You have a Microsoft 365 subscription that uses Microsoft 365 Defender.
You need to compare your company's security configurations to Microsoft best practices and review improvement actions to increase the security posture.
What should you use?
You have a Microsoft 365 E5 subscription.
You create a new data loss prevention (DLP) policy named DLP1 that protects financial data from being shared by using Microsoft Teams messages. You apply DLP1 to the users in the finance department.
An incident is raised when a finance department user named User1 shares financial data in a Teams channel that includes external members.
When User1 uses Teams to send the same message in a 1:1 chat or a private channel, the message is blocked as expected.
You need to ensure that User1 is prevented from sharing financial data in Teams channels that include external members.
What should you do?
: 221
You have a Microsoft 365 E5 subscription.
Users have the devices shown in the following table.
On which devices can you manage apps by using app configuration policies in Microsoft Endpoint Manager?
You have a Microsoft 365 subscription.
You have a data loss prevention (DLP) policy that blocks sensitive data from being shared in email messages.
You need to modify the policy so that when an email message containing sensitive data is sent to both external and internal recipients, the message is only prevented from being delivered to the external recipients.
What should you modify?
: 218 HOTSPOT
You have a Microsoft 365 E5 subscription linked to an Azure Active Directory (Azure AD) tenant. The tenant contains a group named Group1 and the users shown in the following table:
The tenant has a conditional access policy that has the following configurations:
Name: Policy1
Assignments:
- Users and groups: Group1
- Cloud aps or actions: All cloud apps
Access controls:
Grant, require multi-factor authentication
Enable policy: Report-only
You set Enabled Security defaults to Yes for the tenant.
For each of the following settings select Yes, if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription. You plan to use Microsoft Entra ID Protection.
You need to ensure that account passwords must be changed if account credential. What should you configure?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Microsoft Defender for Office 365 settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Microsoft Entra admin center, you assign SecAdmin1 the Security Administrator role.
Does this meet the goal?
Your company has a hybrid deployment of Microsoft 365.
An on-premises user named User1 is synced to Azure AD.
Azure AD Connect is configured as shown in the following exhibit
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.
All the devices are onboarded To Microsoft Defender for Endpoint
You plan to use Microsoft Defender Vulnerability Management to meet the following requirements:
• Detect operating system vulnerabilities.
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Cloud Apps.
You need to be notified when a single user downloads more than 50 files during any 60-second period.
What should you configure?
