You have a Microsoft 365 subscription. You create and run a content search from the Security & Compliance admin center. You need to download the results of the content search. What should you obtain first?

Your company has a Microsoft 365 subscription that includes a user named User1. You suspect that User1 sent email messages to a competitor detailing company secrets. You need to recommend a solution to ensure that you can review any email messages sent by User1 to the competitor, including sent items that were deleted. What should you include in the recommendation?

Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time. When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will n

You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and an Office 365 connector. From the workspace, you plan to create a scheduled query rule that will use a custom query. The rule will be used to generate alerts when inbound access to Office 365 from specific user accounts is detected. You need to ensure that when multiple alerts are generated by the rule, the alerts are consolidated as a single incident per user account. What should you do?

You have a Microsoft 365 E5 subscription that uses Azure Active Directory (Azure AD) Privileged identity Management (PIM). A user named User! is eligible for the User Account Administrator role. You need User! to request to activate the User Account Administrator role. From where should User1 request to activate the role?

You have a Microsoft 365 subscription that contains 1,000 user mailboxes. An administrator named Admin1 must be able to search for the name of a competing company in the mailbox of a user named User5. You need to ensure that Admin1 can search the mailbox of User5 successfully. The solution must prevent Admin1 from sending User5. Solution: You modify the privacy profile, and then create a Data Subject Request (DSR) case. Does this meet the goal?

You have a Microsoft 365 tenant. User attributes are synced from your company’s human resources (HR) system to Azure Active Directory (Azure AD). The company has four departments that each has its own Microsoft SharePoint Online site. Each site must be accessed only by the users from its respective department. You are designing an access management solution that has the following requirements: Users must be added automatically to the security group of their department. All security group owners must verify

You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. You create and enforce an Azure AD Identity Protection sign-in risk policy that has the following settings: Assignments: Include Group1, Exclude Group2 Conditions: Sign in risk of Low and above Access: Allow access, Require password multi-factor authentication You need to identify how the policy affects User1 and User2. What occurs when each user signs in from an anonymous IP

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. You add internal as a blocked word in the group naming policy for contoso.com. You add Contoso- as prefix in the group naming policy for contoso.com. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription and 5,000 users. You create several alert policies that are triggered every time activities match rules. You need to create an alert policy that is triggered when the volume of matched activities becomes unusual. What should you do first?

You have a Microsoft 365 subscription. You create a retention label named Label1 as shown in the following exhibit. You publish Label1 to SharePoint sites. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

You have a Microsoft 365 subscription. You create a supervision policy named Policy1, and you designate a user named User1 as the reviewer. What should User1 use to view supervised communications?

You need to implement a solution to manage when users select links in documents or email messages from Microsoft Office 365 ProPlus applications or Android devices. The solution must meet the following requirements: Block access to a domain named fabrikam.com Store information when the users select links to fabrikam.com To complete this task, sign in to the Microsoft 365 portal.

You need to recommend a solution to protect the sign-ins of Admin1 and Admin2. What should you include in the recommendation?

You have a Microsoft 365 subscription. Auditing is enabled. A user named User1 is a member of a dynamic security group named Group1. You discover that User1 is no longer a member of Group1. You need to search the audit log to identify why User1 was removed from Group1. Which two actions should you use in the search? To answer, select the appropriate activities in the answer area. NOTE: Each correct selection is worth one point.