Valid MS-101 Dumps shared by PassLeader for Helping Passing MS-101 Exam! PassLeader now offer the newest MS-101 VCE dumps and MS-101 PDF dumps, the PassLeader MS-101 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader MS-101 dumps with VCE and PDF here: https://www.passleader.com/ms-101.html (291 Q&As Dumps –> 331 Q&As Dumps –> 351 Q&As Dumps –> 383 Q&As Dumps –> 518 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader MS-101 dumps from Cloud Storage: https://drive.google.com/open?id=1sFmn9dFNysQ7vB81xG2ETWkNUxgpyxtK
NEW QUESTION 211
You have two conditional access policies named Policy1 and Policy2. Policy1 has the following settings:
1. Assignments:
– Users and groups: User1
– Cloud apps or actions: Office 365 Exchange Online
– Conditions: 0 conditions selected
2. Access controls:
– Grant: Grant access
– Session: 0 controls selected
– Enable policy: On
Policy2 has the following settings:
1. Assignments:
– Users and groups: User1
– Cloud apps or actions: Office 365 Exchange Online
– Conditions: 0 conditions selected
2. Access controls:
– Grant: Block access
– Session: 0 controls selected
– Enable policy: On
You need to ensure that User1 can access Microsoft Exchange Online only from devices that are marked as compliant. What should you do?
A. Modify the Grant settings of Policy2.
B. Disable Policy2.
C. Modify the Conditions settings of Policy2.
D. Modify the Grant settings of Policy1.
Answer: C
NEW QUESTION 212
You have a Microsoft 365 E5 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. You need to ensure that users can enroll devices in Microsoft Endpoint Manager without manually entering the address of Microsoft Endpoint Manager. Which two DNS records should you create? (Each correct answer presents part of the solution. Choose two.)
A. a CNAME record for AutoDiscover.contoso.com
B. a CNAME record for EnterpriseEnrollment.contoso.com
C. a TXT record for EnterpriseRegistration.contoso.com
D. an SRV record for _SIP._TLS.contoso.com
E. an SRV record for _SIPfederationTLS.contoso.com
F. a CNAME record for EnterpriseRegistration.contoso.com
G. a TXT record for EnterpriseEnrollment.contoso.com
Answer: BF
Explanation:
https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enroll#simplify-windows-enrollment-without-azure-ad-premium
NEW QUESTION 213
You have a Microsoft 365 subscription that contains 500 users. You have several hundred computers that run the 64-bit version of Windows 10 Enterprise and have the following configurations:
– Two volumes that contain data
– A CPU that has two cores
– TPM disabled
– 4 GB of RAM
All the computers are managed by using Microsoft Intune. You need to ensure that you can turn on Windows Defender Application Guard on the computers. What should you do first?
A. Modify the edition of Windows 10.
B. Create an additional volume.
C. Replace the CPU and enable TPM.
D. Replace the CPU and increase the RAM.
Answer: D
Explanation:
The computers need 4 CPU cores and 8GB of RAM.
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard
NEW QUESTION 214
You have a Microsoft 365 E5 subscription that uses Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). From Microsoft Defender ATP, you turn on the allow or block file advanced feature. You need to block users from downloading a file named File1.exe. What should you use?
A. a suppression rule
B. an indicator
C. a device configuration profile
Answer: B
Explanation:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts#allow-or-block-file
NEW QUESTION 215
You have a Microsoft 365 subscription that uses a default domain named contoso.com. You have two users named User1 and User2. From the Security & Compliance admin center, you add User1 to the eDiscovery Manager role group. From the Security & Compliance admin center, User1 creates a case named Case1. You need to ensure that User1 can add User2 as a case member. The solution must use the principle of least privilege. To which role group should you add User2?
A. eDiscovery Manager
B. eDiscovery Administrator
C. Security Administrator
Answer: A
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/add-or-remove-members-from-a-case-in-advanced-ediscovery?view=o365-worldwide
NEW QUESTION 216
Your company has a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com. You sign for Microsoft Store for Business. The tenant contains the users shown in the following table:
Microsoft Store for Business has the following Shopping behavior settings:
– Allow users to shop is set to On.
– Make everyone a Basic Purchaser is set to Off.
You need to identify which users can install apps from the Microsoft for Business private store. Which users should you identify?
A. User1 and User2.
B. User1 only.
C. User1, User2, User3, and User4.
D. User3 and User4.
E. User1, User2, User3, User4, and User5.
Answer: A
Explanation:
Allow users to shop controls the shopping experience in Microsoft Store for Education. When this setting is on, Purchasers and Basic Purchasers can purchase products and services from Microsoft Store for Education.
https://docs.microsoft.com/en-us/microsoft-store/acquire-apps-microsoft-store-for-business
NEW QUESTION 217
You have a Microsoft 365 subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table:
You create and assign a data loss prevention (DLP) policy named Policy1. Policy1 is configured to prevent documents that contain Personally Identifiable Information (PII) from being emailed to users outside your organization. To which users can User1 send documents that contain PII?
A. User2 only.
B. User2 and User3.
C. User2, User3, and User4.
D. User2, User3, User4, and User5.
Answer: B
Explanation:
Guest accounts are considered “outside your organization”. Users who have non-guest accounts in a host organization’s Active Directory or Azure Active Directory tenant are considered as people inside the organization.
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
NEW QUESTION 218
You have a Microsoft 365 subscription that uses Security & Compliance retention policies. You implement a preservation lock on a retention policy that is assigned to all executive users. Which two actions can you perform on the retention policy? (Each correct answer presents a complete solution. Choose two.)
A. Add locations to the policy.
B. Reduce the duration of policy.
C. Remove locations from the policy.
D. Extend the duration of the policy.
E. Disable the policy.
Answer: AD
NEW QUESTION 219
You have a Microsoft 365 subscription. Your company has a customer ID associated to each customer. The customer IDs contain 10 numbers followed by 10 characters. The following is a sample customer ID: 12-456-7890-abc-de-fghij. You plan to create a data loss prevention (DLP) policy that will detect messages containing customer IDs. What should you create to ensure that the DLP policy can detect the customer IDs?
A. a sensitive information type
B. a sensitivity label
C. a supervision policy
D. a retention label
Answer: A
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/custom-sensitive-info-types?view=o365-worldwide
NEW QUESTION 220
You have a Microsoft 365 subscription that contains a user named User1. You need to ensure that User1 can search the Microsoft 365 audit logs from the Security & Compliance admin center. Which role should you assign to User1?
A. View-Only Audit Logs in the Security & Compliance admin center.
B. View-Only Audit Logs in the Exchange admin center.
C. Security Reader in the Azure Active Directory admin center.
D. Security Reader in the Security & Compliance admin center.
Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-worldwide
NEW QUESTION 221
Hotspot
You have a Microsoft 365 subscription that contains the users shown in the following table:
You run the following cmdlet:
Set-MailboxAuditBypassAssociation –Identity User2 -AuditByPassEnabled $true
The users perform the following actions:
– User1 accesses an item in the mailbox of User2.
– User2 modifies a mailbox item in the mailbox of User3.
– User3 signs in to her mailbox.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
Explanation:
https://docs.microsoft.com/en-us/powershell/module/exchange/set-mailboxauditbypassassociation?view=exchange-ps
NEW QUESTION 222
Hotspot
You have a Microsoft 365 subscription. Your network uses an IP address space of 51.40.15.0/24. An Exchange Online administrator recently created a role named Role1 from a computer on the network. You need to identify the name of the administrator by using an audit log search. For which activities should you search and by which field should you filter in the audit log search? (To answer, select the appropriate options in the answer area.)
NEW QUESTION 223
……
Get the newest PassLeader MS-101 VCE dumps here: https://www.passleader.com/ms-101.html (291 Q&As Dumps –> 331 Q&As Dumps –> 351 Q&As Dumps –> 383 Q&As Dumps –> 518 Q&As Dumps)
And, DOWNLOAD the newest PassLeader MS-101 PDF dumps from Cloud Storage for free: https://drive.google.com/open?id=1sFmn9dFNysQ7vB81xG2ETWkNUxgpyxtK