Your network contains an on-premises Active Directory domain named contoso.com. The domain contains 1,000 Windows 10 devices. You perform a proof of concept (PoC) deployment of Windows Defender Advanced Threat Protection (ATP) for 10 test devices. During the onboarding process, you configure Windows Defender ATP-related data to be stored in the United States. You plan […]

Your company has five security information and event management (SIEM) appliances. The traffic logs from each appliance are saved to a file share named Logs. You need to analyze the traffic logs. What should you do from Microsoft Cloud App Security? A. Click Investigate, and then click Activity log. B. Click Control, and then click […]

Your company has a Microsoft 365 tenant. The company sells products online and processes credit card information. You need to be notified if a file stored in Microsoft SharePoint Online contains credit card information. The file must be removed automatically from its current location until an administrator can review its contents. What should you use? […]

Your company has 5,000 Windows 10 devices. All the devices are protected by using Windows Defender Advanced Threat Protection (ATP). You need to view which Windows Defender ATP alert events have a high severity and occurred during the last seven days. What should you use in Windows Defender ATP? A. the threat intelligence API B. […]

You create a new Microsoft 365 subscription and assign Microsoft 365 E3 licenses to 100 users. From the Security & Compliance admin center, you enable auditing. You are planning the auditing strategy. Which three activities will be audited by default? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point. […]

You deploy Microsoft Azure Information Protection. You need to ensure that a security administrator named SecAdmin1 can always read and inspect data protected by Azure Rights Management (Azure RMS). What should you do? A. From the Security & Compliance admin center, add User1 to the eDiscovery Manager role group. B. From the Azure Active Directory […]

You plan to use the Security & Compliance admin center to import several PST files into Microsoft 365 mailboxes. Which three actions should you perform before you import the data? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. From the Exchange admin center, create a public […]

You have a Microsoft 365 subscription. You need to view the IP address from which a user synced a Microsoft SharePoint library. What should you do? A. From the SharePoint admin center, view the usage reports. B. From the Security & Compliance admin center, perform an audit log search. C. From the Microsoft 365 admin […]

You are testing a data loss prevention (DLP) policy to protect the sharing of credit card information with external users. During testing, you discover that a user can share credit card information with external users by using email. However, the user is prevented from sharing files that contain credit card information by using Microsoft SharePoint […]

You have a Microsoft 365 subscription. You need to investigate user activity in Microsoft 365, including from where users signed in, which applications were used, and increases in activity during the past month. The solution must minimize administrative effort. Which admin center should you use? A. Azure ATP B. Security & Compliance C. Cloud App […]