do the following..., select the action you want the rule to take on messages matching the criteria from the list of available
actions:
Some of the actions will require you to specify values. For example, if you select the Forward the message for approval
to... condition, you will need to select a recipient in your organization. If the condition you want isn't listed, select More
options. Additional conditions will be listed.
- Specify how rule match data for this rule is displayed in the Data Loss Prevention (DLP) reports and the Mail protection
reports.
- Set the mode for the rule. You can use one of the two test modes to test the rule without impacting mail flow. In both test
modes, when the conditions are met, an entry is added to the message trace:
Enforce: This turns on the rule and it starts processing messages immediately. All actions on the rule will be performed.
Test with Policy Tips: This turns on the rule, and any Policy Tip actions ( Notify the sender with a Policy Tip) will be sent,
but no actions related to message delivery will be performed. Data Loss Prevention (DLP) is required in order to use this
mode.
Test without Policy Tips: Only the Generate incident report action will be enforced. No actions related to message delivery
are performed.
Exchange Online admins can create mail flow rules in the Exchange admin center (EAC) at Mail flow > Rules. You need
permissions to do this procedure. After you start to create a new rule, you can see the full list of attachment-related
conditions by clicking More options > Any attachment under Apply this rule if. The attachment-related options are shown in
the following diagram.
Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/manage-mail-flow-rules
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/inspect-message-attachments
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
You need to prevent email messages from a domain named fabrikam.com from being delivered to the mailboxes of your
organization.
To complete this task, sign in to the Microsoft 365 admin center.
See explanation below.
Explanation:
1. In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & Collaboration > Policies & Rules >
Threat policies > Anti-spam in the Policies section. To go directly to the Antispam policies page, use
https://security.microsoft.com/antispam.
2. On the Anti-spam policies page, click Create policy and then select Inbound from the drop down list.
3. The policy wizard opens. On the Name your policy page, configure these settings:
- Name: Enter a unique, descriptive name for the policy.
- Description: Enter an optional description for the policy.
When you're finished, click Next.
4. On the Users, groups, and domains page that appears, identify the internal recipients that the policy applies to (recipient
conditions):
- Users: The specified mailboxes, mail users, or mail contacts in your organization.
- Groups: The specified distribution groups, mail-enabled security groups, or Microsoft 365 Groups in your organization. -
Domains: All recipients in the specified accepted domains in your organization.
Click in the appropriate box, start typing a value, and select the value that you want from the results. Repeat this process as
many times as necessary. To remove an existing value, click remove next to the value.
For users or groups, you can use most identifiers (name, display name, alias, email address, account name, etc.), but the
corresponding display name is shown in the results. For users, enter an asterisk (*) by itself to see all available values.
Multiple values in the same condition use OR logic (for example, or ). Different conditions use AND logic (for example, and ).
- Exclude these users, groups, and domains: To add exceptions for the internal recipients that the policy applies to (recipient
exceptions), select this option and configure the exceptions. The settings and behavior are exactly like the conditions.
When you're finished, click Next.
5. On the Bulk email threshold & spam properties page that appears, configure the following settings:
- Bulk email threshold: Specifies the bulk complaint level (BCL) of a message that triggers the specified action for the Bulk
spam filtering verdict that you configure on the next page (greater than the specified value, not greater than or equal to). A
higher value indicates the message is less desirable (more likely to resemble spam). The default value is 7. For more
information, see Bulk complaint level (BCL) in EOP and What's the difference between junk email and bulk email?.
By default, the PowerShell only setting MarkAsSpamBulkMail is On in anti-spam policies. This setting dramatically affects
the results of a Bulk filtering verdict:
MarkAsSpamBulkMail is On: A BCL that's greater than the threshold is converted to an SCL 6 that corresponds to a
filtering verdict of Spam, and the action for the Bulk filtering verdict is taken on the message.
MarkAsSpamBulkMail is Off: The message is stamped with the BCL, but no action is taken for a Bulk filtering verdict. In
effect, the BCL threshold and Bulk filtering verdict action are irrelevant. - Increase spam score, Mark as spam* and Test
mode: Advanced Spam Filter (ASF) settings that are turned off by default. The Contains specific languages and from these
countries settings are not part of ASF.
- Contains specific languages: Click the box and select On or Off from the drop down list. If you turn it on, a box appears.
Start typing the name of a language in the box. A filtered list of supported languages will appear. When you find the
language that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, click
remove next to the value.
- From these countries*: Click the box and select On or Off from the drop down list. If you turn it on, a box appears. Start
typing the name of a country in the box. A filtered list of supported countries will appear. When you find the country that
you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, click remove next
to the value.
When you're finished, click Next.
6. On the Actions page that appears, configure the following settings:
- Message actions: Select or review the action to take on messages based on the following spam filtering verdicts:
Spam
High confidence spam
Phishing
High confidence phishing
Bulk
- Retain spam in quarantine for this many days: Specifies how long to keep the message in quarantine if you selected
Quarantine message as the action for a spam filtering verdict. After the time period expires, the message is deleted, and is
not recoverable. A valid value is from 1 to 30 days.
- Add this X-header text: This box is required and available only if you selected Add X-header as the action for a spam
filtering verdict. The value you specify is the header field name that's added to the message header. The header field value
is always This message appears to be spam.
- Prepend subject line with this text: This box is required and available only if you selected Prepend subject line with text as
the action for a spam filtering verdict. Enter the text to add to the beginning of the message's subject line.
- Redirect to this email address: This box is required and available only if you selected the Redirect message to email
address as the action for a spam filtering verdict. Enter the email address where you want to deliver the message. You can
enter multiple values separated by semicolons (;).
- Enable safety Tips: By default, Safety Tips are enabled, but you can disable them by clearing the checkbox.
- Enable zero-hour auto purge (ZAP): ZAP detects and takes action on messages that have already been delivered to
Exchange Online mailboxes.
ZAP is turned on by default. When ZAP is turned on, the following settings are available:
Enable ZAP for phishing messages: By default, ZAP is enabled for phishing detections, but you can disable it by clearing
the checkbox. Enable ZAP for spam messages: By default, ZAP is enabled for spam detections, but you can disable it by
clearing the checkbox.
When you're finished, click Next.
7. On the Allow & block list flyout that appears, you are able to configure message senders by email address or email
domain that are allowed to skip spam filtering. In the Allowed section, you can configure allowed senders and allowed
domains. In the Blocked section, you can add blocked senders and blocked domains. The steps to add entries to any of the
lists are the same:
- Click the link for the list that you want to configure:
Allowed > Senders: Click Manage (nn) sender(s). Allowed > Domains: Click Allow domains.
Blocked > Senders: Click Manage (nn) sender(s).
Blocked > Domains: Click Block domains.
- In the flyout that appears, do the following steps:
Click + Add senders or Add domains.
In the Add senders or Add domains flyout that appears, enter the sender's email address in the Sender box or the domain
in the Domain box. As you're typing, the value appears below the box. When you're finished typing the email address or
domain, select the value below the box.
Repeat the previous step as many times as necessary. To remove an existing value, click remove next to the value.
When you're finished, click Add senders or Add domains.
- Back on the main flyout, the senders or domains that you added are listed on the page. To remove an entry from this page,
do the following steps: Select one or more entries from the list. You can also use the Search box to find values in the list.
After you select at least one entry, the delete icon appears
Click the delete icon to remove the selected entries When you're finished, click Done.
Back on the Allow & block list page, click Next when you're read to continue.
8. On the Review page that appears, review your settings. You can select Edit in each section to modify the settings within
the section. Or you can click Back or select the specific page in the wizard. When you're finished, click Create.
9. On the confirmation page that appears, click Done.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-your-spam-filter-policies?view=o365-
worldwide
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
You need to ensure that all email messages in the mailbox of a user named Pradeep Gupta are retained for 90 days.
To complete this task, sign in to the Microsoft 365 admin center.
See explanation below.
Explanation:
1. Go to the Microsoft 365 admin center and then click Users > Active users.
2. Select Pradeep Gupta.
3. On the properties flyout page, click the Mail tab, and then under More actions, click Manage litigation hold.
4. On the Manage litigation hold flyout page, select the Turn on litigation hold checkbox and then enter the following optional
information:
Hold duration (days): Use this box to create a time-based hold and specify how long mailbox items are held when the
mailbox is placed on Litigation hold. The duration is calculated from the date a mailbox item is received or created. When the
hold duration expires for a specific item, that item will no longer be preserved. If you leave this box blank, items are
preserved indefinitely or until the hold is removed. Configure 90 days.
Note visible to the user: Use this box to inform the user their mailbox is on Litigation hold. The note will appear on the
Account Information page in the user's mailbox if they're using Outlook 2010 or later. To access this page, users can click
File in Outlook.
Web page with more information for the user: Use this box to direct the user to a website for more information about
Litigation hold. This URL appears on the Account Information page in the user's mailbox if they are using Outlook 2010 or
later. To access this page, users can click File in Outlook.
Click Save changes on the Litigation hold flyout page to create the hold.
The system displays a banner saying it might take up to 240 minutes for the change to take effect.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-litigation-hold?view=o365-worldwide
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
You need to ensure that all email messages received from an organization named contoso.com are encrypted by using TLS.
To complete this task, sign in to the Microsoft 365 admin center.
See explanation below.
Explanation:
1. Navigate to Mail flow in the Exchange Admin Center, > Connectors. The Connectors screen appears.
2. Click +Add a connector. The New connector screen appears.
3. Under Connection from, choose Partner organization.
4. Click Next. The Connector name screen appears.
5. Provide a name for the connector and click Next. The Authenticating sent email screen appears.
6. Choose one of the two options between By verifying that the sender domain matches one of the following domains and By
verifying that the IP address of the sending server matches one of the following IP addresses, which belong to your partner
organization.
7. Click Next. The Security restrictions screen appears.
8. Check the check box for Reject email messages if they aren't sent over TLS.
9. Check the check box for Reject email messages if they aren't sent from within this IP address range, and provide the IP
address range.
10.Click Next. The Review connector screen appears.
11.Review the settings you have configured, and click Create connector.
Reference:
https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-
connectors-for-secure-mail-flow-with-a-partner
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
You need to reduce the likelihood that malicious links contained in emails received by mailboxes in
@lab.CloudCredential(1).TenantName are opened.
To complete this task, sign in to the Exchange admin center.
See explanation below.
Explanation:
1. Navigate to the Exchange Admin Center, and then choose the Advanced Threats section of the EAC.
2. Click the Safe Links tab to examine all existing Safe Links policies:
3. After navigating to the Safe Links policy page, choose the Add button (+) to create a new policy. The New Safe Links
Policy window opens. - In the resulting window well be presented with the options available for creating our new Safe Links
policy.
4. In Name enter an appropriate, unique, name that describes this policy. In the description enter some text that provides a
little more detail for anyone trying to make sense of the options selected here.
5. Next well choose the action to take for URLs. We can leave this Off, if for example we are creating a policy to exclude a
group of users that would otherwise be affected by another Safe Links policy.
6. The checkbox Do not track user click can be selected if you do not wish to use the reporting functionality available at a
later date. This is a key feature when understanding which users clicked a link that was later found to be a threat, so be
careful about choosing to disable user click tracking.
7. Our final check box provides options for click-through is a link is found to be dangerous. In some circumstances you may
trust users to click-through links, or they may request the ability to do so. In most circumstances you will not want a user to
click-through the malicious link.
8. Some URLs, such as those for internal addresses or even trusted partners, may not require re-writing. Enter these URLs
here.
9. Finally, we will select the scope for the rule under the Applied to section.
10.Using similar conditions to transport rules we can select who this rule applies to including:
- Individual recipients
- Recipient domains
- Members of distribution groups
11.The same conditions can be used for exceptions. When you have configured your rule, choose Save.
After saving the new Safe Links rule it will be shown in the EAC list. Just like Transport Rules, you can use the Enabled
column to enable or disable the Safe Links policy.
Reference: https://techgenix.com/implementing-exchange-online-advanced-threat-protection-part2/
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only.
Lab Instance: XXXXXX
You need to ensure that when emails containing an attachment that uses an .ace extension is sent to your company, the
email is blocked. Each time an email is blocked, a notification must be sent to [email protected].
To complete this task, sign in to the Exchange admin center.
See explanation below.
Explanation:
1. In the EAC, in the left navigation pane, select mail flow, and then select rules.
2. Select New (+), and then select Create a new rule.
3. In the New Rule window, select More options.
4. In the Name box, specify a name for the new rule.
5. Select the *Apply this rule if drop-down list, point to Any attachment, and then select File extension includes these words.
6. In the Specify words or phrases window, type the file name extension of any attachment that you want to block, and then
select the plus symbol (+) to add the file name extension to the list. When the list is completed, select OK.
7. Select the Do the following drop-down list, point to Block the message, and then select Reject the message and include
an explanation or select Delete the message without notifying anyone.
If it's required, add a statement to inform users who will receive the non-delivery report (NDR) of the reason that mail delivery
failed, and then select OK.
8. Specify any additional options such as rule auditing and rule activation or deactivation time, and then select Save.
Reference:
https://docs.microsoft.com/en-us/exchange/troubleshoot/email-delivery/how-to-block-message-from-being-sent-or-received
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only.
Lab Instance: XXXXXX
You need to ensure that all emails sent from the users in your company to recipients who use a suffix of @fabnkam.com are
encrypted by using Microsoft Office 365 Message Encryption (OME).
To complete this task, sign in to the Exchange admin center.
See explanation below.
Explanation:
1. In the Microsoft 365 admin center, choose Admin centers > Exchange.
2. In the EAC, go to Mail flow > Rules and select New + > Create a new rule.
3. In Name, type a name for the rule, such as Encrypt mail for [email protected].
4. In Apply this rule if, select a condition, and enter a value if necessary. For example, to encrypt messages going to
[email protected]:
In Apply this rule if, select the recipient is.
Select an existing name from the contact list or type a new email address in the check names box.
- To select an existing name, select it from the list and then click OK.
- To enter a new name, type an email address in the check names box and then select check names > OK.
5. To add more conditions, choose More options and then choose add condition and select from the list.
For example, to apply the rule only if the recipient is outside your organization, select add condition and then select The
recipient is external/internal > Outside the organization > OK.
6. To enable encryption using the new OME capabilities, from Do the following, select Modify the message security and then
choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save, and
then choose OK.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/define-mail-flow-rules-to-encrypt-email?view=o365-worldwide
SIMULATION
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes,
and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live
environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g.,
copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you
accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much
time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to
complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: [email protected] Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only. Lab Instance: XXXXXX
Two users named Christie Cline and Irvyn Sayers leave your company.
You need to ensure that all email sent to the users at your company are forwarded automatically to the mailbox of Megan
Bowen. The solution must NOT use mail flow rules.
To complete this task, sign in to the Microsoft 365 admin center.
See explanation below.
Explanation:
1. In the EAC, go to Recipients > Mailboxes.
2. In the list of user mailboxes, click or tap the mailbox that you want to configure mail forwarding for, and then click or tap
Edit
3. On the mailbox properties page, click Mailbox Features.
4. Under Mail Flow, select View details to view or change the setting for forwarding email messages.
On this page, you can set the maximum number of recipients that the user can send a message to. For on-premises
Exchange organizations, the recipient limit is unlimited. For Exchange Online organizations, the limit is 500 recipients.
5. Check the Enable forwarding check box, and then click or tap Browse.
6. On the Select Recipient page, select a user you want to forward all email to. Select the Deliver message to both
forwarding address and mailbox check box if you want both the recipient and the forwarding email address to get copies of
the emails sent. Click or tap OK, and then click or tap Save.
Reference:
https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-user-mailboxes/configure-email-
forwarding
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in
the review screen.
You have a Microsoft 365 E5 subscription.
You need to ensure that a user named User1 can review audit reports from the Microsoft 365 security center. User1 must be
prevented from tracing messages from the Security admin center.
Solution: You assign the Security administrator role to User1.
Does this meet the goal?
A
Explanation:
Security Administrator can view the audit reports but cannot create a message trace.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/message-trace-scc
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in
the review screen.
You have a Microsoft 365 E5 subscription.
You need to ensure that a user named User1 can review audit reports from the Microsoft 365 security center. User1 must be
prevented from tracing messages from the Security admin center.
Solution: You assign the Security Reader role to User1.
Does this meet the goal?
B
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in
the review screen.
You have a Microsoft 365 E5 subscription.
You need to ensure that a user named User1 can review audit reports from the Microsoft 365 security center. User1 must be
prevented from tracing messages from the Security admin center.
Solution: You assign the Reports reader role to User1.
Does this meet the goal?
B
You have a Microsoft Exchange Server 2019 organization.
You need to ensure that a user named User1 can prevent mailbox content from being deleted if the content contains the
words Fabrikam and Confidential.
What should you do?
A
Explanation:
Reference:
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/holds/holds?view=exchserver-2019
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in
the review screen.
You have a Microsoft Exchange Online tenant that contains 1,000 mailboxes.
All the users in the sales department at your company are in a group named Sales.
The company is implementing a new policy to restrict the use of email attachments for the users in the Sales group.
You need to prevent all email messages that contain attachments from being delivered to the users in the Sales group.
Solution: You configure a mailbox quota.
Does this meet the goal?
B
Explanation:
Create a mail flow rule.
Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/common-attachment-blocking-scenarios
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a
unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in
the review screen.
You have a Microsoft Exchange Online tenant that contains 1,000 mailboxes.
All the users in the sales department at your company are in a group named Sales.
The company is implementing a new policy to restrict the use of email attachments for the users in the Sales group.
You need to prevent all email messages that contain attachments from being delivered to the users in the Sales group.
Solution: You modify the permissions granted to the Sales group.
Does this meet the goal?
B
Explanation:
Create a mail flow rule.
Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/common-attachment-blocking-scenarios
You have a Microsoft Exchange Server 2019 organization.
You need to provide a user named User1 with the ability to create and manage transport rules.
To which management role group should you add User1?
C
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/records-management-exchange-2013-help