Home » Microsoft MS-101

Instructies

  1. Alle 40 vragen moeten worden ingevuld.
  2. Er zijn geen strikvragen.
  3. Je moet ten minste 32 vragen goed beantwoorden om te slagen

1. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.*
Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You create a device configuration profile from the Device Management admin center.
Does this meet the goal?
2. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to an Active Directory group. Does this meet the goal?*
Solution: You add Device1 to an Active Directory group. Does this meet the goal?
3. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager.*
Solution: You unjoin Device1 from the Active Directory domain. Does this meet the goal?
4. You have Windows 10 Pro devices that are joined to an Active Directory domain. You plan to create a Microsoft 365 tenant and to upgrade the devices to Windows 10 Enterprise. You are evaluating whether to deploy Windows Hello for Business for SSO to Microsoft 365 services.*
What are two prerequisites of the deployment? Each correct answer presents a complete solution.
5. You have a Microsoft 365 tenant. All users are assigned the Enterprise Mobility + Security license. You need to ensure that when users join their device to Microsoft Azure Active Directory (Azure AD), the device is enrolled in Microsoft Intune automatically.*
What should you configure?
6. Your company uses Microsoft System Center Configuration Manager (Current Branch) and Microsoft Intune to co-manage devices.*
Which two actions can be performed only from Intune? Each correct answer presents a complete solution.
7. You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. You have a Microsoft 365 subscription. You need to ensure that administrators can manage the configuration settings for all the Windows 10 devices in your organization.*
What should you configure?
8. You have computers that run Windows 10 Enterprise and are joined to the domain. You plan to delay the installation of new Windows builds so that the IT department can test application compatibility. You need to prevent Windows from being updated for the next 30 days.*
Which two Group Policy settings should you configure? Each correct answer presents part of the solution.
9. You are deploying Microsoft Intune. You successfully enroll Windows 10 devices in Intune. When you try to enroll an iOS device in Intune, you get an error. You need to ensure that you can enroll the iOS device in Intune. Solution: You create the Mobility (MDM and MAM) settings.*
Does this meet the goal?
10. Your network contains an Active Directory domain named contoso.com that is synced to Microsoft Azure Active Directory (Azure AD). You manage Windows 10 devices by using Microsoft System Center Configuration Manager (Current Branch). You configure pilot co-management. You add a new device named Device1 to the domain. You install the Configuration Manager client on Device1. You need to ensure that you can manage Device1 by using Microsoft Intune and Configuration Manager. Solution: You add Device1 to a Configuration Manager device collection.*
Does this meet the goal?
11. Your company has a Microsoft 365 E5 subscription. Users in the research department work with sensitive data. You need to prevent the research department users from accessing potentially unsafe websites by using hyperlinks embedded in email messages and documents. Users in other departments must not be restricted.*
What should you do from the Security & Compliance admin center?
12. You have a Microsoft 365 tenant. You have a line-of-business application named App1 that users access by using the My Apps portal. After some recent security breaches, you implement a conditional access policy for App1 that uses Conditional Access App Control. You need to be alerted by email if impossible travel is detected for a user of App1. The solution must ensure that alerts are generated for App1 only.*
What should you do?
13. A user receives the following message when attempting to sign in to https://myapps.microsoft.com: “Your sign-in was blocked. We’ve detected something unusual about this sign-in. For example, you might be signing in from a new location, device, or app. Before you can continue, we need to verify your identity. Please contact your admin.”*
Which configuration prevents the users from signing in?
14. Your network contains an Active Directory domain named contoso.com. The domain contains 100 Windows 8.1 devices. You plan to deploy a custom Windows 10 Enterprise image to the Windows 8.1 devices. You need to recommend a Windows 10 deployment method.*
What should you recommend?
15. You use Microsoft System Center Configuration Manager (Current Branch) to manage devices. Your company uses the following types of devices:*
• Windows 10
• Windows 8.1
• Android
• iOS

Which devices can be managed by using co-management?
16. Your company has a Microsoft 365 E3 subscription. All devices run Windows 10 Pro and are joined to Microsoft Azure Active Directory (Azure AD). You need to change the edition of Windows 10 to Enterprise the next time users sign in to their computer. The solution must minimize downtime for the users.*
What should you use?
17. Your company has a Microsoft 365 subscription. The subscription contains 500 devices that run Windows 10 and 100 devices that run iOS. You need to create Microsoft Intune device configuration profiles to meet the following requirements:*
• Configure Wi-Fi connectivity to a secured network named ContosoNet.
• Require passwords of at least six characters to lock the devices.

What is the minimum number of device configuration profiles that you should create?
18. Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices. You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States. You plan to onboard all the devices to Windows Defender ATP. You need to store the Windows Defender ATP data in Europe.*
What should you first?
19. You have a Microsoft 365 subscription. You need to be notified if users receive email containing a file that has a virus.*
What should you do?
20. Your company uses Microsoft Azure Advanced Threat Protection (ATP) and Windows Defender ATP. You need to integrate Windows Defender ATP and Azure ATP.*
What should you do?
21. You have a Microsoft 365 subscription. Your company purchases a new financial application named App1. From Cloud Discovery in Microsoft Cloud App Security, you view the Discovered apps page and discover that many applications have a low score because they are missing information about domain registration and consumer popularity. You need to prevent the missing information from affecting the score.*
What should you configure from the Cloud Discover settings?
22. Your network contains an on-premises Active Directory domain. Your company has a security policy that prevents additional software from being installed on domain controllers. You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP).*
What should you do? More than one answer choice may achieve the goal. Select the BEST answer.
23. The users at your company use Dropbox Business to store documents. The users access Dropbox Business by using the MyApps portal. You need to ensure that user access to Dropbox Business is authenticated by using a Microsoft 365 identity. The documents must be protected if the data is downloaded to a device that is not trusted.*
What should you do?
24. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future. Solution: From the SharePoint admin center, you modify the sharing settings.*
Does this meet the goal?
25. You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network. Solution: From the Device Management admin center, you create a trusted location and a compliance policy*
Does this meet the goal?
26. You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network. Solution: From the Microsoft 365 admin center, you configure the Organization profile settings.*
Does this meet the goal?
27. You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network. Solution: From the Azure Active Directory admin center, you create a trusted location and a conditional access policy.*
Does this meet the goal?
28. You have a Microsoft 365 subscription. All users have their email stored in Microsoft Exchange Online. In the mailbox of a user named User1, you need to preserve a copy of all the email messages that contain the word ProjectX.*
What should you do?
29. You have a Microsoft 365 subscription. You recently configured a Microsoft SharePoint Online tenant in the subscription. You plan to create an alert policy. You need to ensure that an alert is generated only when malware is detected in more than five documents stored in SharePoint Online during a period of 10 minutes.*
What should you do first?
30. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future.*
Solution: From the Security & Compliance admin center, you create a threat management policy.
Does this meet the goal?
31. You have a Microsoft 365 subscription. You need to be notified if users receive email containing a file that has a virus.*
What should you do?
32. You have a Microsoft Azure Active Directory (Azure AD) tenant. The organization needs to sign up for Microsoft Store for Business. The solution must use the principle of least privilege.*
Which role should you assign to the user?
33. You have a Microsoft 365 subscription. You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization. You need to be notified if the SharePoint sharing policy is modified in the future. Solution: From the SharePoint site, you create an alert.*
Does this meet the goal?
34. You have a Microsoft 365 subscription and an on-premises Active Directory domain named contoso.com. All client computers run Windows 10 Enterprise and are joined to the domain. You need to enable Windows Defender Credential Guard on all the computers.*
What should you do?
35. Your company has 5,000 Windows 10 devices. All the devices are protected by using Windows Defender Advanced Threat Protection (ATP). You need to create a filtered view that displays which Windows Defender ATP alert events have a high severity and occurred during the last seven days.*
What should you use in Windows Defender ATP?
36. You have a Microsoft 365 subscription. You need to prevent users from accessing your Microsoft SharePoint Online sites unless the users are connected to your on-premises network. Solution: From the Device Management admin center, you create a device configuration profile.*
Does this meet the goal?
37. You have an Azure Active Directory (Azure AD) tenant that contains a user named User1. Your company purchases a Microsoft 365 subscription. You need to ensure that User1 is assigned the required role to create file policies and manage alerts in the Cloud App Security admin center. Solution: From the Security & Compliance admin center, you assign the Security Administrator role to User1.*
Does this meet the goal?
38. You have an Azure Active Directory (Azure AD) tenant that contains a user named User1. Your company purchases a Microsoft 365 subscription. You need to ensure that User1 is assigned the required role to create file policies and manage alerts in the Cloud App Security admin center. Solution: From the Azure Active Directory admin center, you assign the Security administrator role to User1.*
Does this meet the goal?
39. You need to notify the manager of the human resources department when a user in the department shares a file or folder from the department’s Microsoft SharePoint site.*
What should you do?
40. Your company uses on-premises Windows Server File Classification Infrastructure (FCI). Some documents on the on-premises file servers are classified as Confidential. You migrate the files from the on-premises file servers to Microsoft SharePoint Online. You need to ensure that you can implement data loss prevention (DLP) policies for the uploaded file based on the Confidential classification.*
What should you do first?

Uitgelicht

Waarom is Cyber Security zo belangrijk?

De digitalisering blijft toenemen en biedt veel kansen voor bedrijven, niet alleen in de IT-sector maar in alle sectoren. Dit betekent ook dat cybercriminaliteit toeneemt. Gegevens worden digitaal opgeslagen voor…

Lees verder »

Linden-IT winst samen met Consortium FlexValue aanbesteding Belastingdienst

Utrecht – Afgelopen tijd heeft FlexValue samen met haar vaste partners een bijzondere prestatie neergezet. FlexValue is geselecteerd als leverancier voor de flexibele IT-inhuur door de Belastingdienst. In oktober 2021…

Lees verder »

Windows 11 is er!

Het wachten is voorbij! Het is 5 oktober en dat betekend dat je eindelijk kan upgraden naar het nieuwe Windows 11-besturingssysteem! Er is veel te ontdekken in over deze nieuwe…

Lees verder »

Hoe kunnen we je helpen?

Laat ons weten hoe we kunnen bereiken.

Vacature is toegevoegd aan je favorieten!

Vacature is verwijderd uit je favorieten!