MS-101 practice questions
You plan to deploy Microsoft Exchange Server 2019. You need to verify whether the Active Directory environment is prepared for the deployment. What are two methods to verify whether the Active Directory environment is prepared? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. A. Use ADSI Edit.
B. Run the Get-ExchangeServer cmdlet.
C. Review the Exchange.Setup log.
D. Run the Get-ADForest cmdlet.
E. Run the dcdiag.exe command.
Discussion forum
Question
You have a Microsoft Exchange Server 2013 organization that has the following configurations: ✑ The forest functional level if Active Directory is Windows Server 2008 R2. ✑ The domain controllers in Active Directory run Windows Server 2012 R2. ✑ The Exchange servers run Windows Server 2012 Datacenter. You plan to upgrade the organization to Exchange Server 2019. You need to ensure that the organization meets the minimum supported requirements for the upgrade. What should you do?
A. Upgrade the Exchange servers to Windows Server 2019.
B. Raise the forest functional level to Windows Server 2012 R2.
C. Upgrade the Exchange servers to Windows Server 2016.
D. Upgrade the domain controllers to Windows Server 2016.
Discussion forum
Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 E5 subscription that contains a user named User1. You need to enable User1 to create Compliance Manager assessments. Solution: From the Microsoft 365 admin center, you assign User1 the Compliance admin role. Does this meet the goal?
A. Yes
B. No
Discussion forum
Question
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft 365 E5 subscription that contains a user named User1. You need to enable User1 to create Compliance Manager assessments. Solution: From the Microsoft 365 admin center, you assign User1 the Compliance data admin role. Does this meet the goal?
A. Yes
B. No
Discussion forum
Question
You have a Microsoft 365 tenant. You plan to implement Endpoint Protection device configuration profiles. Which platform can you manage by using the profiles?
A. Ubuntu Linux
B. macOS
C. iOS
D. Android
Discussion forum
Question
You have a Microsoft 365 E5 tenant. The Microsoft Secure Score for the tenant is shown in the following exhibit. You plan to enable Security defaults for Azure Active Directory (Azure AD). Which three improvement actions will this affect?
A. Require MFA for administrative roles.
B. Ensure all users can complete multi-factor authentication for secure access
C. Enable policy to block legacy authentication
D. Enable self-service password reset
E. Use limited administrative roles
Discussion forum
Question
You have a Microsoft 365 tenant that contains the groups shown in the following table. You plan to create a new Windows 10 Security Baseline profile. To which groups can you assign to the profile?
A. Group3 only
B. Group1 and Group3 only
C. Group2 and Group3 only
D. Group1, Group2, and Group3
Discussion forum
Question
You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy. You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps. Which policy type should you configure?
A. conditional access
B. account protection
C. attack surface reduction (ASR)
D. Endpoint detection and response
Discussion forum
Question
You have a Microsoft 365 tenant. You plan to implement Endpoint Protection device configuration profiles. Which platform can you manage by using the profiles?
A. Android Enterprise
B. Windows 10
C. Windows 8.1
D. Android
Discussion forum
Question
You have a Microsoft 365 E5 subscription. You plan to implement Microsoft 365 compliance policies to meet the following requirements: ✑ Identify documents that are stored in Microsoft Teams and SharePoint Online that contain Personally Identifiable Information (PII). ✑ Report on shared documents that contain PII. What should you create?
A. an alert policy
B. a data loss prevention (DLP) policy
C. a retention policy
D. a Microsoft Defender for Cloud Apps policy
Discussion foVrum
Question
You have a Microsoft 365 tenant that contains a Windows 10 device. The device is onboarded to Microsoft Defender for Endpoint. From Microsoft Defender Security Center, you perform a security investigation. You need to run a PowerShell script on the device to collect forensic information. Which action should you select on the device page?
A. Initiate Live Response Session
B. Initiate Automated Investigation
C. Collect investigation package
D. Go hunt
Discussion forum
Question
You have a Microsoft 365 E5 subscription that has Microsoft Defender for Endpoint integrated with Microsoft Endpoint Manager. Devices are onboarded by using Microsoft Defender for Endpoint. You plan to block devices based on the results of the machine risk score calculated by Microsoft Defender for Endpoint. What should you create first?
A. a device configuration policy
B. a device compliance policy
C. a conditional access policy
D. an endpoint detection and response policy
Discussion forum
Question
You have a Microsoft 365 E5 subscription. All users have Mac computers. All the computers are enrolled in Microsoft Endpoint Manager and onboarded to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). You need to configure Microsoft Defender ATP on the computers. What should you create from the Endpoint Management admin center?
A. a Microsoft Defender ATP baseline profile
B. a device configuration profile
C. an update policy for iOS
D. a mobile device management (MDM) security baseline profile
Discussion forum
Question
You have a Microsoft 365 tenant. You plan to manage incidents in the tenant by using the Microsoft 365 Defender. Which Microsoft service source will appear on the Incidents page of the Microsoft 365 Defender portal?
A. Microsoft Sentinel
B. Azure Web Application Firewall
C. Microsoft Defender for Cloud
D. Microsoft Defender for Identity
Discussion forum
Question
You have a Microsoft 365 tenant. You plan to manage incidents in the tenant by using the Microsoft 365 Defender. Which Microsoft service source will appear on the Incidents page of the Microsoft 365 Defender?
A. Microsoft Defender for Cloud Apps
B. Azure Sentinel
C. Azure Web Application Firewall
D. Azure Information Protection
Discussion forum
Question