[2024年04月16日] MS-102試験練習テスト問題(更新された410問あります) [Q198-Q223]

Share

[2024年04月16日]Fast2test MS-102試験練習テスト問題(更新された410問あります)

合格させるMicrosoft MS-102試験情報と無料練習テスト


Microsoft MS-102 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Manage and monitor Microsoft 365 license allocations
  • Create and manage groups, including Microsoft 365 groups
トピック 2
  • Implement and manage multi-factor authentication (MFA)
  • Implement and manage self-service password reset (SSPR)
トピック 3
  • Monitor synchronization by using Azure AD Connect Health
  • Implement and manage directory synchronization by using Azure AD Connect
トピック 4
  • Implement and manage Conditional Access policies
  • Implement and manage Azure AD Identity Protection
トピック 5
  • Implement and manage Azure AD Password Protection
  • Implement and manage directory synchronization by using Azure AD Connect cloud sync
トピック 6
  • Implement and manage authentication methods, including Windows Hello for Business
  • Implement and manage identity synchronization with Azure AD
トピック 7
  • Review and respond to threats identified in threat analytics
  • Implement Microsoft Purview information protection and data lifecycle management
トピック 8
  • Review and respond to endpoint vulnerabilities
  • Implement retention labels, retention label policies, and retention policies
トピック 9
  • Configure notifications in service health
  • Identify and respond to service health issues
トピック 10
  • Review and respond to threats identified in Defender for Office 365, including threats and investigations
  • Review and respond to security incidents and alerts in Microsoft 365

 

質問 # 198
You have Microsoft 365 subscription.
You create an alert policy as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 199
You have a Microsoft 365 E5 tenant that contains 500 Windows 10 devices and a Windows 10 compliance policy.
You deploy a third-party antivirus solution to the devices.
You need to ensure that the devices are marked as compliant.
Which three settings should you modify in the compliance policy? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface Description automatically generated

Reference:
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-windows


質問 # 200
You have a Microsoft 365 subscription.
Your company has a customer ID associated to each customer. The customer IDs contain 10 numbers followed by 10 characters. The following is a sample customer ID: 12-456-7890-abc-de-fghij.
You plan to create a data loss prevention (DLP) policy that will detect messages containing customer IDs.
D18912E1457D5D1DDCBD40AB3BF70D5D
What should you create to ensure that the DLP policy can detect the customer IDs?

  • A. a sensitivity label
  • B. a sensitive information type
  • C. a supervision policy
  • D. a retention label

正解:B

解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/custom-sensitive-info-types?view=o365-worldwide


質問 # 201
You have a Microsoft 365 E5 subscription that contains a user named User1.
User1 exceeds the default daily limit of allowed email messages and is on the Restricted entities list.
You need to remove User1 from the Restricted entities list.
What should you use?

  • A. the Microsoft Entra admin center
  • B. the Exchange admin center
  • C. the Microsoft 365 admin center
  • D. the Microsoft Purview compliance portal
  • E. the Microsoft 365 Defender portal

正解:E

解説:
Explanation
Admins can remove user accounts from the Restricted entities page in the Microsoft 365 Defender portal or in Exchange Online PowerShell.
Remove a user from the Restricted entities page in the Microsoft 365 Defender portal In the Microsoft 365 Defender portal at https://security.microsoft.com, go to Email & collaboration > Review
> Restricted entities. Or, to go directly to the Restricted entities page, use
https://security.microsoft.com/restrictedentities.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/removing-user-from-restricted-user


質問 # 202
You have three devices enrolled in Microsoft Endpoint Manager as shown in the following table.

The device compliance policies in Endpoint Manager are configured as shown in the following table.

The device compliance policies have the assignments shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 203
You have a Microsoft 365 subscription that contains the users in the following table.

In Microsoft Endpoint Manager, you create two device type restrictions that have the settings shown in the following table.

In Microsoft Endpoint Manager, you create three device limit restrictions that have the settings shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 204
You have a Microsoft 365 subscription.
In the Exchange admin center, you have a data loss prevention (DLP) policy named Policy1 that has the following configurations:
Block emails that contain financial data.
Display the following policy tip text: Message blocked.
From the Security & Compliance admin center, you create a DLP policy named Policy2 that has the following configurations:
Use the following location: Exchange email.
Display the following policy tip text: Message contains sensitive data.
When a user sends an email, notify the user if the email contains health records.
What is the result of the DLP policies when the user sends an email? To answer, drag the appropriate results to the correct scenarios. Each result may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation

Box 1: The email will be blocked, and the user will receive the policy tip: Message blocked.
If you've created DLP policies in the Exchange admin center, those policies will continue to work side by side with any policies for email that you create in the Security & Compliance Center. But note that rules created in the Exchange admin center take precedence. All Exchange mail flow rules are processed first, and then the DLP rules from the Security & Compliance Center are processed.
Box 2: The email will be allowed, and the user will receive the policy tip: Message contains sensitive data.
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/how-dlp-works-between-admin-centers


質問 # 205
Your company has 10,000 users who access all applications from an on-premises data center.
You plan to create a Microsoft 365 subscription and to migrate data to the cloud.
You plan to implement directory synchronization.
User accounts and group accounts must sync to Azure AD successfully.
You discover that several user accounts fail to sync to Azure AD.
You need to resolve the issue as quickly as possible.
What should you do?

  • A. Run idfix.exe, and then click Edit.
  • B. From Active Directory Administrative Center, search for all the users, and then modify the properties of the user accounts.
  • C. Run idfix.exe, and then click Complete.
  • D. From Windows PowerShell, run the start-AdSyncSyncCycle -PolicyType Delta command.

正解:A

解説:
Explanation
IdFix is used to perform discovery and remediation of identity objects and their attributes in an on-premises Active Directory environment in preparation for migration to Azure Active Directory. IdFix is intended for the Active Directory administrators responsible for directory synchronization with Azure Active Directory.
Reference:
https://docs.microsoft.com/en-us/office365/enterprise/prepare-directory-attributes-for-synch-with-idfix


質問 # 206
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

You add the following assignment for the User Administrator role:
Scope type: Directory
Selected members: Group1
Assignment type: Active
Assignment starts: Mar 15, 2023
Assignment ends: Aug 15, 2023
You add the following assignment for the Exchange Administrator role:
Scope type: Directory
Selected members: Group2
Assignment type: Eligible
Assignment starts: Jun 15, 2023
Assignment ends: Oct 15, 2023
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation

Box 1: Yes
Admin1 is member of Group1.
The User Administrator role assignment has Group1 as a member.
The assignment type: Active
July 15, 2023 is with the assignment period.
A User Administrator can manage all aspects of users and groups, including resetting passwords for limited admins.
Box 2: No
Admin2 is member of Group2.
The Exchange Administrator role assignment has Group2 as a member.
The assignment type: Eligible
June 20, 2023 is with the assignment period.
The assignment must be approved.
Note: Eligible assignment requires member or owner to perform an activation to use the role. Activations may also require providing a multi-factor authentication (MFA), providing a business justification, or requesting approval from designated approvers.
Box 3: Yes
Admin3 is member of Gropu1 and Group2.
The User Administrator role assignment has Group1 as a member.
The assignment type: Active
May 1, 2023 is with the assignment period.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/groups-assign-member-


質問 # 207
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint site named Sitel. You need to perform the following tasks:
* Create a sensitive info type named SIT1 based on a regular expression.
* Add a watermark to all new documents that are matched by SIT1.
Which two settings should you use in the Microsoft Purview compliance portal? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 208
HOTSPOT
You have a Microsoft 365 E5 subscription.
From Azure AD Privileged Identity Management (PIM), you configure Role settings for the Global Administrator role as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

正解:

解説:

Box 1: will lose the role after eight hours
From exhibit: Activation, Activation maximum duration (hours): 8 hour(s) Box 2: for up to three months We see from exhibit: Assignment, Expire eligible assignment after: 3 month(s)


質問 # 209
You have a Microsoft 365 E5 subscription that contains the devices shown in the following table.

All the devices are onboarded To Microsoft Defender for Endpoint
You plan to use Microsoft Defender Vulnerability Management to meet the following requirements:
* Detect operating system vulnerabilities.

正解:

解説:

Explanation


質問 # 210
You have a Microsoft 365 subscription that contains the users shown in the following table.

You have the named locations shown in the following table.

You create a conditional access policy that has the following configurations:
* Users or workload identities:
o Include: Group1
o Exclude: Group2
* Cloud apps or actions: Include all cloud apps
* Conditions:
o Include: Any location
o Exclude: Montreal
* Access control: Grant access, Require multi-factor authentication
User1 is on the multi-factor authentication (MFA) blocked users list.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 211
You have a Microsoft Azure Active Directory (Azure AD) tenant named Contoso.com.
You create a Microsoft Defender for identity instance Contoso.
The tenant contains the users shown in the following table.

You need to modify the configuration of the Defender for identify sensors.
Solutions: You instruct User3 to modify the Defender for identity sensor configuration.
Does this meet the goal?

  • A. Yes
  • B. No

正解:A


質問 # 212
You have a Microsoft 365 E5 subscription.
Your company s Microsoft Secure Score recommends the actions shown in the following exhibit.

You select Create Safe Links policies for email messages and change Status to Risk accepted in the Status & action plan settings.
How does the change affect the Secure Score?

  • A. increases by 9 points
  • B. remains the same
  • C. decreases by 9 points
  • D. increases by 1 point
  • E. decreases by 1 point

正解:B


質問 # 213
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 E5 subscription.
You create an account for a new security administrator named SecAdmin1.
You need to ensure that SecAdmin1 can manage Office 365 Advanced Threat Protection (ATP) settings and policies for Microsoft Teams, SharePoint, and OneDrive.
Solution: From the Azure Active Directory admin center, you assign SecAdmin1 the Security administrator role.
Does this meet the goal?

  • A. Yes
  • B. No

正解:A


質問 # 214
You have a Microsoft 365 subscription that links to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
A user named User1 stores documents in Microsoft OneDrive.
You need to place the contents of User1's OneDrive account on an eDiscovery hold.
Which URL should you use for the eDiscovery hold? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation

Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-ediscovery-holds


質問 # 215
You have a Microsoft 365 subscription.
From the Microsoft 365 admin center, you open the Microsoft 365 Apps usage report as shown in the following exhibit.

You need ensure that the report meets the following requirements:
* The Username column must display the actual name of each user.
* Usage of the Microsoft Teams mobile app must be displayed.
What should you modify for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 216
You have a Microsoft 365 E5 subscription.
You define a retention label that has the following settings:
* Retention period 7 years
* Start the retention period bated on: When items were created
You need to prevent the removal of the label once the label K applied to a lie What should you select in the retention label settings?

  • A. Mark items as a regulatory record
  • B. Retain items even If users delete
  • C. Retain items forever
  • D. Mark items as a record

正解:D


質問 # 217
You have a Microsoft 365 E5 tenant that contains the resources shown in the following table.

To which resources can you apply a sensitivity label by using an auto-labeling policy?

  • A. Account1 and Site1 only
  • B. Mailbox1 and Site1 only
  • C. Mailbox1, Account1, and Site1 only
  • D. Account1, Site1, and Channel1 only
  • E. Mailbox1, Account1, Site1, and Channel1

正解:D

解説:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide


質問 # 218
You have a Microsoft 365 E5 tenant
You create a data toss prevention (DLP) policy to prevent users from using Microsoft Teams to share internal documents with external users.
To which two locations should you apply the policy? To answer, select the appropriate locations in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 219
HOTSPOT
You have a Microsoft 365 subscription.
You deploy the anti-phishing policy shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation

Box 1: Enable users to protect
Anti-phishing policies in Defender for Office 365 also have impersonation settings where you can specify individual sender email addresses or sender domains that will receive impersonation protection.
User impersonation protection
User impersonation protection prevents specific internal or external email addresses from being impersonated as message senders. For example, you receive an email message from the Vice President of your company asking you to send her some internal company information. Would you do it? Many people would send the reply without thinking.
You can use protected users to add internal and external sender email addresses to protect from impersonation.
This list of senders that are protected from user impersonation is different from the list of recipients that the policy applies to (all recipients for the default policy; specific recipients as configured in the Users, groups, and domains setting in the Common policy settings section).
When you add internal or external email addresses to the Users to protect list, messages from those senders are subject to impersonation protection checks. The message is checked for impersonation if the message is sent to a recipient that the policy applies to (all recipients for the default policy; Users, groups, and domains recipients in custom policies). If impersonation is detected in the sender's email address, the action for impersonated users is applied to the message.
Box 2: Add trusted senders and domains
Trusted senders and domains
Trusted senders and domain are exceptions to the impersonation protection settings. Messages from the specified senders and sender domains are never classified as impersonation-based attacks by the policy. In other words, the action for protected senders, protected domains, or mailbox intelligence protection aren't applied to these trusted senders or sender domains. The maximum limit for these lists is 1024 entries.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-policies-about


質問 # 220
You have a Microsoft 365 E5 subscription.
You need to configure a group naming policy.
Which portal should you use, and to which types of groups will the policy apply? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation


質問 # 221
You have a Microsoft 365 E5 tenant that uses Microsoft Intune.
You need to configure Intune to meet the following requirements:
Prevent users from enrolling personal devices.
Ensure that users can enroll a maximum of 10 devices.
What should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation
Graphical user interface, text, application, chat or text message Description automatically generated

Reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set#blocking-personal-windows


質問 # 222
You have a new Microsoft 365 E5 tenant.
You need to enable an alert policy that will be triggered when an elevation of Microsoft Exchange Online administrative privileges is detected.
What should you do first?

  • A. Enable Microsoft 365 usage analytics.
  • B. Enable auditing.
  • C. Create an Insider risk management policy.
  • D. Create a communication compliance policy.

正解:B

解説:
Explanation
Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization.
Note: Permissions alert policies
Example: Elevation of Exchange admin privilege
Generates an alert when someone is assigned administrative permissions in your Exchange Online organization. For example, when a user is added to the Organization Management role group in Exchange Online.
Reference:
https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-solutions-overview
https://learn.microsoft.com/en-us/microsoft-365/compliance/alert-policies


質問 # 223
......

あなたを合格させるMicrosoft試験にはMS-102試験問題集:https://jp.fast2test.com/MS-102-premium-file.html

MS-102試験問題集PDF更新された問題集にはFast2test試験合格保証付き:https://drive.google.com/open?id=15xSROu05xO7KzPqrpsA9LwfqV_LQT5Kn


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어